login script is not working

Question

servis 0 Junior Poster in Training

15 Years Ago

The following login script is not working, i am unable to trace the problem, please anybody help me...

<?php 

include ("template/login.tpl.htm");

session_start();
if (isset($_POST['userid']) && isset($_POST['userpassword'])) {
	include 'library/config.php';
	include 'library/opendb.php';
	
	$userId   = $_POST['userid'];
	$password = $_POST['userpassword'];
	
	// check if the user id and password combination exist in database

	$sql = "SELECT user_id,user_password 
	        FROM tbl_auth_user
	WHERE user_id = '$userId' AND user_password = PASSWORD('$password')";
	
	$result = mysql_query($sql) or die('Query failed. ' . mysql_error()); 
	if (mysql_num_rows($result)==1) {
		// the user id and password match, 
		// set the session
		$_SESSION['db_is_logged_in'] = true;
		$_SESSION['userid']= $userId;

		// after login we move to the main page
		header('Location: index.php');
		exit;
	} else {
	echo "Sorry, wrong user id / password";
	echo "$sql";
	}
	
	include 'library/closedb.php';
}else {
echo "please supply your id and password";
}
?>

thanks in advance..

php

5 Contributors
10 Replies
131 Views
9 Hours Discussion Span
Latest Post 15 Years Ago Latest Post by nav33n

All 10 Replies

hivenk 0 Newbie Poster

15 Years Ago

write the query like this

$sql = "SELECT user_id,user_password 
	        FROM tbl_auth_user
	WHERE user_id = '".$userId."' AND user_password = PASSWORD('".$password."')";

Ole Raptor 19 Posting Whiz in Training

15 Years Ago

Suhacini's code looks good but a small typo i think

$res=mysql_query($str);

change to:

$res=mysql_query($sql);

nav33n 472 Purple hazed!

15 Years Ago

Your script looks good. But are you sure you have a varchar field in the table called user_password with length greater than 16 characters ? Thats the only thing that I can think of. http://dev.mysql.com/doc/refman/5.0/en/password-hashing.html

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Suhacini 0 Junior Poster in Training · Answer 1 · 2008-06-02T15:30:32+00:00

Suhacini 0 Junior Poster in Training

15 Years Ago

What is the error you are getting?

servis 0 Junior Poster in Training · Answer 2 · 2008-06-02T15:48:58+00:00

servis 0 Junior Poster in Training

15 Years Ago

the error is "Sorry, wrong user id / password".

Suhacini 0 Junior Poster in Training · Answer 3 · 2008-06-02T16:05:14+00:00

Try this:

include("session.php");

$userId   = $_POST['userid'];
$password = $_POST['userpassword'];


$sql = "SELECT user_id,user_password 
FROM tbl_auth_user WHERE user_id = '$userId' AND user_password = '$password'";


$res=mysql_query($str);

if(mysql_num_rows($res)!=0)
{
  $_SESSION['userId']=$userId;
  header("location:nextpage.php");
}

else
 header("location:login.php");
?>

and session.php is

<?php

session_start();

if($_SESSION['userId']=='')
  header("Location:login.php");
?>

servis 0 Junior Poster in Training · Answer 4 · 2008-06-02T16:33:27+00:00

thanks Suhacini for your valueable help, but the script provided by you is not working, i tried in every aspect.

Suhacini 0 Junior Poster in Training · Answer 5 · 2008-06-02T16:39:10+00:00

Is it so..But it is working for me.what is the error message your getting?

servis 0 Junior Poster in Training · Answer 6 · 2008-06-02T16:58:54+00:00

servis 0 Junior Poster in Training

15 Years Ago

the browser is not opening it....

Suhacini 0 Junior Poster in Training · Answer 7 · 2008-06-02T17:15:08+00:00

Hey its working I have checked it once again.check these once $_POST the userid here must be the textbox name, and user_id must be same as the field name in your table.

login script is not working

Recommended Answers Collapse Answers

All 10 Replies

Recommended Answers