0

After successfully creating a registering system I can't use the login system I've created, it always gives the error message I've set "Wrong Email or Password" although the values are right!

The code for validating the login process:

<?php

$con = mysql_connect("***","*****","****");

mysql_select_db("*****", $con);

$emailin=$_POST['emailin'];
$passwordin=$_POST['password']; 

$emailin = stripslashes($emailin);
$passwordin = stripslashes($passwordin);
$emailin = mysql_real_escape_string($emailin);
$passwordin = mysql_real_escape_string($passwordin);

$sql="SELECT * FROM users WHERE email='$emailin' and password='$passwordin'";
$result=mysql_query($sql);

$count=mysql_num_rows($result);

if($count==1){
session_register("emailin");
session_register("passwordin");
header("location:profile.php");
}
else {
echo "Wrong Email or Password";
}

?>

Thanks

3
Contributors
3
Replies
4
Views
5 Years
Discussion Span
Last Post by Aser Gado
0

you forget session_start()

if($count==1){
    //session_start — Initialize session data
    session_start();

    $_SESSION['login_email'] = $emailin;
    $_SESSION['login_password'] = $passwordin;

    session_register("emailin");
    session_register("passwordin");

    //Add additional member to cookie array as per requirement
    setcookie("email", $_SESSION['login_email'], time()+60*60*24*100, "/");

    header("location:profile.php");
}
else {
    echo "Wrong Email or Password";
}
0

Try this, and show us the output:

$sql = "SELECT * FROM users WHERE email='$emailin' and password='$passwordin'";
echo $sql;
$result = mysql_query($sql) or die(mysql_error());
$count = mysql_num_rows($result);
echo $count;

Edited by pritaeas: n/a

0

@dean, it didnt fix the problem.

@pritaes, it gave me this:

SELECT * FROM users WHERE email='Aser.Gado@gmail.com' and password=''0Wrong Email or Password

EDIT: i Fixed it, here is the code i used:

// username and password sent from form 
$emailin=$_POST['emailin']; 
$passwordin=$_POST['passwordin'];

// To protect MySQL injection 
$emailin = stripslashes($emailin);
$passwordin = stripslashes($passwordin);
$emailin = mysql_real_escape_string($emailin);
$passwordin = mysql_real_escape_string($passwordin);

$sql="SELECT * FROM users WHERE email='$emailin' and password='$passwordin'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
if(mysql_num_rows($result) > 0){
  $data = mysql_fetch_array($result);
  $_SESSION['id'] = $data['id'];
  $_SESSION['username'] = $data['username'];
  header("location:login_success.php");
} else {
  echo "Wrong Username or Password";
}

Edited by Aser Gado: n/a

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.