Problem with login script

PHPRegister · July 14, 2012

I have a problem with a login script I have. Here is the full code:

<?php

ob_start();
$host=
$username=
$password= 
$db_name= 
$tbl_name=


// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");


// Define $myusername and $mypassword 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 


// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);


// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}

ob_end_flush();
?>

When I run the file, it tells me Wrong password message. What have I done wrong?

lordshoa · July 14, 2012

Are these variables empty on the script ?

they should be for one and removing code injection so only number letters used

 $username = ''; or 
$username = $_POST['myusername'];    
[code]

[code] $host=
$username =
$password= 
$db_name= 
$tbl_name=

These vars are empty and they do not have a code end ;

Is there a form that you post from maybe that is not correct?

PHPRegister · July 15, 2012

NO, all the variables are filled in. I have hidden them.

Nyuszer · July 15, 2012

for debugging try to print out the $sql var

PHPRegister · July 15, 2012

How? Also, there are no error messages just a Wrong password meesage.

floridaflatlander · July 15, 2012

Plug this in and see what it tells you,

$result=mysql_query($sql) or die("Error: ".mysqli_error($dbc));

where $dbc = mysql_connect("$host", "$username", "$password")or die("cannot connect");

PHPRegister · July 15, 2012

Still a wrong password message.

Pikachu2000 · July 15, 2012

That code is obviously cut and pasted from phpeasystep.com, and it uses functions that are about 10 years out of date. You would really be better off finding another learning resource; pretty much everything on that site is antiquated.

floridaflatlander · July 15, 2012

So you didn't get an error message?

I thought mysqli_query() expects 2 parameters, you have one

Try

$result=mysql_query($dbc, $sql) or die("Error: ".mysqli_error($dbc));

where $dbc = mysql_connect("$host", "$username", "$password")or die("cannot connect");

PHPRegister · July 15, 2012

Yes, I followed phpesaystep as a tutorial. Can you redirect me to somewhere better? Pikachu2000

Nyuszer · July 15, 2012

How?

just use

echo $sql;

and check that the query is ok

also make sure that the user and pass for login is the same as that is in the mysql table

for learning: http://w3schools.com/php/default.asp

bleured27 · July 15, 2012

it is an old code ..try this

<code>

<?php

$host="localhost"; // Host name

$username=""; // Mysql username

$password=""; // Mysql password

$db_name="test"; // Database name

$tbl_name="userinfo"; // Table name

// Connect to server and select databse.

mysql_connect("$host", "$username", "$password")or die("cannot connect");

mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form

$myusername=$_POST['myusername'];

$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)

$myusername = stripslashes($myusername);

$mypassword = stripslashes($mypassword);

$myusername = mysql_real_escape_string($myusername);

$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";

$result=mysql_query($sql);

// Mysql_num_row is counting table row

$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"

session_register("myusername");

session_register("mypassword");

header("location:login_success.php");

}

else {

echo "Wrong Username or Password";

}

?>

</code>

PHPRegister · July 15, 2012

It says: SELECT * FROM test1 WHERE username='' and password=''Wrong Username or Password

bleured27 · July 15, 2012

this worKs for me u need to eddit tbl_name in yours AND MAKE sure u have a member

im worKing on a registration script now u can eddit it to this one when its finisched u need 1 member !!

<?php

$host="localhost"; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="test"; // Database name
$tbl_name="userinfo"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

bleured27 · July 15, 2012

u need login succes.php its liKe this

<?php
session_start();
if(!session_is_registered(myusername)){
header("location:main_login.php");
}
?>

<html>
<body>
Login Successful
</body>
</html>
</table>

and of coure the first 1

(eddit checKlogin in the name of the file in last post!

<table width="300" border="0" align="right" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checKlogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="password" id="mypassword"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>

PFMaBiSmAd · July 15, 2012

@bleured27, the code you are posting is also out of date and doesn't work at all on the latest php version.

Sign In

Problem with login script

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Important Information