Jump to content

[SOLVED] Login script won't log me in


AdRock

Recommended Posts

I have a new login script but it won't log me in using correct username and password.

 

It redisplays the form and says "there was error:" "please try again" and it should also display what the error is but it doesn't so I don't know what is wrong.

 

This is the login.php

<?php

// Include init file
include 'init.php';

if (!isset($_POST['submit']))
{
     // Show the form
     include 'login_form.inc.php';
     exit;
}
else
{
     // Try and login with the given username & pass
     $result = user_login($_POST['username'], $_POST['password']);

     if ($result != 'Correct')
     {
          // Reshow the form with the error
          $login_error = $result;
          include 'login_form.inc.php';
     }
     else
     {
          echo 'Thank you for logging in, <a href="index.php">click here</a> to go back.';
     } 
}

?>

 

This is the function that logs the user in

function user_login($username, $password)
{
     // Try and get the salt from the database using the username
     $query = "select salt from users where username='$username' limit 1";
     $result = mysql_query($query);
     $user = mysql_fetch_array($result);

     // Using the salt, encrypt the given password to see if it 
     // matches the one in the database
     $encrypted_pass = md5(md5($password).$user['salt']);

     // Try and get the user using the username & encrypted pass
     $query = "select userid, username from user where username='$username' and password='$encrypted_pass'";
     $result = mysql_query($query);
     $user = mysql_fetch_array($result);
     $numrows = mysql_num_rows($result);

     // Now encrypt the data to be stored in the session
     $encrypted_id = md5($user['userid']);
     $encrypted_name = md5($user['username']);

     // Store the data in the session
     $_SESSION['userid'] = $userid;
     $_SESSION['username'] = $username;
     $_SESSION['encrypted_id'] = $encrypted_id;
     $_SESSION['encrypted_name'] = $encrypted_name;


    if ($numrows == 1)
    {
        return 'Correct';
    }
    else
    {
        return false;
    }
}

 

and this is the login_form.inc.php file

<?php if (isset($login_error)) { ?>
There was an error: <?php echo $login_error; ?>, please try again.
<?php } ?>
<form action="login.php" method="post">

<b>Username:</b> <input type="text" size="20" maxlength="20" name="username" 
<?php if (isset($_POST['username'])) { ?> value="<?php echo $_POST['username']; ?>" <?php } ?>/><br />

<b>Password:</b> <input type="password" size="20" maxlength="10" name="password" /><br />

<input type="submit" name="submit" value="Login" />
</form>

 

Why won't it log me in even though I am using the right login details?

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.