Password's not working in Log in screen

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Jim Graziano
Forum Newbie
Posts: 1
Joined: Tue Aug 11, 2009 2:29 pm

Password's not working in Log in screen

Post by Jim Graziano »

I am having a problem with my password fields matching. Everything is installing into the database. Usernames are working great but I get an error when I put the password in the login screen. I’m not sure if anyone can tell from my code what the problem is, but any help would be appreciated. I get the incorrect password please try again error when I click login. I’m not sure how much code you all need to see. Thanks again

Code: Select all

<?php 
// Connects to your Database 
mysql_connect("my.sql.com", "me", "pass") or die(mysql_error()); 
mysql_select_db("database") or die(mysql_error()); 
 
//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))
 
//if there is, it logs you in and directes you to the members page
{ 
$username = $_COOKIE['ID_my_site']; 
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check )) 
{
if ($pass != $info['password']) 
{
}
else
{
header("Location: members.php");
 
}
}
}
 
//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted
 
// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database
 
if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());
 
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check )) 
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);
 
//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
 
else 
{ 
 
// if login is ok then we add a cookie 
$_POST['username'] = stripslashes($_POST['username']); 
$hour = time() + 3600; 
setcookie(ID_my_site, $_POST['username'], $hour); 
setcookie(Key_my_site, $_POST['pass'], $hour); 
 
//then redirect them to the members area 
header("Location: member.php"); 
} 
} 
} 
else 
{ 
 
// if they are not logged in 
?> 
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> 
<table border="0"> 
<tr><td colspan="2"><h1>Login</h1></td></tr> 
<tr><td>Username:</td><td> 
<input type="text" name="username" maxlength="40"/> 
</td></tr> 
<tr><td>Password:</td><td> 
<input type="password" name="pass" maxlength="50"/> 
</td></tr> 
<tr><td colspan="2" align="right"> 
<input type="submit" name="submit" value="Login"/> 
</td></tr> 
</table> 
</form> 
<?php 
} 
 
?> 
 
mars_rahul
Forum Newbie
Posts: 12
Joined: Thu Aug 06, 2009 12:22 am

You Made Small Mistake while Writing -->$info['Password']. C

Post by mars_rahul »

Please Try This, I am Sure This will work and if not be sure that you are using the MD5(); for password in Mysql. I check and tested.
And Try to user var_dump();. It is good another debugging tool to check particular value.

<?php
// Connects to your Database
mysql_connect("my.sql.com", "me", "pass") or die(mysql_error());
mysql_select_db("database") or die(mysql_error());

//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))

//if there is, it logs you in and directes you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
}
else
{
header("Location: members.php");

}
}
}

//if the login form is submitted
if (isset($_POST['submit']))
{
// if form has been submitted
// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass'])
{
die('You did not fill in a required field.');
}
// checks it against the database
if (!get_magic_quotes_gpc())
{
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());


//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0)
{
die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>');
}

while($info = mysql_fetch_array( $check ))
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['Password'] = stripslashes($info['Password']);
$_POST['pass'] = md5($_POST['pass']);
//gives error if the password is wrong
if ($_POST['pass'] != $info['Password'])
{
die('Incorrect password, please try again.');
}
else
{
// if login is ok then we add a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['username'], $hour);
setcookie(Key_my_site, $_POST['pass'], $hour);
//then redirect them to the members area
header("Location: member.php");
}
}
}
else
{

// if they are not logged in
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan="2"><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="40"/>
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50"/>
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login"/>
</td></tr>
</table>
</form>
<?php
}

?>
Post Reply