Problem with login script

accoun80

New Member
Messages
24
Reaction score
0
Points
1
I'm trying to set up a simple login system. Every time, I enter the correct credentials it tells me that they're wrong. What can I do to fix it?
This is the full code:
of the login form:
PHP:
<html>
 <head>
  <title>Login Test</title>
 </head>
 <body>
  <h2>Login Test</h2>
  <form method="post"  action="login_test/login.php">
  <p>Username: <input type="text" name="Username"/></p>
  <p>Password: <input type="password" name="Password"/></p> 
  <p><input type="submit" value="Login" /></p>
  </form>
 </body>
</html>
;
of login_test/login.php:
PHP:
<?php

 ob_start();
 $host="localhost"; 
$username=""; // Mysql username 
$password=""; // Mysql password 
$db_name=""; // Database name 
$tbl_name=""; // Table name 


// Connect to server and select databse.
 mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
 mysql_select_db("$db_name")or die("cannot select DB");


// Define $myusername and $mypassword 
 $myusername=$_POST['myusername']; 
 $mypassword=$_POST['mypassword']; 


// To protect MySQL injection (more detail about MySQL injection)
 $myusername = stripslashes($myusername);
 $mypassword = stripslashes($mypassword);
 $myusername = mysql_real_escape_string($myusername);
 $mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
 $result=mysql_query($sql);


// Mysql_num_row is counting table row
 $count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"
 session_register("myusername");
 session_register("mypassword"); 
 header("location:status.php");
 }
 else {
 echo "Wrong Username or Password";
 }

ob_end_flush();
 ?>
.
Please help would be greatly appreciated.
 

mraz

New Member
Messages
95
Reaction score
3
Points
0
i think your mistake is linking the submitted data on the form does not match with the validation script.

try changing like below so that it matches with your validation script.

My PHP is kinda rusty anyways so i'm here to learn as well..

PHP:
  <p>Username: <input type="text" name="myusername" id="myusername"/></p>
  <p>Password: <input type="password" name="mypassword" id="mypassword"/></p>


PHP:
// Define $myusername and $mypassword 
 $myusername=$_POST['myusername']; 
 $mypassword=$_POST['mypassword'];
 

accoun80

New Member
Messages
24
Reaction score
0
Points
1
Can someone give me a link for a tutorial that works. please? I have been trying different ones for ages now and not one has worked.
 

essellar

Community Advocate
Community Support
Messages
3,295
Reaction score
227
Points
63
Did you read the links misson posted? If you follow the one titled "Creating User Accounts", you'll find a link to a decent registration/login script at Github by callumacrae. Apart from the fact that it emails passwords in clear text to the user (never do that; email is too vulnerable), it's not at all bad from either a security or a code-quality standpoint. The whys and wherefores are in a couple of big long postings in that thread and in "Problem with encrypting passwords".
 

misson

Community Paragon
Community Support
Messages
2,572
Reaction score
72
Points
48
About the only thing I have to add is that if you're planning on writing a login or account system for your site, stop. The only reason to write your own is for self-education, and whatever results shouldn't be used on a production site. Systems already exist that will be more secure than whatever you come up with. SSO (single sign-on) looks promising. Better still would be to use something like OpenID.
 
Last edited:

accoun80

New Member
Messages
24
Reaction score
0
Points
1
About the only thing I have to add is that if you're planning on writing a login or account system for your site, stop. The only reason to write your own is for self-education, and whatever results shouldn't be used on a production site. Systems already exist that will be more secure than whatever you come up with. SSO (single sign-on) looks promising. Better still would be to use something like OpenID.

I need a login system where people don't register. It will work like a network only people with login and password will be able to see it. Please someone help.
 
Top