littlepeg Posted May 4, 2007 Share Posted May 4, 2007 :)Hi everybody. Would you please tell me how can I sorted out this log in problem. I typed in the right user name and password (exactly the same as the ones stored in the database), but there is an error message shows that: "The user name and password entered do not match those on file" and can not log in. Any help would be grately and appreciated.The codes as follows:<?php //login.php// Check if the form has been submitted.if (isset($_POST['submitted'])) { require_once ('snypdb.php'); // Connect to the db. $errors = array(); // Initialize error array. // Check for an user name. if (empty($_POST['user_name'])) { $errors[] = 'You forgot to enter your user name.'; } else { $un = $_POST['user_name']; } // Check for a password. if (empty($_POST['password'])) { $errors[] = 'You forgot to enter your password.'; } else { $p = $_POST['password']; } if (empty($errors)) { // If everything's OK. /* Retrieve the user_id and first_name for that user name/password combination. */ $query = "SELECT user_id, first_name FROM users WHERE user_name='$un' AND password=MD5('$p')"; $result = @mysql_query ($query); // Run the query. $row = mysql_fetch_array ($result, MYSQL_NUM); // Return a record, if applicable. if ($row) { // A record was pulled from the database. // Set the session data & redirect. session_start(); $_SESSION['user_id'] = $row[0]; $_SESSION['first_name'] = $row[1]; // Redirect the user to the loggedin.php page. // Start defining the URL. $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']); // Check for a trailing slash. if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) { $url = substr ($url, 0, -1); // Chop off the slash. } // Add the page. $url .= '/loggedin.php'; header("Location: $url"); exit(); // Quit the script. } else { // No record matched the query. $errors[] = 'The user name and password entered do not match those on file.'; // Public message. $errors[] = mysql_error() . 'Query: ' . $query; // Debugging message. } } // End of if (empty($errors)) IF. mysql_close(); // Close the database connection.} else { // Form has not been submitted. $errors = NULL;} // End of the main Submit conditional.if (!empty($errors)) { // Print any error messages. echo '<h1 id="mainhead">Error!</h1> <p class="error">The following error(s) occurred:'; foreach ($errors as $msg) { // Print each error. echo " - $msg\n"; } echo '</p><p>Please try again.</p>';}// Create the form.?><h2>Login</h2><form action="login.php" method="post"> <p>User Name: <input type="text" name="user_name" size="20" maxlength="40" /> </p> <p>Password: <input type="password" name="password" size="20" maxlength="20" /></p> <p><input type="submit" name="submit" value="Login" /></p> <input type="hidden" name="submitted" value="TRUE" /></form> Link to comment Share on other sites More sharing options...
vijay Posted May 5, 2007 Share Posted May 5, 2007 Hi.. try with the following qry $query = "SELECT user_id, first_name from users where user_name='".$un."' and password='".md5($p)."'"; Regards, Vijay Link to comment Share on other sites More sharing options...
Mr_CHISOL Posted May 5, 2007 Share Posted May 5, 2007 Either that Vijay gave you, or you use the MySQL-built-in md5 function (as you were going to, but placed the quots wrong SELECT user_id, first_name FROM users WHERE user_name='$un' AND password='MD5($p)' I moved the quots to outside the MD5() function cal, you didn't "quot" the output from MD5(), which is a string... Link to comment Share on other sites More sharing options...
littlepeg Posted May 5, 2007 Author Share Posted May 5, 2007 Thank you Chisol, it works now Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.