Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6
  1. #1
    New Coder
    Join Date
    Apr 2008
    Posts
    46
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Login by mysql user and password

    I can't make it work.
    The table users has email and password fields.
    Please help me.

    Code:
    <?php
    // we must never forget to start the session
    session_start();
    $errorMessage = '';
    
    
    function dbConnect()
    {
    	global $mysql_host, $mysql_user, $mysql_pass, $mysql_db;
    	@mysql_connect(localhost, root, root) or error( mysql_error() );
    	mysql_select_db(database);
    //sets encoding to utf8
    mysql_query("SET NAMES utf8");
    }
          ob_start();
    dbConnect();
    $query="SELECT * FROM users WHERE email='$txtUserId' && password='$txtPassword'";
    $result=mysql_query($query);
    $num=mysql_num_rows($result);
    if ($num==1) {
    // the user id and password match, 
    // set the session
    $_SESSION['basic_is_logged_in'] = true;
    
    // after login we move to the main page
    header('Location: b-main.php');
    ob_end_flush();
    exit;
    } else {
    $errorMessage = 'Sorry, wrong user id / password';
    }
    
    ?>
    
    
    <html>
    <head>
    <title>Basic Login</title>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    </head>
    <body>
    <?php
    if ($errorMessage != '') {
    ?>
    <p align="center"><strong><font color="#990000"><?php echo $errorMessage; ?></font></strong></p>
    <?php
    }
    ?> 
    <form method="post" name="frmLogin" id="frmLogin">
    <table width="400" border="1" align="center" cellpadding="2" cellspacing="2">
    <tr>
    <td width="150">User Id</td>
    <td><input name="txtUserId" type="text" id="txtUserId"></td>
    </tr>
    <tr>
    <td width="150">Password</td>
    <td><input name="txtPassword" type="password" id="txtPassword"></td>
    </tr>
    <tr>
    <td width="150">&nbsp;</td>
    <td><input type="submit" name="btnLogin" value="Login"></td>
    </tr>
    </table>
    </form>
    </body>
    </html>

  • #2
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,531
    Thanks
    8
    Thanked 1,091 Times in 1,082 Posts
    There could be a number of problems here.

    The first is that I don't see any $_POST used to get the variables
    from your form. This is probably because your script is really old
    and these days, "register_globals" is normally disabled. So the
    values from the form are never getting read by the script.

    Not being able to test it myself, try this and see what happens:
    PHP Code:
    <?php
    // we must never forget to start the session
    session_start();
    $errorMessage '';

    // Get form variables via POST method and sanitize any variables used in a query ...
    $txtUserId mysql_real_escape_string($_POST['txtUserID']);
    $txtPassword mysql_real_escape_string($_POST['txtPassword']);

    function 
    dbConnect()
    {
        global 
    $mysql_host$mysql_user$mysql_pass$mysql_db;
        @
    mysql_connect(localhostrootroot) or errormysql_error() );
        
    mysql_select_db(database);
    //sets encoding to utf8
    mysql_query("SET NAMES utf8");
    }
          
    ob_start();
    dbConnect();
    $query="SELECT * FROM users WHERE email='$txtUserId' && password='$txtPassword'";
    $result=mysql_query($query);
    $num=mysql_num_rows($result);
    if (
    $num==1) {
    // the user id and password match, 
    // set the session
    $_SESSION['basic_is_logged_in'] = true;

    // after login we move to the main page
    header('Location: b-main.php');
    ob_end_flush();
    exit;
    } else {
    $errorMessage 'Sorry, wrong user id / password';
    }

    ?>


    <html>
    <head>
    <title>Basic Login</title>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    </head>
    <body>
    <?php
    if ($errorMessage != '') {
    ?>
    <p align="center"><strong><font color="#990000"><?php echo $errorMessage?></font></strong></p>
    <?php
    }
    ?> 
    <form method="post" name="frmLogin" id="frmLogin">
    <table width="400" border="1" align="center" cellpadding="2" cellspacing="2">
    <tr>
    <td width="150">User Id</td>
    <td><input name="txtUserId" type="text" id="txtUserId"></td>
    </tr>
    <tr>
    <td width="150">Password</td>
    <td><input name="txtPassword" type="password" id="txtPassword"></td>
    </tr>
    <tr>
    <td width="150">&nbsp;</td>
    <td><input type="submit" name="btnLogin" value="Login"></td>
    </tr>
    </table>
    </form>
    </body>
    </html>

  • #3
    New Coder
    Join Date
    Apr 2008
    Posts
    46
    Thanks
    1
    Thanked 0 Times in 0 Posts
    I added the $_POST.
    still not working.

    Code:
    <?php
    // we must never forget to start the session
    session_start();
    $errorMessage = '';
    
    
    function dbConnect()
    {
    	global $mysql_host, $mysql_user, $mysql_pass, $mysql_db;
    	@mysql_connect( $mysql_host, $mysql_user, $mysql_pass ) or error( mysql_error() );
    	mysql_select_db( $mysql_db );
    //sets encoding to utf8
    mysql_query("SET NAMES utf8");
    }
             ob_start();
    require('paramlinks.inc.php');
    dbConnect();
    $txtUserId=$_POST['txtUserId'];
    $txtPassword=$_POST['txtPassword'];
    $query="SELECT * FROM users WHERE email='txtUserId' && password='$txtPassword'";
    $result=mysql_query($query);
    $num=mysql_num_rows($result);
    $email=$row[email];
    $password=$row[password];
    if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) {
    // check if the user id and password combination is correct
    if ($_POST['txtUserId'] === '$email' && $_POST['txtPassword'] === '$password') {
     ob_start();
    $_SESSION['basic_is_logged_in'] = true;
    
    // after login we move to the main page
    header('Location: b-main.php');
    ob_end_flush();
    exit;
    } else {
    $errorMessage = 'Sorry, wrong user id / password';
    }
      }
    ?>
    
    
    <html>
    <head>
    <title>Basic Login</title>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    </head>
    <body>
    <?php
    if ($errorMessage != '') {
    ?>
    <p align="center"><strong><font color="#990000"><?php echo $errorMessage; ?></font></strong></p>
    <?php
    }
    ?> 
    <form method="post" name="frmLogin" id="frmLogin">
    <table width="400" border="1" align="center" cellpadding="2" cellspacing="2">
    <tr>
    <td width="150">User Id</td>
    <td><input name="txtUserId" type="text" id="txtUserId"></td>
    </tr>
    <tr>
    <td width="150">Password</td>
    <td><input name="txtPassword" type="password" id="txtPassword"></td>
    </tr>
    <tr>
    <td width="150">&nbsp;</td>
    <td><input type="submit" name="btnLogin" value="Login"></td>
    </tr>
    </table>
    </form>
    </body>
    </html>

  • #4
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,531
    Thanks
    8
    Thanked 1,091 Times in 1,082 Posts
    Start troubleshooting by inserting an echo into various parts.

    Example, after this line,
    $num=mysql_num_rows($result);

    Insert an echo and halt the program:

    $num=mysql_num_rows($result);
    echo "Number of finds: $num";
    exit;


    It will tell you what the value is, and stop the program at that place.
    If $num = 0, then you didn't find any user/pass

    Keep doing that in various places, using different variables.
    You'll eventually see where the program is not working.

  • #5
    New Coder
    Join Date
    Apr 2008
    Posts
    46
    Thanks
    1
    Thanked 0 Times in 0 Posts
    still can't get in.

  • #6
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,531
    Thanks
    8
    Thanked 1,091 Times in 1,082 Posts
    When you put this into your code, what was the result?

    echo "Number of finds: $num";
    exit;

    Did $num = 1 or 0 ?


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •