Jump to content

Php And Mysql Issue


subha rr

Recommended Posts

Hi....Below the code for userlogin page<?phpinclude "pass.php";session_start();$user = isset($_POST['user']) ? $_POST['user'] : $_SESSION['user'];$pass = isset($_POST['pass']) ? $_POST['pass'] : $_SESSION['pass'];mysql_query("insert into login('', '$user', '$pass')");$link = mysql_connect($hostname, $username, $password);if($link){ $db = mysql_select_db("time", $link);}if(!isset($pass)){?> <form method=POST action=""> <div align=center >Enter login details</div><br> <table align = center> <tr><td>Username</td><td><input type=text name=user value=""> <tr><td>Password</td><td><input type=password name=pass value=""> <tr><td><input type=submit value="Submit"></td></tr> </table> </form><?php}$user = $_SESSION['user'];$pass = $_SESSION['pass'];$sql = "select * from login where username = '$user' and password = password('$pass')";$result2 = mysql_query($sql);include "pass.php";if($result2 == $pass){ if(isset($pass)) echo "<font>Authentication Failed</font>";}?>Error will occured.Password is wrong, cannot display authentication failed.. if not check the passwordwhat is the issue for this code...pls correct code for this pageRegardssubha

Link to comment
Share on other sites

$sql = "select * from login where username = '$user' and password = password('$pass')";--> $sql = ($dbconnection, "select * from login where username = '".$user."' and password = '".$pass."'");I'm not really sure, that's the problem, but this is how I would write it - unless there is a reason why you wrote it the other way..

Link to comment
Share on other sites

amrita's code is incorrect... think about it...This line has an error:

mysql_query("insert into login('', '$user', '$pass')");

Link to comment
Share on other sites

arent u supposed to put what u insert, in VALUES(), and after login(...the fields ?INSERT INTO login(`user`,`pass`) VALUES('$user','$pass'); --(or however ur table looks like)

Link to comment
Share on other sites

arent u supposed to put what u insert, in VALUES(), and after login(...the fields ?INSERT INTO login(`user`,`pass`) VALUES('$user','$pass'); --(or however ur table looks like)
That works as well but it's not a syntax matter, at least not at this point. The problem is that subha rr tries to recall an hashed word that actually is not hashed, simply because was not inserted as hashed.Your own is new version of the same mistake:INSERT INTO login(`user`,`pass`) VALUES('$user','$pass')should beINSERT INTO login(`user`,`pass`) VALUES('$user',password('$pass'))
Link to comment
Share on other sites

arent u supposed to put what u insert, in VALUES(), and after login(...the fields ?INSERT INTO login(`user`,`pass`) VALUES('$user','$pass'); --(or however ur table looks like)
Sorry, now I see!Yuo're right too VALUES keyword was missing.any way $pass must inserted as password('$pass') so there are two mistakes sintax and logical.the possible solutions are two:INSERT INTO login(`user`,`pass`) VALUES('$user',password('$pass'));as wellINSERT INTO login VALUES('','$user',password('$pass')); supposing the table had three columns;regards
Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...