MD5 Login

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
brmcdani44
Forum Commoner
Posts: 26
Joined: Fri Oct 08, 2010 3:52 pm

MD5 Login

Post by brmcdani44 »

I have developed a login system that utilizes md5 password protection before but for some reason I am having trouble getting this one to check out. I may be having a bad day of coding or something I don't know!

Anyways here is some code I would like to get someone to take a second look at. Thanks in advance!

Code: Select all

<?php
session_start();
include('dbconn.php');
// User is already logged in, they don't need to se this page.
if(isset($_SESSION['username'])){
header("Location:index.php");
exit();
}
if(isset($_POST['login'])){
$email = $_POST['email'];
$password = $_POST['password'];
//check that the user is calling the page from the login form and not accessing it directly
//and redirect back to the login form if necessary
if (!isset($username) || !isset($password)){
header("Location:login.php");
}
//check that the form fields are not empty, and redirect back to the login page if they are
elseif (empty($username) || empty($password)){
header("Location:login.php");
}else{
$user=mysql_real_escape_string($_POST['email']);
$pass=mysql_real_escape_string(md5($_POST['password']));
$sql = "SELECT * FROM users WHERE email='$user' AND password='$pass'";
$result = mysql_query($sql);
//check that at least one row was returned
$rowCheck = mysql_num_rows($result);
if($rowCheck > 0){
while($row = mysql_fetch_array($result)){
//start the session and register a variable
session_start();
session_register('username');
//successful login code will go here...
header( "Location: index.php");
exit();
}
}else{
//if nothing is returned by the query, unsuccessful login code goes here...
$error = '<div class="error_message">Incorrect username or password. Please try again.</div>';
}
}
}
include('header.php');
?>
<h3>Login2</h3>
<?php echo $error;?>
<form method="POST" action="">
<label>Email</label><input type="text" name="email" size="20">
<br />
<label>Password</label><input type="password" name="password" size="20">
<br />
<input type="submit" value="Submit" name="login">
</form>
<?php include('footer.php');?>
Last edited by brmcdani44 on Wed Nov 24, 2010 1:58 pm, edited 1 time in total.
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Re: MD5 Login

Post by pickle »

What in particular isn't working? Some code indentation would really make it more clear. Also, don't use addslashes() on the username, user mysql_real_escape_string().
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
brmcdani44
Forum Commoner
Posts: 26
Joined: Fri Oct 08, 2010 3:52 pm

Re: MD5 Login

Post by brmcdani44 »

It will just not allow the user to login and it throws my custom error message. The password is inserted into the database in md5 format.
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Re: MD5 Login

Post by pickle »

Throw in some echo statements & see where exactly it's failing.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
Post Reply