Jump to content

Register & Login form problem...

Hazukiy

By Hazukiy
in PHP Coding Help

 Share

Recommended Posts

Hazukiy Member

Hazukiy

Posted
Posted

Hi, I'm trying to create a Login & Register form which will create a profile for that user but I'm getting a lot of problems and I can't seem to figure out why it's not working correctly? I've created a post on the forums before about this problem but the problem was never resolved, I am new to PHP hence my noobieness. Basicly the problem at the moment is when I try to login it gives me a 'Wrong details error' which is expressed like so:

 

elseif(!mysql_num_rows($r))
{
 $errorMsg = "* Sorry, couldn't log you in. Wrong login information.";
}

 

As far as the register form goes, it works fine to my knowledge as it's adding users to the database when they register and it's encrypting their passwords by using the crypt(); function. I'll link the Login form, the register form and the dbConfig below but I'll replace any sensitive details with '-HIDDEN-' for safety. I would really appreshiate if someone could help me out on this one cause I've been stuck with this problem for quite a while now and I can't figure it out, thanks a lot :)

 

 

 

Register.php

 

<?php 
include ("dbConfig.php"); 

if ($_SERVER['REQUEST_METHOD'] == "POST") 
{
	$usernameSQL = mysql_real_escape_string($_POST['username']);
	$emailSQL = mysql_real_escape_string($_POST['email']);
	$passwordSQL = mysql_real_escape_string($_POST['password']);
	$passwordSQL = crypt('$password');
	
	$q = "INSERT INTO -HIDDEN-(username, email, password)VALUES('$usernameSQL', '$emailSQL', '$passwordSQL')";
	$r = mysql_query($q);
	header("Location: register.php?op=thanks");

}	
	
	
?>

	<form action="?op=reg" method="POST">
	Username:<br><font color="red">*</font><input class="GeneralForm" type="text" name="username" id="username" maxlength="20"><br>
	<br>
	Email:<br><font color="red">*</font><input class="GeneralForm" type="text" name="email" id="email" maxlength="50"><br>
	<br>
	Password:<br><font color="red">*</font><input class="GeneralForm" type="password" name="password" id="password" maxlength="50"><br>
	<br>
	<input type="checkbox" name="tick"><font color="gray" size="3"> I agree to the Terms of Use<br>
	<br>
	<button type="submit" name="submit" class="InputButton" value="Submit">Submit</button>
	</form>
	<br><font size="2" color="gray">* You can edit details on your profile when you login!</font>

 

 

 

Login.php

 

<?php 
session_start();
include "dbConfig.php";
	
$errorMsg = "";
	
if ($_GET["op"] == "fail") 
{ 
	$errorMsg = "* You need to be logged in to access the members area!";
}

if ($_SERVER['REQUEST_METHOD'] == "POST") 
{ 
   $username = trim($_POST["username"]);
   $password = trim($_POST["password"]);
   
   if (empty($username) || empty($password))
	{
		$errorMsg = "* You need to provide a username & password.";
	}
   else
	{
		$usernameSQL = mysql_real_escape_string($username);
		$passwordSQL = crypt('$password');
		
		$q = "SELECT id FROM -HIDDEN- WHERE username='{$usernameSQL}' AND password='{$passwordSQL}' LIMIT 1";  
	    $r = mysql_query($q) or die("Error: " . mysql_error() . "<br>Query: " . $q);
		
		if(!$r)
        {
            //Error running query
            $errorMsg = "* Wrong username or password.";
        }
        elseif(!mysql_num_rows($r))
        {
            //User not found
            $errorMsg = "* Sorry, couldn't log you in. Wrong login information.";
        }
        else
        {
            // Login good, create session variables and redirect
            $_SESSION["valid_id"] = $obj->id;
            $_SESSION["valid_user"] = $username;
            $_SESSION["valid_time"] = time();
            // Redirect to member page
            header("Location: members.php");
        }
	}	
}
?>

<form action="?op=login" method="POST">
Username:<br>
<input class="GeneralForm" type="text" name="username" id="username" maxlength="20" value="<?php echo htmlentities($usernameSQL); ?>">
<br><br>
Password:<br>
<input class="GeneralForm" type="password" name="password" id="password" maxlength="50">
<br><br>
<button type="submit" name="Submit" class="InputButton" value="Login">Login</button>
<h1 class="FailLoginState"><?php echo $errorMsg; ?></h1>
</form>

 

 

 

dbConfig.php

 <?  
    $host = "-HIDDEN-"; 
    $user = "-HIDDEN-"; 
    $pass = "-HIDDEN-"; 
    $db = "-HIDDEN-"; 

    $ms = mysql_pconnect($host, $user, $pass); 
    if ( !$ms ) 
    { 
    echo "Error connecting to database.\n"; 
    } 
    mysql_select_db($db); 
    ?>

 

Link to comment
https://forums.phpfreaks.com/topic/275749-register-login-form-problem/
Share on other sites
ignace Advanced Member

ignace

Posted
Posted (edited)

Yes. since '$password' !== "$password" assuming $password contains "foobar" the previous would print: '$password' !== "foobar"

 

More explanation about this can be found here:

http://www.php.net/manual/en/language.types.string.php#language.types.string.syntax.double

Edited by ignace
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.