...
PDA

error with login auth

urgido
11-03-2006, 09:51 AM
I have the next code:

$link = mysql_connect('localhost', 'myusername', 'mypass' );
mysql_select_db('mydb') or die("check your info.");

$_POST['username'] = $username;
$_POST['password'] = $password;
$password = md5($password);

$consult= "SELECT * FROM users WHERE password='$password' AND username='$username'";

$result= mysql_query($consult,$link);
echo mysql_error();


// Check auth
if($username=$row['username'] && $password=$row['password']){
echo "all success";
}else{
echo "login failed";
}


For some reasons my code don't work! :( Can somebody fix this? my password are encrypted(md5). Regards
ess
11-03-2006, 11:35 AM
First of all...please correct the following statements

from

$_POST['username'] = $username;
$_POST['password'] = $password;


to

$username = $_POST['username'];
$password = $_POST['password'] ;


Second...if you haven't stored user's passwords in the database encrypted in md5...it won't work.

So...I would advise to you get the script working without using md5 first...

once you have...go back and implement md5 in your script.

Good luck

:thumbsup:
urgido
11-03-2006, 08:08 PM
implementation for md5 is made. check the footer of my message ;)

I made the changes that you say me and the problem is same.

Regards ;)
dumpfi
11-03-2006, 10:32 PM
Use mysql_fetch_assoc.

dumpfi
urgido
11-03-2006, 10:49 PM
I put the following code:


while ($fila = mysql_fetch_assoc($result)) {
//nothing
}

How I can compare the values to know if there are correct. I you remember that the username and password must coincide to be able to go to cp.php of another way errorcp.php
?

Regards
Brandoe85
11-04-2006, 04:01 AM
You could use mysql_num_rows():

$link = mysql_connect('localhost', 'myusername', 'mypass' );
mysql_select_db('mydb') or die("check your info.");

$_POST['username'] = $username;
$_POST['password'] = $password;
$password = md5($password);

$consult= "SELECT * FROM users WHERE password='$password' AND username='$username'";

$result= mysql_query($consult,$link);

if(mysql_num_rows($result) > 0)
{
// good login...do whatever
}
else
{
// login failed.
}


Ref:
http://us2.php.net/mysql_num_rows
urgido
11-04-2006, 04:06 AM
Brandoe85 THANKKKKKKKKKKKKKKKKKKKKKKKKKK YOU.

BEST REGARDS!
Brandoe85
11-04-2006, 04:11 AM
Woops, I didn't put in the other fixes for the tranposed variable names but you get the idea. Good luck :)

EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum