FlashNinja Posted April 9, 2012 Share Posted April 9, 2012 I'm working on a login script for my site. My login script, for some reason, does not recognise valid and registered user details and kicks the user back to the login screen. I've been looking at my script for some time now and can't find the issue that is causing this - so fresh eyes would be a massive help. The registration script works fine and records user details correctly so that isn't the problem. EDIT: Fixed my PHP quote. [m]<?php include 'connect.php'; $myusername = $_POST['myusername']; $mypassword = $_POST['mypassword']; $tbl_name = 'usr_test'; $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $myusername = trim($myusername); $mypassword = trim($mypassword); $hash = md5($mypassword); $sql = "SELECT * FROM $tbl_name WHERE usr = '$myusername' AND pass = '$hash'"; $result = mysql_query($sql); if(isset($myusername) && ($hash)) { if($result) { } else{ header("Location:homelogin.php"); } $num_rows = mysql_num_rows($result); if($num_rows > 0){ session_start(); $_SESSION['login'] = "1"; header("Location:homelogin.php"); } else{ header("Location:loginerr.php"); } } else header("Location:loginerr.php"); ?>[/m] Link to comment https://forums.phpfreaks.com/topic/260649-annoying-login-script/ Share on other sites More sharing options...
dcro2 Posted April 9, 2012 Share Posted April 9, 2012 Have you tried running the query directly on the server, with phpmyadmin for example? SELECT * FROM usr_test WHERE usr = 'username' AND pass = MD5('password') Have you done any debugging to find out if the username and password are what you expect at the end? Have you checked for any mysql_errors if the query fails in your PHP script? Link to comment https://forums.phpfreaks.com/topic/260649-annoying-login-script/#findComment-1335884 Share on other sites More sharing options...
FlashNinja Posted April 9, 2012 Author Share Posted April 9, 2012 The username and password are what I expect them to be at the end. The query doesn't seem to function, even when being run through phpmyadmin. EDIT: Actually scratch what I said, I triple checked the hashed password and during the login process it's actually adding two extra characters to the end. Anyone have an idea why this is? Link to comment https://forums.phpfreaks.com/topic/260649-annoying-login-script/#findComment-1335886 Share on other sites More sharing options...
FlashNinja Posted April 9, 2012 Author Share Posted April 9, 2012 Wow. It turns out this was a silly mistake with my varchar length in my user table. Well at least I've found the issue now. Link to comment https://forums.phpfreaks.com/topic/260649-annoying-login-script/#findComment-1335890 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.