1,105,380 Community Members

php login from can't log in

Member Avatar
ms061210
Light Poster
31 posts since Sep 2012
Reputation Points: 0 [?]
Q&As Helped to Solve: 0 [?]
Skill Endorsements: 3 [?]
 
0
 

Hello guys, Please take a look at my code, coz I don't know why I cant login here in my log in form.By the way, my database is working, so the problem is in the code. looking forward for your help guys,

here is my code:

<?php
    session_start();
    include("config.php");
?>  

<html>
<head>

    <title>LOG IN</title>
<style>

body {
            background: url('login.png') no-repeat scroll;
            background-size: 100% 100%;
            min-height: 500px;
        }


div.user{
   position:fixed;
   bottom:135px;
   height:90px;
   left:700px;
}

div.pass{
   position:fixed;
   bottom:20px;
   height:90px;
   left:700px;
}

</style>

</head>
<body autocomplete="off" >

<audio autoplay loop>
      <source src="bgsound.ogg">
      <source src="bgsound.mp3">
  </audio>

  <div class="user">
  <br>
  <br>
  <form method='post' action='login1.php'>
  <input type="text" name="player_name" style="height:30px;"> <br>
  </div>
  <div class="pass">
  <input type="password" name="password" style="height:30px;">
  <br> <br>

 &nbsp;&nbsp; <input type="submit" name="login" value="Login" > &nbsp;&nbsp;
 <a href="reg.php"><input type="button" name="register" value="Sign Up" ></a>

 </div>
  </form>
  </div>


</body>
</html>

<?php
    if(isset($_REQUEST["login"])){
        $player_name = $_REQUEST["player_name"];
        $password = $_REQUEST["password"];

        $query_checkuser = "SELECT player_name FROM player
                            WHERE player_name = '$player_name'";

        $result_checkuser = pq_query($query_checkuser);

            if(pg_num_rows($result_checkuser) >= 1 ){
            $query_checkpswd = "SELECT password FROM player
                          WHERE player_name = '$player_name'";

            $result_checkpswd = pg_query($query_checkpswd);
            $player_data = pg_fetch_assoc($result_checkpswd);
            $p_password = $player_data["password"];

                if($password == $p_password ){

            echo "You are logged-in as, <b>",$player_name , "</b>";
            $_SESSION["player_name"] = $player_name;
            header("Location: page1.htm");
        }else{
        echo "<script> window.alert('Error! Invalid Username or Password!') </script>";
        }
    }
    }

?>

In my registration form, when the user add accounts, It was saved in the database, but when I'm loggin in, it says the Invalid username, Please help. Thank you very much.

Member Avatar
broj1
Posting Virtuoso
1,578 posts since Jan 2011
Reputation Points: 220 [?]
Q&As Helped to Solve: 219 [?]
Skill Endorsements: 21 [?]
Featured
 
0
 

Insert some debug code say after line 89:

echo "Username query: $query_checkuser<br />";
echo "Password query: $query_checkpswd<br />";
echo "Entered password: $password<br />";
echo "Password in the DB: $p_password<br />";

and check whether queries and values are correct.

Member Avatar
phpology
Newbie Poster
23 posts since Jul 2010
Reputation Points: 8 [?]
Q&As Helped to Solve: 7 [?]
Skill Endorsements: 0 [?]
 
2
 

why dont you try and combine your queries into 1 query i.e.

$query_checkuser = "SELECT * FROM player
                            WHERE 
                            player_name = '".$player_name."' and 
                            password = '".$password."'";
echo $query_checkuser."<Br />"; //ensure that the sql statement is correct.

Then execute query, check if record was found do something, else show error.

Also remember to sanitize your user input as currently you are prone to sql injection - pg_escape_string

Member Avatar
phpology
Newbie Poster
23 posts since Jul 2010
Reputation Points: 8 [?]
Q&As Helped to Solve: 7 [?]
Skill Endorsements: 0 [?]
 
0
 

oh another note, move the PHP code above your html code, you dont want to render the HTML and then process your PHP and also you cant redirect if content is written to the page too. if that makes sense?

Member Avatar
homeboy
Newbie Poster
17 posts since Feb 2013
Reputation Points: 8 [?]
Q&As Helped to Solve: 3 [?]
Skill Endorsements: 0 [?]
 
1
 

Have you encrypted your password in your data base when you save it? If yes, you should dechiper your password before if($password == $p_password ).
Try using echo to show what you got in $p_password, before the condition.

Question Answered as of 1 Year Ago by phpology, homeboy and broj1
You
This question has already been solved: Start a new discussion instead
Post:
Start New Discussion
View similar articles that have also been tagged: