Jump to content

php script bug ..pls help


dhirajkumar41

Recommended Posts

This is Login script..
I also has register script which works fine adds some fields to database including
password with just md5 encryption.
when i try to login with email and password, this script always shows incorrect password message when i 
type correct password and shows me member area when i type wrong password. 
i couldnot find any error. pls help

<?php 

// Connects to your Database 

mysql_connect("localhost", "root", "dhiraj") or die(mysql_error()); 

mysql_select_db("test") or die(mysql_error()); 




session_start();

$e_id;
$pwd;

if(!isset($_POST['submit']))
{	
?>


<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> 

<table border="0"> 

<tr><td colspan=2><h1>Login</h1></td></tr> 

<tr><td>Email Id:</td><td> 

<input type="text" name="email" maxlength="60"> 

</td></tr> 

<tr><td>Password:</td><td> 

<input type="password" name="pass" maxlength="50"> 

</td></tr> 

<tr><td colspan="2" align="right"> 

<input type="submit" name="submit" value="Login"> 

</td></tr> 

</table> 

</form> 

<?php
} 
else 
{
// if form has been submitted
$_SESSION['e_id']=$_POST['email'];
$_SESSION['pwd']=$_POST['pass'];



// makes sure they filled it in

if(!$_POST['email'] | !$_POST['pass']) 
{

die('You did not fill in a required field.');

}

// checks it against the database

$check = mysql_query("SELECT * FROM users WHERE u_email = '".$_POST['email']."'")or die(mysql_error());



//Gives error if user dosen't exist

$check2 = mysql_num_rows($check);

if ($check2 == 0) 
{

unset($_SESSION['e_id']);
unset($_SESSION['pwd']);
die('That user does not exist in our database. <a href=enter.php>Click Here to Register</a>');
}

while($info = mysql_fetch_array( $check )) 

{



$_POST['pass'] = md5($_POST['pass']);



//gives error if the password is wrong

if ($_POST['pass'] != $info['u_pass'])
{

die('Incorrect password, please try again.');
//this gets executed when supply correct password.

} 
else 
{ 


//then redirect them to the members area 

header("Location: members.php"); 
//this gets executed when i supply wrong password.

} 

} 

} 
?>
Link to comment
https://forums.phpfreaks.com/topic/281538-php-script-bug-pls-help/
Share on other sites

Can we see the code to store the password in database? If you use normal form of the password when you inserting it to DB, I guess problem should be here, 

$_POST['pass'] = md5($_POST['pass']);
        
        //gives error if the password is wrong
        if ($_POST['pass'] != $info['u_pass']) {
            die('Incorrect password, please try again.');
            //this gets executed when supply correct password.
        }

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.