0

Hello all,

I'm having a bizarre problem with the most basic of logins. I'm using a function to pass two parameters, just email and password but it just will not work and I can't understand why. I ran the query in the database and it returned a COUNT value of 0, the odd part is that when I remove the password section the COUNT returns 1.

I've double checked the password and it echo's out the same hash as the one stored in the db, but I'm totally confused.

Any help would be much appreciated.

Here is the login form snippet

        <form action="" method="POST">

            <p>
            <input type="email" name="login_email" placeholder="Email address"/>
            </p>

            <p>
            <input type="password" name="login_password" placeholder="Password" />
            </p>

            <p>
            <input class="btn" type="submit" name="login" id="login" value="Login" />
            </p>


        </form>




if (isset($_POST['login'])) 

            {
                $login_email    = $_POST['login_email'];
                $login_password = $_POST['login_password'];

                $login_password = md5($login_password);

                    if (empty($login_email) || empty($login_password)) 

                        {
                            echo "Email and password required.";
                        } 

                    else 

                        {   
                             echo $login = login_check($login_email, $login_password);
                             $_SESSION['user_id'] = $user_id;

                             header('location: index.php');
                             exit();        
                        }


            }





function login_check($login_email, $login_password){

    $login_email = mysql_real_escape_string($login_email);
    $login_query = mysql_query("SELECT COUNT(`user_id`) as `count`, `user_id` FROM `users` WHERE `email`='$login_email' AND `password`='$login_password' ") or die (mysql_error());
    return (mysql_result($login_query, 0) == 1) ? mysql_result($login_query, 0, `user_id`) : false;
3
Contributors
3
Replies
4
Views
5 Years
Discussion Span
Last Post by cubalibras
0

I ran the query in the database and it returned a COUNT value of 0, the odd part is that when I remove the password section the COUNT returns 1.

Sounds like you inserted the record with a different password, or a different hash. The code you have looks fine. There must be a discrepancy between the inserting of a user and selecting one (specifically the password).

0

okey check that new version of the function:

function login_check($login_email, $login_password){
$login_email = mysql_real_escape_string($login_email);
$login_query = mysql_query("SELECT COUNT(`user_id`) as `count`, `user_id` FROM `users` WHERE `email`='$login_email' AND `password`='$login_password' ") or die (mysql_error());
$row=mysql_fetch_array($login_query);//new lines
$cnt=0
$cnt=intval($row["count"]);
> return ($cnt>0) ? $row["user_id"] : false;
}
0

Hello guys, a few days back I clicked on the up arrow and entered a comment but it doesn't show, so just in case you didn't receieve my message I would like to thank you both for your help, it's all sorted now although I'm still unsure as to why !

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.