Jump to content

One last error, hopefully this is it


Recommended Posts

For some reason, it always says that the password is incorrect. I have looked at everything, so I'm hoping that someone can help me <? //This function will find and checks if your data is correct //Collect your info from login form $username = $_REQUEST['username']; $password = $_REQUEST['password']; //Connecting to database $connect = mysql_connect("myhost", "myuser", "mypass"); if(!$connect){ die(mysql_error()); } //Selecting database $select_db = mysql_select_db("mydatabase", $connect); if(!$select_db){ die(mysql_error()); } //Find if entered data is correct $result = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'"); $row = mysql_fetch_array($result); $id = $row['id']; $select_user = mysql_query("SELECT * FROM users WHERE id='$id'"); $row2 = mysql_fetch_array($select_user); $user = $row2['username']; if($username != $user){ die("Username is wrong!"); } $pass_check = mysql_query("SELECT * FROM users WHERE username='$username' AND id='$id'"); $row3 = mysql_fetch_array($pass_check); $email = $row3['email']; $select_pass = mysql_query("SELECT * FROM users WHERE username='$username' AND id='$id' AND email='$email'"); $row4 = mysql_fetch_array($select_pass); $real_password = $row4['password']; if($password != $real_password){ die("Your password is wrong!"); } //Now if everything is correct let's finish his/her/its login session_register("username", $username); session_register("password", $password); echo "Welcome, ".$username." please continue on our <a href=index.php>Index</a>"; ?>

Link to post
Share on other sites
<?PHP@session_start();//This function will find and checks if your data is correct//Collect your info from login form if (isset($_REQUEST['logout']))unset($_SESSION["username"]);//Show Logout Buttonif (isset($_SESSION["username"]))echo '<form method="post" name="logoutform" action=""> Username: '.$_SESSION["username"].' <input  value="logout" name="logout" type="submit"><br></form>';//Show Login Formelseif (!(isset($_POST['username'])&&isset($_POST['password']))){echo '<b>Login Form</b><br/><form method="post" name="loginform" action="">  User Name:<input  name="username"><br>   User Password:<input name="password" type="password"><br><input  value="Login" name="submit" type="submit"><br></form>';}else{		 $username = $_POST['username'];		 $password = $_POST['password'];		 //Connecting to database		  $connect = mysql_connect("myhost", "myuser", "mypass");		  		 if(!$connect){		 die(mysql_error());		 }		 //Selecting database		 $select_db = mysql_select_db("mydatabase", $connect);		 if(!$select_db){		 die(mysql_error());		 } 		 //check username		 $result = mysql_query("SELECT * FROM users WHERE username='$username'");		 $row = mysql_fetch_array($result);		 $user = $row['username'];		 if($username != $user){		  die('Username is wrong! <br/><a href="">Try again</a>');		 }		 else		 $select_pass = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'");		 while($row4 = mysql_fetch_array($select_pass))		 {		  $_SESSION["username"] = $_POST["username"];		 } 		 if (isset($_SESSION["username"] ))		 echo 'Welcome, '.$_SESSION["username"].' please continue on our <a href="index.php">Index</a>';		 else		 die('Your password is wrong! <br/><a href="">Try again</a>');			   }?>

Edited by kanchatchai
Link to post
Share on other sites

Why are you sending 4 database queries to check a username and password? When they enter their username and password you send 1 query to get the entire record for that username. Not the username plus the password, or the username plus an ID, or the username plus an ID and an email, just the username. Look up the record with the username that they typed in. If it doesn't exist, show an error that the username wasn't found. Otherwise, compare the password they entered with the password in the database record you got. If that doesn't match, show an error that the password is wrong. Or else, set your session variables and do whatever else. There's an example of that kind of thing here: http://w3schools.invisionzone.com/index.php?showtopic=12509

  • Like 1
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...