We're a community of 1076K IT Pros here for help, advice, solutions, professional growth and fun. Join us!
1,075,707 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Start New Discussion Reply to this Discussion
Ad: Whitewater cloud storage gateways
3 Months Ago
0

php login from can't log in

Hello guys, Please take a look at my code, coz I don't know why I cant login here in my log in form.By the way, my database is working, so the problem is in the code. looking forward for your help guys,

here is my code:

<?php
    session_start();
    include("config.php");
?>  

<html>
<head>

    <title>LOG IN</title>
<style>

body {
            background: url('login.png') no-repeat scroll;
            background-size: 100% 100%;
            min-height: 500px;
        }


div.user{
   position:fixed;
   bottom:135px;
   height:90px;
   left:700px;
}

div.pass{
   position:fixed;
   bottom:20px;
   height:90px;
   left:700px;
}

</style>

</head>
<body autocomplete="off" >

<audio autoplay loop>
      <source src="bgsound.ogg">
      <source src="bgsound.mp3">
  </audio>

  <div class="user">
  <br>
  <br>
  <form method='post' action='login1.php'>
  <input type="text" name="player_name" style="height:30px;"> <br>
  </div>
  <div class="pass">
  <input type="password" name="password" style="height:30px;">
  <br> <br>

 &nbsp;&nbsp; <input type="submit" name="login" value="Login" > &nbsp;&nbsp;
 <a href="reg.php"><input type="button" name="register" value="Sign Up" ></a>

 </div>
  </form>
  </div>


</body>
</html>

<?php
    if(isset($_REQUEST["login"])){
        $player_name = $_REQUEST["player_name"];
        $password = $_REQUEST["password"];

        $query_checkuser = "SELECT player_name FROM player
                            WHERE player_name = '$player_name'";

        $result_checkuser = pq_query($query_checkuser);

            if(pg_num_rows($result_checkuser) >= 1 ){
            $query_checkpswd = "SELECT password FROM player
                          WHERE player_name = '$player_name'";

            $result_checkpswd = pg_query($query_checkpswd);
            $player_data = pg_fetch_assoc($result_checkpswd);
            $p_password = $player_data["password"];

                if($password == $p_password ){

            echo "You are logged-in as, <b>",$player_name , "</b>";
            $_SESSION["player_name"] = $player_name;
            header("Location: page1.htm");
        }else{
        echo "<script> window.alert('Error! Invalid Username or Password!') </script>";
        }
    }
    }

?>

In my registration form, when the user add accounts, It was saved in the database, but when I'm loggin in, it says the Invalid username, Please help. Thank you very much.

4
Contributors
4
Replies
3 Days
Discussion Span
3 Months Ago
Last Updated
30
Views
Question
Answered
ms061210
Light Poster
27 posts since Sep 2012
Reputation Points: 0
Solved Threads: 0
Skill Endorsements: 0
3 Months Ago
0

Insert some debug code say after line 89:

echo "Username query: $query_checkuser<br />";
echo "Password query: $query_checkpswd<br />";
echo "Entered password: $password<br />";
echo "Password in the DB: $p_password<br />";

and check whether queries and values are correct.

broj1
Nearly a Posting Virtuoso
1,211 posts since Jan 2011
Reputation Points: 167
Solved Threads: 164
Skill Endorsements: 13
3 Months Ago
Show Comments
2

why dont you try and combine your queries into 1 query i.e.

$query_checkuser = "SELECT * FROM player
                            WHERE 
                            player_name = '".$player_name."' and 
                            password = '".$password."'";
echo $query_checkuser."<Br />"; //ensure that the sql statement is correct.

Then execute query, check if record was found do something, else show error.

Also remember to sanitize your user input as currently you are prone to sql injection - pg_escape_string

phpology
Newbie Poster
22 posts since Jul 2010
Reputation Points: 18
Solved Threads: 7
Skill Endorsements: 0
3 Months Ago
0

oh another note, move the PHP code above your html code, you dont want to render the HTML and then process your PHP and also you cant redirect if content is written to the page too. if that makes sense?

phpology
Newbie Poster
22 posts since Jul 2010
Reputation Points: 18
Solved Threads: 7
Skill Endorsements: 0
3 Months Ago
Show Comments
1

Have you encrypted your password in your data base when you save it? If yes, you should dechiper your password before if($password == $p_password ).
Try using echo to show what you got in $p_password, before the condition.

homeboy
Newbie Poster
17 posts since Feb 2013
Reputation Points: 8
Solved Threads: 3
Skill Endorsements: 0
Question Answered as of 2 Months Ago by phpology, broj1 and homeboy

This question has already been solved: Start a new discussion instead

Post: Markdown Syntax: Formatting Help
 
You
Web Development > PHP
View similar articles that have also been tagged:
 
© 2013 DaniWeb® LLC
Page rendered in 0.0774 seconds using 2.77MB