Jump to content

[SOLVED] Login check errors problem


AdRock

Recommended Posts

I have created my login form and I am using validation to make sure that the user has entered the correct username and password before allowing them to login.

 

I query the dayabase first and depending on the result they will be logged in.

 

The problem is that it won't let me log in with valid details so I have done something wrong.

 

I think it's to do with this

    if($login_check == 0) {
$error['username'] = true; 
$error['password'] = true; 
         $print_again = true; 
        $message.="<li>Either the username and password do not match or you have not validated your membership!</li>";
    }

 

Here is the whole function that checks the form

 

function check_form() { 
    global $_POST, $error, $print_again, $username;

    $username = $_POST['username'];
    $password = $_POST['password'];

    // check if the user info validates the db 
    $sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password' AND activated='1'"); 
    $login_check = mysql_num_rows($sql);

    $error['username'] = false;

    if(empty($username)) { 
        $error['username'] = true; 
         $print_again = true; 
        $message="<li>The Username field is empty</li>"; 
    }
    else if(!ereg("^[A-Za-z0-9\-]{3,30}$",$username)) {
$error['username'] = true; 
         $print_again = true; 
        $message.="<li>Username must contain letters and numbers only</li>";
    }

    if(empty($password)) { 
        $error['password'] = true; 
         $print_again = true; 
        $message.="<li>The Password field is empty</li>"; 
    }
    else if(!ereg("^[A-Za-z0-9]{6,30}$",$password)) {
$error['password'] = true; 
         $print_again = true; 
        $message.="<li>Password must contain letters and numbers only</li>";
    } 

    if($login_check == 0) {
$error['username'] = true; 
$error['password'] = true; 
         $print_again = true; 
        $message.="<li>Either the username and password do not match or you have not validated your membership!</li>";
    }

    if($print_again) {
   	echo "<h2 class=\"errorhead\">There has been an error:</h2><p>You forgot to enter the following field(s)</p>
   	    <ul id=\"validation\">$message</ul>";
   	show_form(); 
    } else { //do the rest of the code

Link to comment
https://forums.phpfreaks.com/topic/66647-solved-login-check-errors-problem/
Share on other sites

Are your passwords encrypted in the database? You shouldn't store plain passwords.

 

Change this code:

$sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password' AND activated='1'"); 
    $login_check = mysql_num_rows($sql);

To

$sql = "SELECT * FROM users WHERE username='$username' AND password='$password' AND activated='1'";
$result = mysql_query($sql) OR DIE(mysql_error().' - '.$sql);
$login_check = mysql_num_rows($result);
print 'Rows: '.$login_check;
code]

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.