i dont know
Posted: Thu Feb 23, 2012 10:21 am
hello, i made a login form and a register form, the registration works fine, it inserts all i need in my databse but the login wont work at all, i really dont know what to do with it, can someone please help me out?
Code: Select all
<html>
<head>
<title>Origin</title>
<link href='http://fonts.googleapis.com/css?family=Frijole' rel='stylesheet' type='text/css'>
<link rel="stylesheet" href="css/style.css">
</head>
<body>
<div class="main">
<h1 class="origin">Origin</h1>
<form action="index.php" method="POST">
<div class="center_login">
<ul id="login">
<li>
<label for="username">Username</lable>
<input id="name" name="username"/>
</li>
<li>
<label for="password">Password</lable>
<input type="password" name= "password"/>
</li>
<li>
<input type="submit" name="submit" value="Login">
</li>
</ul>
</div>
</div>
<?php
function protect($x)
{
$x = mysql_real_escape_string(trim($x));
return $x;
}
$username = protect(strtolower(strip_tags($_POST['username'])));
$password = protect(strip_tags($_POST['password']));
$salt = md5($password);
$hash=sha1( "z1w29y7" . md5("9a72cd" . md5("Password" . "$salt"), "b1afb43") . "a982efa1" . md5("$salt") );
if($username && $password)
{
$connect= mysql_connect ("localhost","root","");
mysql_select_db ("origin");
$query= mysql_query("SELECT * FROM users WHERE username='$username'");
$num_rows= mysql_num_rows($query);
if($num_rows!=0)
{
while($row=mysql_fetch_assoc($query))
{
$dbusername= $row['username'];
$dbpassword= $row['password'];
}
if(strtolower($username)==$dbusername&&$hash==$dbpassword)
{
echo "<meta http-equiv='refresh' content='0;url=main.php'>";
$_SESSION['username']=$dbusername;
}
else
echo "incorect password ";
}
else
{
die("that user does not exist");
}
}
?>
</body>
</html>