Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    Regular Coder
    Join Date
    Aug 2004
    Posts
    111
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Problem with login info verify

    I use the following code to check the users entered against the database
    PHP Code:
        $v mysql_query("SELECT * FROM user WHERE username='" $_POST['username'] . "' AND password=md5('" $_POST['password'] . "') AND valid='1'");

        if(
    mysql_num_rows($v) == 1){
            while(
    $row mysql_fetch_assoc($v)){
                
    $_SESSION['loged'] = true;
                
    $_SESSION['id'] = $row['id'];
                
    $_SESSION['user'] = $row['username'];
                
    $_SESSION['email'] = $row['email'];

                if(
    $row['lev'] == 1){
                    
    $_SESSION['admin'] = true;
                }
                if(
    $_POST['remem'] == yes){
                    
    $passw md5($_POST['password']);
                    
    setcookie("biz_id",$row['id'], time()+60*60*24*30"/"".bizarroproductions.com");
                    
    setcookie("biz_username",  $row['username'], time()+60*60*24*30"/"".bizarroproductions.com");
                    
    setcookie("biz_password"$passwtime()+60*60*24*30"/"".bizarroproductions.com");
                    
    setcookie("biz_email"$row['email'], time()+60*60*24*30"/"".bizarroproductions.com");
                        if(
    $row['lev'] == 1){
                            
    setcookie("biz_admin"truetime()+60*60*24*30"/"".bizarroproductions.com");
                        }
                }
            }
        }else{
            echo 
    "<strong>Login Failed</strong><br /> Please try again, or check your email to make sure you have validated your account";
        } 
    but it always goes to the else statement and says that It failed but I know the username and password are sent and correct and I know that they exist in the database. Does anyone see anything wrong with my query or if I have misplaced any code because Ive looked over this a lot and have seen nothing wrong.
    Any help is appreciated, Thanks

  • #2
    Regular Coder
    Join Date
    Dec 2004
    Posts
    202
    Thanks
    0
    Thanked 0 Times in 0 Posts
    try this for the first line
    PHP Code:
    $v mysql_query("SELECT * FROM user WHERE username = '$_POST['username']' AND password = md5($_POST['password']) AND valid='1'"); 
    or you can do something like this
    PHP Code:
    $sql "SELECT * FROM user WHERE username = '$_POST['username']' AND password = md5('$_POST['password']') AND valid = '1'");
    $v mysql_query($sql); 

  • #3
    New to the CF scene
    Join Date
    Jun 2005
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I see you're passing your 'verified' value as a string:

    PHP Code:
     $v mysql_query("SELECT * FROM user WHERE username='" $_POST['username'] . "' AND password=md5('" $_POST['password'] . "') AND valid='1'"); 
    I've found if a column is an 'int' column and you pass it a string value, it will not work. You might want to try this sql statement instead (note no single quotes around the 1):

    PHP Code:
     $v mysql_query("SELECT * FROM user WHERE username='" $_POST['username'] . "' AND password=md5('" $_POST['password'] . "') AND valid=1"); 
    Hope this helps!
    Last edited by goaltender; 06-13-2005 at 02:51 AM. Reason: speelling errror
    // km
    If you don't believe that ninjas have REAL Ultimate Power you better get a life right now or they will chop your head off!!! It's an easy choice, if you ask me.

  • #4
    Regular Coder
    Join Date
    Aug 2004
    Posts
    111
    Thanks
    0
    Thanked 0 Times in 0 Posts
    turns out it wasnt the query that was wrong but my password hash from the registration that was stored in the database was different than the login one that was being checked against it and it all went back to my registration script where hashed a blank variable
    all is well, thanks for the help


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •