Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    New Coder
    Join Date
    Aug 2008
    Posts
    64
    Thanks
    11
    Thanked 0 Times in 0 Posts

    Help PHP login form

    This login script is pretty good but every time i log in correctly it says "invalid username and/or password" instead of "You have successfully logged in as $user!"
    here is the code

    PHP Code:
    <?php
    session_start
    ();
    include 
    "./global.php";

    echo 
    "<title>Login</title>";
    if(
    $_SESSION['uid']) {
        echo 
    "You are already logged in if you wish to log out, please <a href=\"./logout.php\">click here</a>!\n";
    } else {

        if(!
    $_POST['submit']) {
                echo 
    "<table border=\"0\" cellspacing=\"3\" cellpadding\=\"3\">\n";
                echo 
    "<form method=\"post\" action=\"./login.php\">\n";
                echo 
    "<tr><td>Username</td><td><input type=\"text\" name=\"username\"></td></tr>\n";
                echo 
    "<tr><td>Password</td><td><input type=\"password\" name=\"password\"></td></tr>\n";
                echo 
    "<tr><td colspan=\"2\" align=\"center\"<input type=\"submit\" name=\"submit\" value =\"Login\"></td></tr>\n";
                echo 
    "</form></table>\n";
            } else {
                
    $user mss($_POST['username']);
                
    $pass $_POST['password'];
                
                    if(
    $user && pass) {
                        
    $sql "SELECT id FROM `users` WHERE `username`='".$user."'";
                        
    $res mysql_query($sql) or die(mysql_error());
                        if(
    mysql_num_rows($res) > 0) {
                            
    $sql2 "SELECT id FROM `users` WHERE `username`='".$user."' AND `password`='".md5($pass)."'";
                            
    $res2 mysql_query($sql2) or die(mysql_error());
                            if(
    mysql_num_rows($res2) > 0) {
                                
    $row mysql_fetch_assoc($res2);
                                
    $_SESSION['uid'] = $row['id'];
                                
                                echo 
    "You have succsessfully logged in as " $user;
                                
                            } else {
                                echo 
    "Username and/or password are not valid!";
                            }
                        } else {
                            echo 
    "The username you supplied does not exist!";
                        }
                    } else {
                        echo 
    "Complete the form!";
                    }
            }

    }

    ?>

  • #2
    Senior Coder shyam's Avatar
    Join Date
    Jul 2005
    Posts
    1,563
    Thanks
    2
    Thanked 163 Times in 160 Posts
    Quote Originally Posted by westes View Post
    Code:
    <?php
    ...
    				if($user && pass) {
    ...
    
    ?>
    everything looks ok except perhaps the missing $ in front of pass
    You never have to change anything you got up in the middle of the night to write. -- Saul Bellow

  • Users who have thanked shyam for this post:

    westes (08-15-2008)

  • #3
    New Coder
    Join Date
    Aug 2008
    Posts
    64
    Thanks
    11
    Thanked 0 Times in 0 Posts
    Thats a mistake but that does not help
    There has to be another mistake. look at the commets
    PHP Code:
    <?php
    session_start
    ();
    include 
    "./global.php";

    echo 
    "<title>Login</title>";
    if(
    $_SESSION['uid']) {
        echo 
    "You are already logged in if you wish to log out, please <a href=\"./logout.php\">click here</a>!\n";
    } else {

        if(!
    $_POST['submit']) {
                echo 
    "<table border=\"0\" cellspacing=\"3\" cellpadding\=\"3\">\n";
                echo 
    "<form method=\"post\" action=\"./login.php\">\n";
                echo 
    "<tr><td>Username</td><td><input type=\"text\" name=\"username\"></td></tr>\n";
                echo 
    "<tr><td>Password</td><td><input type=\"password\" name=\"password\"></td></tr>\n";
                echo 
    "<tr><td colspan=\"2\" align=\"center\"<input type=\"submit\" name=\"submit\" value =\"Login\"></td></tr>\n";
                echo 
    "</form></table>\n";
            } else {
                
    $user mss($_POST['username']);
                
    $pass $_POST['password']; //mss is function from global.php which is included in the script
                
                    
    if($user && $pass) {
                        
    $sql "SELECT id FROM `users` WHERE `username`='".$user."'";
                        
    $res mysql_query($sql) or die(mysql_error());
                        if(
    mysql_num_rows($res) > 0) {
                            
    $sql2 "SELECT id FROM `users` WHERE `username`='".$user."' AND `password`='".md5($pass)."'";
                            
    $res2 mysql_query($sql2) or die(mysql_error());
                            if(
    mysql_num_rows($res2) > 0) {
                                
    $row mysql_fetch_assoc($res2);
                                
    $_SESSION['uid'] = $row['id'];
                                
                                echo 
    "You have succsessfully logged in as " $user;
                                
                            } else {
                                echo 
    "Username and/or password are not valid!"//Im getting this instead of the echo above!
                            
    }
                        } else {
                            echo 
    "The username you supplied does not exist!";
                        }
                    } else {
                        echo 
    "Complete the form!";
                    }
            }

    }

    ?>

  • #4
    Regular Coder
    Join Date
    Jul 2010
    Location
    Sheffield
    Posts
    827
    Thanks
    93
    Thanked 18 Times in 18 Posts
    Should the function 'mss' not be on the password variable not the username?

  • #5
    Banned
    Join Date
    Feb 2011
    Posts
    2,699
    Thanks
    13
    Thanked 395 Times in 395 Posts
    Quote Originally Posted by westes View Post
    This login script is pretty good.....
    If it's pretty good then how come it's not working?

    Some Basic Debugging 101 should help you find the problem pretty quickly.
    Last edited by bullant; 07-13-2011 at 11:21 AM.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •