Problem with login script

Discussion in 'Scripts, 3rd Party Apps, and Programming' started by accoun80, Jul 15, 2012.

  1. accoun80

    accoun80 New Member

    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    1
    I'm trying to set up a simple login system. Every time, I enter the correct credentials it tells me that they're wrong. What can I do to fix it?
    This is the full code:
    of the login form:
    PHP:
    <html>
     <
    head>
      <
    title>Login Test</title>
     </
    head>
     <
    body>
      <
    h2>Login Test</h2>
      <
    form method="post"  action="login_test/login.php">
      <
    p>Username: <input type="text" name="Username"/></p>
      <
    p>Password: <input type="password" name="Password"/></p
      <
    p><input type="submit" value="Login" /></p>
      </
    form>
     </
    body>
    </
    html>   
    ;
    of login_test/login.php:
    PHP:
    <?php

     ob_start
    ();
     
    $host="localhost"
    $username=""// Mysql username 
    $password=""// Mysql password 
    $db_name=""// Database name 
    $tbl_name=""// Table name 


    // Connect to server and select databse.
     
    mysql_connect("$host""$username""$password")or die("cannot connect"); 
     
    mysql_select_db("$db_name")or die("cannot select DB");


    // Define $myusername and $mypassword 
     
    $myusername=$_POST['myusername']; 
     
    $mypassword=$_POST['mypassword']; 


    // To protect MySQL injection (more detail about MySQL injection)
     
    $myusername stripslashes($myusername);
     
    $mypassword stripslashes($mypassword);
     
    $myusername mysql_real_escape_string($myusername);
     
    $mypassword mysql_real_escape_string($mypassword);

    $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
     
    $result=mysql_query($sql);


    // Mysql_num_row is counting table row
     
    $count=mysql_num_rows($result);

    // If result matched $myusername and $mypassword, table row must be 1 row

    if($count==1){

    // Register $myusername, $mypassword and redirect to file "login_success.php"
     
    session_register("myusername");
     
    session_register("mypassword"); 
     
    header("location:status.php");
     }
     else {
     echo 
    "Wrong Username or Password";
     }

    ob_end_flush();
     
    ?>
    .
    Please help would be greatly appreciated.
     
  2. mraz

    mraz New Member

    Messages:
    95
    Likes Received:
    3
    Trophy Points:
    0
    i think your mistake is linking the submitted data on the form does not match with the validation script.

    try changing like below so that it matches with your validation script.

    My PHP is kinda rusty anyways so i'm here to learn as well..

    PHP:
      <p>Username: <input type="text" name="myusername" id="myusername"/></p>
      <
    p>Password: <input type="password" name="mypassword" id="mypassword"/></p>

    PHP:
    // Define $myusername and $mypassword 
     
    $myusername=$_POST['myusername']; 
     
    $mypassword=$_POST['mypassword'];
     
  3. misson

    misson Community Paragon Community Support

    Messages:
    2,572
    Likes Received:
    72
    Trophy Points:
    48
  4. accoun80

    accoun80 New Member

    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    1
    Can someone give me a link for a tutorial that works. please? I have been trying different ones for ages now and not one has worked.
     
  5. essellar

    essellar Community Advocate Community Support

    Messages:
    3,295
    Likes Received:
    227
    Trophy Points:
    63
    Did you read the links misson posted? If you follow the one titled "Creating User Accounts", you'll find a link to a decent registration/login script at Github by callumacrae. Apart from the fact that it emails passwords in clear text to the user (never do that; email is too vulnerable), it's not at all bad from either a security or a code-quality standpoint. The whys and wherefores are in a couple of big long postings in that thread and in "Problem with encrypting passwords".
     
  6. misson

    misson Community Paragon Community Support

    Messages:
    2,572
    Likes Received:
    72
    Trophy Points:
    48
    About the only thing I have to add is that if you're planning on writing a login or account system for your site, stop. The only reason to write your own is for self-education, and whatever results shouldn't be used on a production site. Systems already exist that will be more secure than whatever you come up with. SSO (single sign-on) looks promising. Better still would be to use something like OpenID.
     
    Last edited: Jul 17, 2012
  7. accoun80

    accoun80 New Member

    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    1
    I need a login system where people don't register. It will work like a network only people with login and password will be able to see it. Please someone help.
     

Share This Page