Jump to content

Implementing an authentication in user login....


Arnold_26

Recommended Posts

Hi guys..

 

I have a little problem on my codes.

 

I've tested the connection of MySql and PHP that's fine.

 

Now my problem is the authentication of it.

 

When ever I've entered a not valid username and password it will connect to my other page.

 

Did I miss something?

 

What's seem the problem here?

Here's the code:

 

<?php

 

 

$username = $_POST['username'];

$password = $_POST['password'];

$password = trim($password);

 

if (!$username && !$password){

 

  echo 'Enter you username followed by your password';

  exit;

}

 

$mysqli = new mysqli("localhost", "my_user", "mypassword", "my_db");

 

/* check connection */

if (mysqli_connect_errno()) {

  printf("Connect failed: %s\n", mysqli_connect_error());

  exit();

}

 

 

$query = "SELECT username, password FROM users ORDER by username = '$username'

        and password = '$password' ";

 

$result = mysqli_query($mysqli, $query);

if (!$result)

{

 

  echo 'Cannot connect sorry';

  exit;

}

else

{

 

  /* fetch associative array */

  while ($row = mysqli_fetch_row($result))

 

    {

      printf ( $row[0], $row[1]);

 

  }

 

  /* free result set */

  mysqli_free_result($result);

  printf ("connection success");

}

 

$mysqli->close();

?>

 

Help!!

 

Thanks guys.

Link to comment
Share on other sites

  echo 'Cannot connect sorry';
  exit;
}
else
{

  if(mysqli_num_rows($result) == 0){
  echo "Username or password is incorrect";
  die();
  }else {
/* fetch associative array */
   while ($row = mysqli_fetch_row($result))

    {
       printf ( $row[0], $row[1]);

   }

   /* free result set */
   mysqli_free_result($result);
   printf ("connection success");
}

$mysqli->close();
?>

 

Basically what you were doing is just checking if the query would actually do what you're telling it to do. You need to see if the row actually exists in the database, using mysqli_num_rows will do the trick, if mysqli_num_rows($result) equaled 0 then the username or password was obviously incorrect. If it equaled 1 then the username and password were both correct.

Link to comment
Share on other sites

Thanks for the reply but there is another problem.

 

 

Tried it already

Show an error.

 

 

Parse error: parse error, unexpected $end in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\user_conn.php on line 61

 

The line is 61 is the </html> tag.

 

here's the code.

 

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<title>Log In</title>

<link href="user_main.css" rel="stylesheet" type="text/css" />

<?php

$username = $_POST['username'];

$password = $_POST['password'];

$password = trim($password);

 

if (!$username && !$password){

 

  echo 'Enter you username followed by your password';

  exit;

}

 

$mysqli = new mysqli("localhost", "user", "dbpassword", "db");

 

/* check connection */

if (mysqli_connect_errno()) {

  printf("Connect failed: %s\n", mysqli_connect_error());

  exit();

}

 

$query = "SELECT username, password FROM users ORDER by username = '$username'

        and password = '$password' ";

 

$result = mysqli_query($mysqli, $query);

if (!$result)

{

  echo 'Cannot connect sorry';

  exit;

}

else

{

 

  if(mysqli_num_rows($result) == 0){

  echo "Username or password is incorrect";

  die();

  }else {

/* fetch associative array */

  while ($row = mysqli_fetch_row($result))

 

    {

      printf ( $row[0], $row[1]);

 

  }

 

  /* free result set */

  mysqli_free_result($result);

  printf ("connection success");

}

 

$mysqli->close();

?>

</head>

<body>

<center>

</center>

</body>

</html>

 

 

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.