Jump to content

please help me with a log in problem


littlepeg
 Share

Recommended Posts

:)Hi everybody. Would you please tell me how can I sorted out this log in problem. I typed in the right user name and password (exactly the same as the ones stored in the database), but there is an error message shows that: "The user name and password entered do not match those on file" and can not log in. Any help would be grately and appreciated.The codes as follows:<?php //login.php// Check if the form has been submitted.if (isset($_POST['submitted'])) { require_once ('snypdb.php'); // Connect to the db. $errors = array(); // Initialize error array. // Check for an user name. if (empty($_POST['user_name'])) { $errors[] = 'You forgot to enter your user name.'; } else { $un = $_POST['user_name']; } // Check for a password. if (empty($_POST['password'])) { $errors[] = 'You forgot to enter your password.'; } else { $p = $_POST['password']; } if (empty($errors)) { // If everything's OK. /* Retrieve the user_id and first_name for that user name/password combination. */ $query = "SELECT user_id, first_name FROM users WHERE user_name='$un' AND password=MD5('$p')"; $result = @mysql_query ($query); // Run the query. $row = mysql_fetch_array ($result, MYSQL_NUM); // Return a record, if applicable. if ($row) { // A record was pulled from the database. // Set the session data & redirect. session_start(); $_SESSION['user_id'] = $row[0]; $_SESSION['first_name'] = $row[1]; // Redirect the user to the loggedin.php page. // Start defining the URL. $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']); // Check for a trailing slash. if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) { $url = substr ($url, 0, -1); // Chop off the slash. } // Add the page. $url .= '/loggedin.php'; header("Location: $url"); exit(); // Quit the script. } else { // No record matched the query. $errors[] = 'The user name and password entered do not match those on file.'; // Public message. $errors[] = mysql_error() . 'Query: ' . $query; // Debugging message. } } // End of if (empty($errors)) IF. mysql_close(); // Close the database connection.} else { // Form has not been submitted. $errors = NULL;} // End of the main Submit conditional.if (!empty($errors)) { // Print any error messages. echo '<h1 id="mainhead">Error!</h1> <p class="error">The following error(s) occurred:'; foreach ($errors as $msg) { // Print each error. echo " - $msg\n"; } echo '</p><p>Please try again.</p>';}// Create the form.?><h2>Login</h2><form action="login.php" method="post"> <p>User Name: <input type="text" name="user_name" size="20" maxlength="40" /> </p> <p>Password: <input type="password" name="password" size="20" maxlength="20" /></p> <p><input type="submit" name="submit" value="Login" /></p> <input type="hidden" name="submitted" value="TRUE" /></form>

Link to comment
Share on other sites

Hi.. try with the following qry $query = "SELECT user_id, first_name from users where user_name='".$un."' and password='".md5($p)."'"; Regards, Vijay

Link to comment
Share on other sites

Either that Vijay gave you, or you use the MySQL-built-in md5 function (as you were going to, but placed the quots wrong

SELECT user_id, first_name FROM users WHERE user_name='$un' AND password='MD5($p)'

I moved the quots to outside the MD5() function cal, you didn't "quot" the output from MD5(), which is a string...

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...