Member Avatar for ostrados

Hi all,

hey guys could you please help me in this issue: i get warning message whenever i try to run my login form

Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'root'@'localhost' (using password: YES) in C:\xampp\htdocs\db.php on line 10
unable to connect to the database

i am using xampp, and using default settings; user: root, password: ' ' , server: localhost.
my code logic is: users open index.php where they can signup and login -> when login form submitted it goes to login_check.php -> if login successful -> open user.php

my database connection code is:

Code blocks are created by indenting at least 4 spaces
... and can span multiple lines
<?php // THIS IS MY DB.PHP TO CONNECT TO DATABASE

$user='root';
$pword="";
$server='localhost';
$db='football';


$conn = mysql_connect($server,$user,$pass) or die("unable to connect to the database");
$mysql= mysql_select_db($db,$conn);

?>



//THIS CODE IS THE LOGIN_CHECK.PHP, WHERE IT CHECKS THE USER INFORMATION AND PROCESS THE LOGIN

    <?php
session_start();    
include ('db.php');

// form defaults
$error['alert'] = '';
$error['email'] = '';
$error['pass'] = '';
$input['email'] = '';
$input['pass'] = '';

if(isset($_POST['submit']))
{
        // if form has been submitted, process form
    if ($_POST['email'] == '' || $_POST['password'] == '')
    {
        // both fields need to be filled in
        if ($_POST['email'] == '') { $error['email'] = 'required!'; }
        if ($_POST['password'] == '') { $error['pass'] = 'required!'; }
        $error['alert'] = 'Please fill in required fields!';

        // get data from form
        $email = mysql_real_escape_string($_POST['email']);
        $pass = mysql_real_escape_string($_POST['password']);

        // show form
        include('index.php');
    }

    else
    {
        // get and clean data from form
        $email = mysql_real_escape_string($_POST['email']);
        $pass = md5(mysql_real_escape_string($_POST['password']));

        // create query
        $query = mysql_query("SELECT * FROM users WHERE email='".$email."' AND password ='".$pass."' ");

            if($query)
            {
                // check if there is a match in the database for the user/password combination
                if (mysql_num_rows($query) == 1)
                {

                // set session variable
                $_session['email'] = $email;
                $_session['time'] = time();

                // redirect to user's page
                header("Location: user.php");
                }
                else
                {
                // username/password incorrect
                $error['alert'] = "email or password incorrect!";

                // show form
                include('index.php');
                }

            }
            else
            {
                echo "errort: query failed";
            }
    }

}
else
{
    // check for any variables within the URL
    if (isset($_GET['unauthorized']))
    {
        $error['alert'] = 'Please login to view that page!';
    }
    if (isset($_GET['timeout']))
    {
        $error['alert'] = 'Your session has expired. Please log in again.';
    }

    // if the form hasn't been submitted, show form
    include('index.php');
}

// close db connection
mysql_close();



?>

the strange thing the signup form works fine, but the login just wont work!!
i checked every line in my code and its driving me crazy :S

in my db.php code i added an if statement to check if it connects to database:

if($conn)
echo "success";
else 
echo "fail";

the output was succes, wich means it does connect to database, i also did the same for $mysql and it was successt too!!

so my code does connect and select database but why it fails to login?!

please guys could you help me in this?

  • 3 Contributors
  • 5 Replies
  • 989 Views
  • 1 Hour Discussion Span
  • Latest Post Latest Post by ostrados

Recommended Answers

All 5 Replies

Member Avatar for dany12

Ok first of all I recodmend to use a jquery to check the form if it has data then in your php serialise strig tags of your info md5 your passwords and salt themafter that compare you data with the database data that you all ready have.
This is easy way to get no errors an a best pratice keep it simple .
That is all I can say.
Hope this helps.

Member Avatar for ostrados

hahahaha ok guys i found my mistake.. $conn = mysql_connect($server,$user,$pass) or die("unable to connect to the database"); it should be $pword XD i think looking at my code from another perspective did help

Member Avatar for ostrados

ok, since am allready here, i could use your valuable opinions abiut the code structure? thanks :)

Member Avatar for JacobRobinson

According to me you can check your coding again if your connect coding is not open then noone can help you.

Edited by peter_budo because: Removing spam links
Member Avatar for ostrados

@jacobrobinson, i found my mistake buddy.. it is in my db connection, mistakenly i used $pass in the mysql_connect argument instead of using $pword, as it was defined in the top. thanks buddy!

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.