Jump to content

Login Page Does Not Work Php and Mysql

Somers95

By Somers95
in PHP Coding Help

 Share

Recommended Posts

Somers95 Newbie

Somers95

Posted
Posted

Hello, I was making a login page with PHP and Mysql and have managed to debug all the errors, but the page says 'Wrong Username or Password' even though i have typed in the right password from the table. 

 

I was wondering if anyone could help me. 

Thanks 

 

I have 4 php files:

main_login.php

check_login.php

login_success.php

logout.php 

 

Here is all the code: 

 

main_login.php:

<table>
	<tr>
		<form name="form1" method="post" action="check_login.php">
			<td>
				<table>
					<tr>
						<td><strong>Login form: </strong></td>
					</tr>
					
					<tr>
						<td>UserName</td>
						<td>:</td>
						<td><input name="myusername" type="text" id="myusername"/></td>
						
					</tr>
					<tr>
						<td>Password</td>
						<td>:</td>
						<td><input name="mypassword" type="text" id="mypassword"/>
							
						</td>
					</tr>
					<tr>
						<td> </td>
						<td> </td>
						<td><input type="Submit" name="Submit" value="Login"/></td>
					</tr>
						
				</table>
			</td>
		</form>
	</tr>
</table>



<?php


?>

 

check_login.php:

<?php
$host = "localhost"; 
$Username = "christopher";
$Password = "password";
$db_name = "test_db";
$tbl_name = "test";

	//CONNECT TO SERVER 
	mysql_connect("$host", "$Username", "$Password") or die("CANNOT CONNECT");
	mysql_select_db("$db_name") or die("CANNOT SELECT DB");
	
	//USERNAME AND PASSWORD FROM FORM
	$myusername=$_POST['myusername'];
	$mypassword=$_POST['mypassword'];
	
	//SECURITY PROTECTION
	$myusername = stripslashes($myusername);
	$mypassword = stripslashes($mypassword);
	$myusername = mysql_real_escape_string($myusername);
	$mypassword = mysql_real_escape_string($mypassword);
	
	$sql = "SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
	 $result = mysql_query($sql);
	
	 $count = mysql_num_rows($result);
	$count = 1; 
	if($count == 1){
		session_register("myusername");
		session_register("mypassword");
		header("Location: http://localhost/login/2/login_success.php/");
		
	}	else {
		echo "Wrong Username Or Password";
	}
	
?>

login_success.php

<?php
	session_start();
	echo "login successful..";
	if(!session_is_registered(myusername)){
		header("location:main_login.php");
	}
?>

<html>
<body>
	LOGIN SUCCESSFUL
</body>
</html>

logout.php:

<?php 
session_start();
session_destroy();
?>

check_login.php

login_success.php

logout.php

main_login.php

Link to comment
Share on other sites
Ch0cu3r Newbie

Ch0cu3r

Posted
Posted

session__register and session_is_registered are depercated. Do not use them.

 

You use the $_SESSION variable adding data to the session. You use this variable like another variable.

 

So when setting the myusername and mypassword session items you use

$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword'] = $mypassword;

To get the myusername and mypassword from the session use the $_SESSION['myusername'] and $_SESSION['mypassword'] variables, example

echo 'myusername is: ' . $_SESSION['myusername'] . '<br />';
echo 'mypassword is: ' . $_SESSION['mypassword'];
Link to comment
Share on other sites
Somers95 Newbie

Somers95

Posted
  • Author
Posted

Yeah sorry i put $Count = 1 to just see if the it would login, providing the value was equal to 1. sorry about that confusion.

<?php
$host = "localhost"; 
$Username = "christopher";
$Password = "password";
$db_name = "test_db";
$tbl_name = "test";

	//CONNECT TO SERVER 
	mysql_connect("$host", "$Username", "$Password") or die("CANNOT CONNECT");
	mysql_select_db("$db_name") or die("CANNOT SELECT DB");
	
	//USERNAME AND PASSWORD FROM FORM
	$myusername=$_POST['myusername'];
	$mypassword=$_POST['mypassword'];
	
	//SECURITY PROTECTION
	$myusername = stripslashes($myusername);
	$mypassword = stripslashes($mypassword);
	$myusername = mysql_real_escape_string($myusername);
	$mypassword = mysql_real_escape_string($mypassword);
	
	$sql = "SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
	 $result = mysql_query($sql);
	
	 $count = mysql_num_rows($result);
	
	if($count == 1){
		session_register("myusername");
		session_register("mypassword");
		header("Location: http://localhost/login/2/login_success.php/");
		
	}	else {
		echo "Wrong Username Or Password";
	}
	
?> 
Link to comment
Share on other sites
Jayden_Blade Member

Jayden_Blade

Posted
Posted

First Listen to Ch0cu3r...

 

session__register and session_is_registered are depercated. Do not use them.

 

You use the $_SESSION variable adding data to the session. You use this variable like another variable.

 

So when setting the myusername and mypassword session items you use

$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword'] = $mypassword;

To get the myusername and mypassword from the session use the $_SESSION['myusername'] and $_SESSION['mypassword'] variables, example

echo 'myusername is: ' . $_SESSION['myusername'] . '<br />';
echo 'mypassword is: ' . $_SESSION['mypassword'];

2nd Verify myusername is correct in spelling and capitalization. Verify mypassword is correct in spelling and capitalization.

Link to comment
Share on other sites
davidannis Regular Member

davidannis

Posted
Posted (edited)

I believe that you should change

header("location:main_login.php");

to

header("Location: main_login.php");

Notice the capital L and the space after the colon. To be technically correct you should also use an absolute URL.

Edited by davidannis
Link to comment
Share on other sites
mac_gyver Prolific Member

mac_gyver

Posted
Posted

the code you found on the Internet is so old and out of date that it won't even run under the latest php version. it also has a number of deficiencies, such as the login_success code won't prevent someone from accessing the protected page.

 

you would be better off just writing your own login code from scratch, rather than to copy/paste something you found on the Internet.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.