Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    Regular Coder
    Join Date
    Mar 2006
    Posts
    459
    Thanks
    3
    Thanked 0 Times in 0 Posts

    Can't Connect Username/Password Error

    Hi all,

    I went through a tutorial on how to connect to the MySQL db using PHP, and I have made a login.php page, but it keeps saying 'wrong username/password' any ideas? I thought the obvious thing would be that I didin't change fields that were relative to MY database, but I think I have. Maybe there is a coding error one of you can see?

    Code:
    <?php
    // we must never forget to start the session
    session_start();
    
    $errorMessage = '';
    if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) {
    	include 'library/configure.php';
    	include 'library/open.php';
    	
    	$userId   = $_POST['txtUserId'];
    	$password = $_POST['txtPassword'];
    	
    	// check if the user id and password combination exist in database
    	$sql = "SELECT username 
    	        FROM tbladmin
    			WHERE username = '$userId' AND password = PASSWORD('$password')";
    	
    	$result = mysql_query($sql) or die('Query failed. ' . mysql_error()); 
    	
    	if (mysql_num_rows($result) == 1) {
    		// the user id and password match, 
    		// set the session
    		$_SESSION['db_is_logged_in'] = true;
    		
    		// after login we move to the main page
    		header('Location: main.php');
    		exit;
    	} else {
    		$errorMessage = 'Sorry, wrong user id / password';
    	}
    	
    	include 'library/closedb.php';
    }
    ?>
    <html>
    <head>
    <title>Basic Login</title>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    </head>
    
    <body>
    <?php
    if ($errorMessage != '') {
    ?>
    <p align="center"><strong><font color="#990000"><?php echo $errorMessage; ?></font></strong></p>
    <?php
    }
    ?>
    <form action="" method="post" name="frmLogin" id="frmLogin">
     <table width="400" border="1" align="center" cellpadding="2" cellspacing="2">
      <tr>
       <td width="150">User Id</td>
       <td><input name="txtUserId" type="text" id="txtUserId"></td>
      </tr>
      <tr>
       <td width="150">Password</td>
       <td><input name="txtPassword" type="password" id="txtPassword"></td>
      </tr>
      <tr>
       <td width="150">&nbsp;</td>
       <td><input name="btnLogin" type="submit" id="btnLogin" value="Login"></td>
      </tr>
     </table>
    </form>
    </body>
    </html>

  • #2
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,979
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    Assuming the error is your own output there (not a mysql generated one), then you are connected just fine.
    Could be this:
    PASSWORD('$password')
    Unfortunatly (someone will have to confirm the version) but I believe it was version 4.5~ish of mysql they changed the value of the password encryption.
    Try storing your values using the OLD_PASSWORD() mysql function. The old password retains the 16 byte encryption, while the new is 41. Oh, I just checked as well, it was mysql version 4.1.3 that the password was changed in.

    If this is the case, you can get around the encryption using php 5 with the mysqli functions. Otherwise, use the OLD_PASSWORD() method.

    Hope this solves it for you!
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • #3
    Regular Coder
    Join Date
    Mar 2006
    Posts
    459
    Thanks
    3
    Thanked 0 Times in 0 Posts
    It's wierd I made myself an admin user, and I could login no problems... In phpMyAdmin I can see my username and password. Above me is the SUPERUSER which I am trying to login with. There password is encrypted however... I found an old file which works but I don't want to use it, I want to use the new file I created, maybe I need to add something from here to my new file? Any ideas?
    Code:
    // EXTRACT USERNAME AND PASSWORD
    isset($_POST['username']) ? $strLoginName = addslashes($_POST['username']) : ($strLoginName = "");
    isset($_POST['password']) ? $strPassword = scramble(addslashes($_POST['password'])) : ($strPassword = "");
    Code:
    // SEE IF THEY EXIST IN DATABASE
    	$query = "select * from tbladministrators where username='" . $strLoginName . "' AND password='" . $strPassword . "'";
    	$query = $query . " AND dateremoved = '0000-00-00'";
    	$rs = mysql_query($query);
    	
    	if(!$rs)
    	{
    		mysql_close($dbConnection);
    		die("Failed to extract member information" . mysql_error());
    		exit();
    	}	
    	
    	if(mysql_num_rows($rs) == 0)
    	{
    		//the user cannot be found - close the database connection and redirect
    		mysql_close($dbConnection);
    		header("location:error.php?error=adminloginfailure");
    		exit();
    	}
    	
    	else
    	{
    		//the user can be found.  Authenticate and redirect
    		$_SESSION['administratorLoggedIn'] = true;
    		$_SESSION['superuser'] = mysql_result($rs,0,"superuser");
    		closeDatabase($rs, $dbConnection);
    		header("location:index.php"); 		
    	}
    }
    ?>


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •