Jump to content

PHP Check Login SESSIONS Help

dangillow

By dangillow
in PHP Coding Help

 Share

Recommended Posts

dangillow Newbie

dangillow

Posted
Posted
Hi There,

This PHP script is driving me nuts! I have an employee table which stores employee_id and password used for logging in to the website. I've written a a check_login.php file which keeps telling me "Wrong Password" when tee username and password are correct. Here's my code? Am I doing something stupid!  ;)

[code]
<?php

session_start();

$_SESSION['employee_id'] = $_POST['employee_id'];  // Use This for passing variables with session
$_SESSION['password'] = md5($_POST['password']);

// Login information

include('db_login.php');

// Connect

$connection = mysql_connect($db_host, $db_username, $db_password);

if (!$connection)
{
    die ("Could not connect to the database: <br> />". mysql_error());
}

// Select the database

$db_select=mysql_select_db($db_database);

if (!$db_select)

{
    die ("Could not select the database: <br> />". mysql_error());
}

// Execute query
$employee_id = $_POST['employee_id'];
$password = md5($_POST['password']);



$query = "SELECT * FROM employee WHERE employee_id='$employee_id' and password='$password'";

$result = mysql_query($query) or die(mysql_error());

$count=mysql_num_rows($result);

echo "$count Rows Returned ";

if($count > 0)

{

$_SESSION['employee_id'] = $_POST['employee_id'];
$_SESSION['password'] = md5($_POST['password']);

header("location:welcome.php");

}

else

{

echo "Wrong Username or Password";

}

mysql_close($connection);

?>
[/code]

Thanks!

Danny
Link to comment
https://forums.phpfreaks.com/topic/25729-php-check-login-sessions-help/
Share on other sites
scliburn Newbie

scliburn

Posted
Posted
I would double check that the password is in md5 format. Maybe on the side, copy out the password, and then take what you know to be the password before it's md5 mangled and then md5 it and see if they match. That would be the only thing i can think would be your recourse.

hope it all works out.
dangillow Newbie

dangillow

Posted
  • Author
Posted
Hi,

I double checked that my password before and after, and they are the same. The password is 'qwerty' I looked up the MD5 value in phpMyadmin and got this "d8578edf8458ce06fbc5bb76a58c5ca4" I then wrote the code below. So what else could it be? I have dropped and re-created my table and populated it, just in case it was damaged. Any ideas? Danny

[code]
<?php

$str = "qwerty";

echo md5($str);

if (md5($str) == 'd8578edf8458ce06fbc5bb76a58c5ca4')

{
echo "<br />Passwords Match!";
}

else

{
echo "<br />Passwords don't match";
}

?>
[/code]
dangillow Newbie

dangillow

Posted
  • Author
Posted
Ok I think I've found the problem. I just used echo to print out the password being passed to check_login and its different to the one stored in my database? Now how could that be? What could be causing that?

Using password 'qwerty' in mysql db is: d8578edf8458ce06fbc5bb76a58c5ca4.

When trying to login using password 'qwerty' I get this returned: d41d8cd98f00b204e9800998ecf8427e

How do I fix this?  :o





dangillow Newbie

dangillow

Posted
  • Author
Posted
Sorry for all the posts. But I just noticed that when I echo the password passed to the check_login.php regardless of the password entered the returned value is always 'd41d8cd98f00b204e9800998ecf8427e'

[code]
<?php

session_start();

$_SESSION['employee_id'] = $_POST['employee_id'];  // Use This for passing variables with session
$_SESSION['password'] = md5($_POST['password']);

// Login information

include('db_login.php');

// Connect

$connection = mysql_connect($db_host, $db_username, $db_password);

if (!$connection)
{
    die ("Could not connect to the database: <br> />". mysql_error());
}

// Select the database

$db_select=mysql_select_db($db_database);

if (!$db_select)

{
    die ("Could not select the database: <br> />". mysql_error());
}

// Execute query

$employee_id = $_POST['employee_id'];
$password = md5($_POST['password']);



$query = "SELECT * FROM employee WHERE employee_id='$employee_id' and password='$password'";

$result = mysql_query($query) or die(mysql_error());

$count=mysql_num_rows($result);

echo "<p>Password Is: $password </p>";

echo "<p>$count Rows Returned</p>";

if($count > 0)

{

$_SESSION['employee_id'] = $_POST['employee_id'];
$_SESSION['password'] = md5($_POST['password']);

header("location:welcome.php");

}

else

{

echo "Wrong Username or Password";

}

mysql_close($connection);

?>
[/code]
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.