Jump to content

Help me with my login script please

zules

By zules
in PHP Coding Help

 Share

Recommended Posts

zules Newbie

zules

Posted
Posted

So, um, I'm pretty new to PHP and MySQL, and I request that you don't use really technical terms if you reply  :-[ Because chances are I'll ask you to clarify and that will just waste more of your time.

 

So, I coded this from scratch, and I already know it's not secure and everything, but I'm just trying to get the basic stuff to work before I work on that. Also, I know I haven't set any sessions here, but I'm just trying to get what I have to work.

 

<?php

include("config.php");

//If they're logged in, ask them if they want to log out
if($logged_in=="true") {
echo "You're already logged in! <a href=\"logout.php\">Logout?</a>";
}

//If not logged in, display the log in form
else {

//Or the process code
if($_GET['act']=='process') {

//Put what they inputted into variables
$usern = $_POST['usern'];
$pw = $_POST['pw'];

// Get the pw from that username

mysql_select_db("badges") or die(mysql_error());
$qry = mysql_query("SELECT * FROM user
WHERE username='$usern'") or die(mysql_error());


//See if they're equal
$pas = $qry['password'];

if ($pas==$pw) {
echo "Yay you're logged in!";
}
else {
echo "failed";
}

}

else {

//Log in form
echo "Here is the log in form.";
echo "<form method=\"post\" action=\"login.php?act=process\">Name: <input type=\"text\" maxlength=\"40\" name=\"usern\"><br />";
echo "Password: <input type=\"password\" maxlength=\"20\" name=\"pw\">";
echo "<input type=\"submit\" value=\"Log In\"></form>";

}

}

?>

 

Config.php sets the $logged_in variable and connects to the database.

 

If I run this script, I get the "failed" message.

 

The main problem I'm having is getting the SELECT * FROM lines to work. Because when I try and echo '$pas;', there is nothing.

 

I already echoed $usern and $pw and they are correct. It's just getting $pas to work.

 

Please forgive me for my messy coding. :(

 

Also, please don't give me a new login script to use that has a different method to it. I want to figure out why mine doesn't work, or else I won't learn anything.

 

Thanks for reading!

Link to comment
Share on other sites
tutorialstuff Member

tutorialstuff

Posted
Posted

I think you need to "fetch" the information from your query. Try

 

 

<?php

include("config.php");

//If they're logged in, ask them if they want to log out
if($logged_in=="true") {
echo "You're already logged in! <a href=\"logout.php\">Logout?</a>";
}

//If not logged in, display the log in form
else {

//Or the process code
if($_GET['act']=='process') {

//Put what they inputted into variables
$usern = $_POST['usern'];
$pw = $_POST['pw'];

// Get the pw from that username

mysql_select_db("badges") or die(mysql_error());
$qry = mysql_query("SELECT * FROM user
WHERE username='$usern'") or die(mysql_error());
while($qry_result =  mysql_fetch_assoc($qry)){	

//See if they're equal
$pas = $qry_result['password'];

if ($pas==$pw) {
echo "Yay you're logged in!";
}
else {
echo "failed";
}
}
}

else {

//Log in form
echo "Here is the log in form.";
echo "<form method=\"post\" action=\"login.php?act=process\">Name: <input type=\"text\" maxlength=\"40\" name=\"usern\"><br />";
echo "Password: <input type=\"password\" maxlength=\"20\" name=\"pw\">";
echo "<input type=\"submit\" value=\"Log In\"></form>";

}

}

?>

Link to comment
Share on other sites
phpSensei Advanced Member

phpSensei

Posted
Posted

I was supose to post this, so here

 

first of all

 

<?php

include("config.php");

//If they're logged in, ask them if they want to log out
if($logged_in=="true") {
echo "You're already logged in! <a href=\"logout.php\">Logout?</a>";
}

 

the $logged_in wont be included in your code just because you set it in config. You have to define it, like this

 

Config.php

<?php

$logged_in = 'true';
define('logged_in',$logged_in,true);
?>

 

login.php

<?php
include("config.php");

define('logged_in',true);

$logged_in = logged_in;

echo $logged_in;
?>

 

Second of all, never use the (or die..etc) when your entering the username var. It might not exist, so the php will throw an error.

 

change

 

<?php
// Get the pw from that username

mysql_select_db("badges") or die(mysql_error());
$qry = mysql_query("SELECT * FROM user WHERE username='$usern'") or die(mysql_error());

if ($pas==$pw) {
echo "Yay you're logged in!";
}
?>

 

to

 

which also, you are handling the password and username wrong. try

<?php
// Get the pw from that username

mysql_select_db("badges") or die(mysql_error());
$qry = mysql_query("SELECT username,password FROM `user` WHERE `username`='$usern' and password = '$pw'");

if (mysql_num_rows($qry)>0) {
echo "Yay you're logged in!";
}
?>

 

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.