Jump to content

[SOLVED] login not working for unknown reason

quickstopman

By quickstopman
in PHP Coding Help

 Share

Recommended Posts

quickstopman Regular Member

quickstopman

Posted
Posted

hi guys i have a login script and some some odd reason it won't log anyone

i always get this "You couldn't be logged in!"

any got any ideas?

<?php
session_start();
include'header.php';
include'config.php';
?>
<div style="background:url(inner_top.png); width:650px; height:45px;">
</div>
<div style="background:#ffffff; width:630px; color:#222222; font-size:14px; padding-top:10px; padding:10px; padding-bottom:0px;">
<?
$submit=$_POST['login'];
$username = mysql_real_escape_string(strip_tags(htmlspecialchars($_POST['username'])));
$password = md5($_POST['password']);
//if submit button is pressed
if ($submit){
if((!$username) || (!$password) || ($username=='') || ($password=='')){
echo'<center>Please enter both - username and password!</center>';        
}
$sql=mysql_query("SELECT * FROM `users` WHERE `email` = '".$username."' AND `password`= '".$password."'") OR die(mysql_error());
$c=mysql_num_rows($sql);
if($c>0){
$r=mysql_fetch_array($sql);
$_SESSION['id'] = $r['id'];
$_SESSION['username'] = $r['username'];
header("Refresh: 2; url=home.php");
//else, if there werent any records found show an error and 
//return the user to index.
}else{
echo "<center>You couldn't be logged in!</center>";
}
}
?>
<form action="login.php" method='POST'>
E-Mail: <input type='text' name='username'><br>
Password: <input type='password' name='password'><br>
<input name="login" type="submit" value="Submit"><br>
Not <a href="register.php">registered</a>?
</form>
</div>
<div style="background:url(inner_bottom.png); margin-top:-14px; width:650px; height:45px;">
</div>
<?
include'footer.php';
?>

Link to comment
Share on other sites
CMC Member

CMC

Posted
Posted

Maybe it's the following:

$sql=mysql_query("SELECT * FROM `users` WHERE `email` = '".$username."' AND `password`= '".$password."'") OR die(mysql_error());

 

In that query you specified the email to be check against for the username, but when your assigning session variables you use the row username.

$_SESSION['username'] = $r['username'];

Link to comment
Share on other sites
quickstopman Regular Member

quickstopman

Posted
  • Author
Posted

bump

and also here is the updated code:

<?php
session_start();
include'header.php';
include'config.php';
?>
<div style="background:url(inner_top.png); width:650px; height:45px;">
</div>
<div style="background:#ffffff; width:630px; color:#222222; font-size:14px; padding-top:10px; padding:10px; padding-bottom:0px;">
<font color="red">
<?php
$submit=$_POST['login'];
$username = mysql_real_escape_string(strip_tags(htmlspecialchars($_POST['username'])));
$password = md5($_POST['password']);
//if submit button is pressed
if ($submit){
if((!$username) || (!$password) || ($username=='') || ($password=='')){
echo'<center>Please enter both - username and password!</center>';        
}
$sql=mysql_query("SELECT * FROM `users` WHERE `username` = '".$username."' AND `password`= '".$password."'") OR die(mysql_error());
$c=mysql_num_rows($sql);
if($c>0){
$r=mysql_fetch_array($sql);
$_SESSION['id'] = $r['id'];
$_SESSION['username'] = $r['username'];
header("Refresh: 2; url=home.php");
//else, if there werent any records found show an error and 
//return the user to index.
}else{
echo "<center>You couldn't be logged in!</center>";
}
}
?>
</font>
<form action="login.php" method='POST'>
Username: <input type='text' name='username' value="<? echo $_POST['username'] ?>"><br>
Password: <input type='password' name='password'><br>
<input name="login" type="submit" value="Submit"><br>
Not <a href="register.php">registered</a>?
</form>
</div>
<div style="background:url(inner_bottom.png); margin-top:-14px; width:650px; height:45px;">
</div>
<?php
include'footer.php';
?>

Link to comment
Share on other sites
teng84 Member

teng84

Posted
Posted 

<?php
session_start();
include'header.php';
include'config.php';
?>
<div style="background:url(inner_top.png); width:650px; height:45px;">
</div>
<div style="background:#ffffff; width:630px; color:#222222; font-size:14px; padding-top:10px; padding:10px; padding-bottom:0px;">
<font color="red">
<?php
$username = mysql_real_escape_string(strip_tags(htmlspecialchars($_POST['username'])));
$password = md5($_POST['password']);
if (isset($_POST['login'])){
if (!isset($username) || !isset($password))){
	echo'<center>Please enter both - username and password!</center>';        
}else{
	$sql=mysql_query("SELECT * FROM `users` WHERE `username` = '".$username."' AND `password`= '".$password."'") OR die(mysql_error());
	$c=mysql_num_rows($sql);
	if($c>0){
		$r=mysql_fetch_array($sql);
		$_SESSION['id'] = $r['id'];
		$_SESSION['username'] = $r['username'];
		header("Refresh: 2; url=home.php"); // what is this thing for? 
	}else{
		echo "<center>You couldn't be logged in!</center>";
	}

}
}
?>
</font>
<form action="login.php" method='POST'>
Username: <input type='text' name='username' value="<? echo $_POST['username'] ?>"><br>
Password: <input type='password' name='password'><br>
<input name="login" type="submit" value="Submit"><br>
Not <a href="register.php">registered</a>?
</form>
</div>
<div style="background:url(inner_bottom.png); margin-top:-14px; width:650px; height:45px;">
</div>
<?php
include'footer.php';
?>

 

i tried to format your codes try

Link to comment
Share on other sites
teng84 Member

teng84

Posted
Posted 

<?php
session_start();
include'header.php';
include'config.php';
?>
<div style="background:url(inner_top.png); width:650px; height:45px;">
</div>
<div style="background:#ffffff; width:630px; color:#222222; font-size:14px; padding-top:10px; padding:10px; padding-bottom:0px;">
<font color="red">
<?php
$username = mysql_real_escape_string(strip_tags(htmlspecialchars($_POST['username'])));
$password = md5($_POST['password']);
if (isset($_POST['login'])){
if (!isset($username) || !isset($password))){
	echo'<center>Please enter both - username and password!</center>';        
}else{
	$sql=mysql_query("SELECT * FROM `users` WHERE `username` = '".$username."' AND `password`= '".$password."'") OR die(mysql_error());
	print_r(mysql_fetch_assoc($sql));
	echo 'look here';
	$c=mysql_num_rows($sql);
	if($c>0){
		$r=mysql_fetch_array($sql);
		$_SESSION['id'] = $r['id'];
		$_SESSION['username'] = $r['username'];
		//header("Refresh: 2; url=home.php"); // what is this thing for? 
		header("location: home.php"); // what is this thing for? 
	}else{
		echo "<center>You couldn't be logged in!</center>";
	}

}
}
?>
</font>
<form action="login.php" method='POST'>
Username: <input type='text' name='username' value="<? echo $_POST['username'] ?>"><br>
Password: <input type='password' name='password'><br>
<input name="login" type="submit" value="Submit"><br>
Not <a href="register.php">registered</a>?
</form>
</div>
<div style="background:url(inner_bottom.png); margin-top:-14px; width:650px; height:45px;">
</div>
<?php
include'footer.php';
?>

 

try that and tell me what happen.. can i see the link of your this page?

Link to comment
Share on other sites
teng84 Member

teng84

Posted
Posted

i see. hmm i guess you query found zero result try to remove the where clause to check if the codes i gave you works.

<?php
session_start();
include'header.php';
include'config.php';
?>
<div style="background:url(inner_top.png); width:650px; height:45px;">
</div>
<div style="background:#ffffff; width:630px; color:#222222; font-size:14px; padding-top:10px; padding:10px; padding-bottom:0px;">
<font color="red">
<?php
$username = mysql_real_escape_string(strip_tags(htmlspecialchars($_POST['username'])));
$password = md5($_POST['password']);
if (isset($_POST['login'])){
if (!isset($username) || !isset($password))){
	echo'<center>Please enter both - username and password!</center>';        
}else{
	//$sql=mysql_query("SELECT * FROM `users` WHERE `username` = '".$username."' AND `password`= '".$password."'") OR die(mysql_error());
	$sql=mysql_query("SELECT * FROM `users`") OR die(mysql_error());

	print_r(mysql_fetch_assoc($sql));
	echo 'look here';
	$c=mysql_num_rows($sql);
	if($c>0){
		$r=mysql_fetch_array($sql);
		$_SESSION['id'] = $r['id'];
		$_SESSION['username'] = $r['username'];
		header("Refresh: 2; url=home.php"); // what is this thing for? 
	//	header("location: home.php"); // what is this thing for? 
	}else{
		echo "<center>You couldn't be logged in!</center>";
	}

}
}
?>
</font>
<form action="login.php" method='POST'>
Username: <input type='text' name='username' value="<? echo $_POST['username'] ?>"><br>
Password: <input type='password' name='password'><br>
<input name="login" type="submit" value="Submit"><br>
Not <a href="register.php">registered</a>?
</form>
</div>
<div style="background:url(inner_bottom.png); margin-top:-14px; width:650px; height:45px;">
</div>
<?php
include'footer.php';
?>

try

Link to comment
Share on other sites
Northern Flame Advanced Member

Northern Flame

Posted
Posted

try this:

 

<?php
session_start();
include'header.php';
include'config.php';
?>
<div style="background:url(inner_top.png); width:650px; height:45px;">
</div>
<div style="background:#ffffff; width:630px; color:#222222; font-size:14px; padding-top:10px; padding:10px; padding-bottom:0px;">
<font color="red">
<?php
$username = mysql_real_escape_string(strip_tags(htmlspecialchars($_POST['username'])));
$password = md5($_POST['password']);
if (isset($_POST['login'])){
if (!isset($username) || !isset($password))){
	echo'<center>Please enter both - username and password!</center>';        
}else{
	$sql = mysql_query("SELECT * FROM `users` WHERE `username` = '$username' && `password`= '$password'") OR die(mysql_error());
	print_r(mysql_fetch_assoc($sql));
	echo 'look here';
	$c = mysql_num_rows($sql);
	if($c == 1){
		$r=mysql_fetch_array($sql);
		$_SESSION['id'] = $r['id'];
		$_SESSION['username'] = $r['username'];
		//header("Refresh: 2; url=home.php"); // what is this thing for? 
		header("location: home.php"); // what is this thing for? 
	}else{
		echo "<center>You couldn't be logged in!</center>";
	}

}
}
?>
</font>
<form action="login.php" method='POST'>
Username: <input type='text' name='username' value="<? echo $_POST['username'] ?>"><br>
Password: <input type='password' name='password'><br>
<input name="login" type="submit" value="Submit"><br>
Not <a href="register.php">registered</a>?
</form>
</div>
<div style="background:url(inner_bottom.png); margin-top:-14px; width:650px; height:45px;">
</div>
<?php
include'footer.php';
?>

Link to comment
Share on other sites
Northern Flame Advanced Member

Northern Flame

Posted
Posted

alright,

here try this so we can see what is the field that is giving us trouble

 

<?php
session_start();
include'header.php';
include'config.php';
?>
<div style="background:url(inner_top.png); width:650px; height:45px;">
</div>
<div style="background:#ffffff; width:630px; color:#222222; font-size:14px; padding-top:10px; padding:10px; padding-bottom:0px;">
<font color="red">
<?php
$username = mysql_real_escape_string(strip_tags(htmlspecialchars($_POST['username'])));
$password = md5($_POST['password']);
if (isset($_POST['login'])){
if (!isset($username) || !isset($password))){
	echo'<center>Please enter both - username and password!</center>';        
}else{
	$sql = mysql_query("SELECT * FROM `users` WHERE `username` = '$username'")or die(mysql_error());
	print_r(mysql_fetch_assoc($sql));
	echo 'look here';
	$c = mysql_num_rows($sql);
	if($c == 1){
		echo "username $username found!";
		$p_sql = mysql_query("SELECT * FROM `users` WHERE `username`='$username' && `password`='$password'")or die(mysql_error());
		$p_check = mysql_num_rows($p_sql);
		if($p_check == 1){
		$r=mysql_fetch_array($sql);
		$_SESSION['id'] = $r['id'];
		$_SESSION['username'] = $r['username'];
		//header("Refresh: 2; url=home.php"); // what is this thing for? 
		header("location: home.php"); // what is this thing for? 
		} else{
		echo 'Incorrect password!';
		}
	}else{
		echo "<center>Invalid Username!</center>";
	}

}
}
?>
</font>
<form action="login.php" method='POST'>
Username: <input type='text' name='username' value="<? echo $_POST['username'] ?>"><br>
Password: <input type='password' name='password'><br>
<input name="login" type="submit" value="Submit"><br>
Not <a href="register.php">registered</a>?
</form>
</div>
<div style="background:url(inner_bottom.png); margin-top:-14px; width:650px; height:45px;">
</div>
<?php
include'footer.php';
?>

This will let us know if the username or password is invalid

Link to comment
Share on other sites
quickstopman Regular Member

quickstopman

Posted
  • Author
Posted

ok

well Northern Flame i used your code

and i edited it a little bit

 

here it is:

<?php
session_start();
include'header.php';
include'config.php';
?>
<div style="background:url(inner_top.png); width:650px; height:45px;">
</div>
<div style="background:#ffffff; width:630px; color:#222222; font-size:14px; padding-top:10px; padding:10px; padding-bottom:0px;">
<font color="red">
<?php
$username = mysql_real_escape_string(strip_tags(htmlspecialchars($_POST['username'])));
$password = md5($_POST['password']);
if (isset($_POST['login'])){
if (!isset($username) || !isset($password)){
	echo'<center>Please enter both - username and password!</center>';        
}else{
	$sql = mysql_query("SELECT * FROM `users` WHERE `username` = '$username'")or die(mysql_error());
	$c = mysql_num_rows($sql);
	if($c == 1){
		$p_sql = mysql_query("SELECT * FROM `users` WHERE `username`= '$username' AND `password`='$password'")or die(mysql_error());
		$p_check = mysql_num_rows($p_sql);
		if($p_check == 1){
		$r=mysql_fetch_array($sql);
		$_SESSION['id'] = $r['id'];
		$_SESSION['username'] = $r['username'];
		//header("Refresh: 2; url=home.php"); // what is this thing for? 
		header("location: home.php"); // what is this thing for? 
		} else{
		echo 'Incorrect password!';
		}
	}else{
		echo "<center>Invalid Username!</center>";
	}

}
}
?>
</font>
<form action="login.php" method='POST'>
Username: <input type='text' name='username' value="<? echo $_POST['username'] ?>"><br>
Password: <input type='password' name='password'><br>
<input name="login" type="submit" value="Submit"><br>
Not <a href="register.php">registered</a>?
</form>
</div>
<div style="background:url(inner_bottom.png); margin-top:-14px; width:650px; height:45px;">
</div>
<?php
include'footer.php';
?>

there is still one problem it always says i have the wrong password

Link to comment
Share on other sites
teng84 Member

teng84

Posted
Posted

maybe your not really getting results form your db using that username and password like i told you print out the results of your query to check. maybe your getting 00 results that is why you always get that massage.. you have to determine if your query searches something

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.