Jump to content

Annoying Login Script

FlashNinja

By FlashNinja
in PHP Coding Help

 Share

Recommended Posts

FlashNinja Member

FlashNinja

Posted
Posted

I'm working on a login script for my site. My login script, for some reason, does not recognise valid and registered user details and kicks the user back to the login screen. I've been looking at my script for some time now and can't find the issue that is causing this - so fresh eyes would be a massive help. The registration script works fine and records user details correctly so that isn't the problem.

 

EDIT: Fixed my PHP quote.  :P

 

[m]<?php
include 'connect.php'; 

$myusername = $_POST['myusername'];
$mypassword = $_POST['mypassword'];
$tbl_name = 'usr_test';

$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$myusername = trim($myusername);
$mypassword = trim($mypassword);

$hash = md5($mypassword);

$sql = "SELECT * FROM $tbl_name WHERE usr = '$myusername' AND pass = '$hash'";
$result = mysql_query($sql);

if(isset($myusername) && ($hash)) {

if($result) {

}
else{
      header("Location:homelogin.php");
  }
  
$num_rows = mysql_num_rows($result);

if($num_rows > 0){
   session_start();
   $_SESSION['login'] = "1";
   header("Location:homelogin.php");
   }
   else{
       header("Location:loginerr.php");
   }
 }
else header("Location:loginerr.php");
   
   ?>[/m]

Link to comment
Share on other sites
dcro2 Newbie

dcro2

Posted
Posted

Have you tried running the query directly on the server, with phpmyadmin for example?

SELECT * FROM usr_test WHERE usr = 'username' AND pass = MD5('password')

 

Have you done any debugging to find out if the username and password are what you expect at the end?

 

Have you checked for any mysql_errors if the query fails in your PHP script?

Link to comment
Share on other sites
FlashNinja Member

FlashNinja

Posted
  • Author
Posted

The username and password are what I expect them to be at the end. The query doesn't seem to function, even when being run through phpmyadmin.  :shrug:

 

EDIT: Actually scratch what I said, I triple checked the hashed password and during the login process it's actually adding two extra characters to the end. Anyone have an idea why this is?

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.