0

Hello,
I am worcking with a login script, and everytime i am trying to log on, I we get my error messege "inncorect password!"
And everythning is okay!
Can somebody pleas cheack it?

<?php 

include 'connect.php';

$session_username = $_SESSION['username'];

if ($_POST['login'])
{
  // Får dataen fra databasen.
  $username = addslashes(strip_tags($_POST['username']));
  $password = addslashes(strip_tags($_POST['password']));
  
  if(!$username||!$password)
  echo "ecnter a username and a pssword";
  else
  {
  // Her logger brukern seg inn!
  $login = mysql_query("SELECT * FROM users WHERE username='$username'");
  if (mysql_num_rows($login)==0)
  echo "no such user";
  else
  {
	while ($login_row = mysql_fetch_assoc($login))
	{
	
	//Får databsens passord!
	$password_db = $login_row['password'];
	
	//Krypteringen fra passordet!
	$password = md5($password);
	
	//Skjekk passord
	if ($password!=$password_db)
	echo "incorrect password";
	else
	{
	// skjekker om bruker har aktivert kontoen via linken!.
	$active = $login_row['active'];
	$email = $login_row['email'];
	
	if ($active==0)
		echo "You hassen activated your account, pleas cheack your email ($email)";
	else
	{
			$_SESSION['username']=$username; // assign session
			header("Location: index.php"); // refresh
	}
}
  }
}
}
}
?>
<form action='index.php' method='POST'>
Username:<br/>
<input type='text' name='username'><p />
Password:<br />
<input type='password' name='password'><P />
<input type='submit' name='login' value='Log in'>
</form>
4
Contributors
3
Replies
4
Views
6 Years
Discussion Span
Last Post by _coder
0

I would advise wrapping all queries inside the mysql_real_escape_string() function.

It seems as though between PHP and MySql they are not comming up with the same result.

0

Hello

You need spaces to separate the variable from the test:

//Skjekk passord
	if ($password != $password_db)
	echo "incorrect password";
	else

Edited by rch1231: forgot code markers

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.