Keep getting invalid login when i try to login

codercorey · 08-02-2012, 01:15 AM

any help on why its not letting log in would be appreciated, thanks

PHP Code:


			
<?php

// get login values & hash the password

$username = ($_POST['username']);

$password =  sha1($_POST['password']);



//  connect to the database

$conn = mysqli_connect('','', '', '') or die('connection error');



// write a sql query

$sql ="SELECT id FROM admins WHERE username = '$username' AND password = '$password'";

echo $sql;

// execute the sql and store the query result

$result = mysqli_query($conn, $sql);

// count the number of rows in the database 

$count = mysqli_num_rows($result);

echo $count;

// check the count to see the amount of matches 



if($count == 1)

{



    echo 'logged in successfully';

    // get first record from query

    $row = mysqli_fetch_array($result);



    // store the id in the session object

    session_start(); 

    $_SESSION['user_id'] = $row['id']; 



}

else

{

    echo 'Invalid Login'; 

    

}



mysqli_close($conn);



?>

BoganBum · 08-02-2012, 01:58 AM

Try removing the () like

$username = $_POST['username'];

AndrewGSW · 08-02-2012, 02:00 AM

PHP Code:


			
session_start();

the above statement must occur before any echo's/output, so place it as the first line.

PHP Code:


			
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);

or MYSQLI_BOTH, MYSQLI_NUM.

Arcticwarrio · 08-02-2012, 10:43 AM

after removing the brackets that bogan suggests
try this as your query:

HAVING instead of AND

PHP Code:


			
$sql ="SELECT id FROM admins WHERE username = '".$username."' HAVING password = '".$password."'";