Jump to content
Sign in to follow this  
e4games

Login Error

Recommended Posts

Ok, so know when you register it submits the information into the database, but instead of putting it in what you typed it puts in random characters. If you go to login using the random characters that it set as your password it still doesn't let you login. Here are my register and login codes.

<?php  require_once 'db.php'; $page_mode = $_POST['page_mode']; # empty variable defaults to '' (or null) if ($page_mode === 'register') {   $username = mysql_real_escape_string(trim($_POST['username']));   $password = $_POST['password'];   if ($password !== $_POST['conf_password']) $error_string .= 'Password mismatch.<br>';   if ($error_string == '')   { 	$result = db_query("SELECT username FROM users WHERE username='$username';"); 	if (mysql_num_rows($result) > 0) $error_string .= 'The username is already registered.<br>'; 	else 	{ 	  $password = sha1($password); // hash password once 	  	  db_query("INSERT INTO users (username, password) VALUES ('$username', '$password');"); 	  header('Location: thankyou.php'); 	  exit(); 	}   } } ?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html>  <head>	<title>Register</title>	<style type="text/css">	.error_text {	  color: #FF0000;	  width: 400px;	  text-align: center;	}	.left_box {	  float: left;	  width: 150px;	  text-align: right;	  padding-right: 5px;	}	.right_box {	  clear: right;	}	</style>  </head>  <body>	<div class="error_text"><?php echo $error_string; ?></div>	<form action="register.php" method="post">	<input type="hidden" name="page_mode" value="register">	<div class="left_box">Username</div>	<div class="right_box"><input type="text" name="username" size="30" maxlength="255" value="<?php if (isset($username)) echo $username; ?>"></div>	<div class="left_box">Password</div>	<div class="right_box"><input type="password" name="password" size="30"></div>	<div class="left_box">Confirm Password</div>	<div class="right_box"><input type="password" name="conf_password" size="30"></div>	<div class="left_box"> </div>	<div class="right_box"><input type="submit" value="Register" size="30"></div>	</form>  </body></html>

Login Code

 <?php session_start(); $error_string = ''; # error_string is modified in db.php! require_once 'db.php'; $page_mode = $_POST['page_mode']; # empty variable defaults to '' (or null) if ($page_mode === 'login') {   $username = mysql_real_escape_string(trim($_POST['username']));   $password = $_POST['password'];   if ($username == '' || strlen($password) == 0) # password can be of spaces, which must not be trimmed! 	$error_string .= 'Please enter your username and password.<br>';   else   { 	$result = db_query("SELECT id, username, password FROM users WHERE username='$username';"); 	if (!($row = mysql_fetch_assoc($result))) 	  $error_string .= 'The username was not found.<br>'; 	else if ($row['password'] != sha1($password)) 	  $error_string .= 'The password did not match.<br>'; 	else 	{ 	  $_SESSION['user_id'] = $row['id']; 	  $_SESSION['user_name'] = $row['username']; 	  header('Location: /'); 	  exit(); 	}   } } ?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html>  <head>	<title>Register</title>	<style type="text/css">	.error_text {	  color: #FF0000;	  width: 400px;	  text-align: center;	}	.left_box {	  float: left;	  width: 150px;	  text-align: right;	  padding-right: 5px;	}	.right_box {	  clear: right;	}	</style>  </head>  <body>	<div class="error_text"><?php echo $error_string; ?></div>	<form action="login.php" method="post">	<input type="hidden" name="page_mode" value="login">	<div class="left_box">Username</div>	<div class="right_box"><input type="text" name="username" size="30" maxlength="255" value="<?php if (isset($username)) echo $username; ?>"></div>	<div class="left_box">Password</div>	<div class="right_box"><input type="password" name="password" size="30"></div>	<div class="left_box"> </div>	<div class="right_box"><input type="submit" value="Log In" size="30"></div>	</form>  </body></html>

Share this post


Link to post
Share on other sites

Use the plain-text password. The one in the DB is sha1 encrypted.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...