User login always throws: Incorrect username and password

Question

Jake.20 0 Junior Poster in Training

9 Years Ago

<?php     //start php tag
//include connect.php page for database connection
Include('dbConnection.php');
//if submit is not blanked i.e. it is clicked.
// var_dump($_REQUEST);
session_start();

$errCount = 0;
$user = $_POST['usernameTbx'];
$pass = $_POST['passwordTbx'];
if(isset($_REQUEST['submit'])!='')
{
    //VALIDATE USERNAME TEXTBOX
    if($_REQUEST['usernameTbx']=='') {
        $errCount += 1;
        $_SESSION['error'] += array('usernameTbx' => "Username cannot be empty");

    }
    //VALIDATE PASSWORD TEXTBOX
    if($_REQUEST['passwordTbx']=='') {
        $errCount += 1;
        $_SESSION['error'] += array('passwordTbx' => "Password cannot be empty");
    } 

    if($errCount == 0) {
        $sql=mysql_query("Select username, password FROM user_tbl WHERE username = $user AND password = $pass");

        $row = mysql_fetch_array($sql);
        if($row["username"]==$user && $row["password"]==$pass)
        {
            $_SESSION['sysMsg'] = array('$strSuccess' => "You have successfully logged in!" );

        }
        else
        {
            $_SESSION['sysMsg'] = array('$strFail' => "Incorrect Username or Password" );
        }
    }
    header('Location: loginPage.php');
}

?>

This code always throws $strFail @_@. Can somebody tell me why? Thank you in advance.

php

3 Contributors
4 Replies
356 Views
1 Hour Discussion Span
Latest Post 9 Years Ago Latest Post by Ketul_1

All 4 Replies

pritaeas 2,194 ¯\_(ツ)_/¯

9 Years Ago

Try this, if there's an error, paste it here.

$sql = mysql_query("Select username, password FROM user_tbl WHERE username = '$user' AND password = '$pass'") or die(mysql_error());

Jake.20 commented: die(mysql_error()) helped me +2

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Jake.20 0 Junior Poster in Training · Answer 1 · 2014-08-01T12:53:22+00:00

it says there was a problem on where clause so i change my sql code to this:

$sql=mysql_query("Select username, password FROM user_tbl WHERE username = '".$_REQUEST['usernameTbx']."' AND password = '".$_REQUEST['passwordTbx']."'") or die(mysql_error());

Jake.20 0 Junior Poster in Training · Answer 2 · 2014-08-01T13:00:15+00:00

I don't know what happen but it's already working. Thanks a lot!

<?php     //start php tag
//include connect.php page for database connection
Include('dbConnection.php');
//if submit is not blanked i.e. it is clicked.
// var_dump($_REQUEST);
session_start();
$user = $_POST['usernameTbx'];
$pass = $_POST['passwordTbx'];
$errCount = 0;

if(isset($_REQUEST['submit'])!='')
{
    //VALIDATE USERNAME TEXTBOX
    if($_REQUEST['usernameTbx']=='') {
        $errCount += 1;
        $_SESSION['error'] += array('usernameTbx' => "Username cannot be empty");

    }
    //VALIDATE PASSWORD TEXTBOX
    if($_REQUEST['passwordTbx']=='') {
        $errCount += 1;
        $_SESSION['error'] += array('passwordTbx' => "Password cannot be empty");
    } 

    if($errCount == 0) {
        // $sql=mysql_query("Select username, password FROM user_tbl WHERE username = '".$_REQUEST['usernameTbx']."' AND password = '".$_REQUEST['passwordTbx']."'") or die(mysql_error());
        $sql = mysql_query("Select username, password FROM user_tbl WHERE username = '$user' AND password = '$pass'") or die(mysql_error());

        $row = mysql_fetch_array($sql);
        if($row["username"]==$user && $row["password"]==$pass)
        {
            $_SESSION['sysMsg'] = array('$strSuccess' => "You have successfully logged in!" );

        }
        elseif($row["username"]!=$user && $row["password"]!=$pass)
        {
            $_SESSION['sysMsg'] = array('$strFail' => "Incorrect Username or Password" );
        }
    }
    header('Location: loginPage.php');
}

?>

Ketul_1 -6 Junior Poster · Answer 3 · 2014-08-01T13:31:16+00:00

Try This

<?php     //start php tag
//include connect.php page for database connection
Include('dbConnection.php');
//if submit is not blanked i.e. it is clicked.
// var_dump($_REQUEST);
session_start();
$errCount = 0;
$user = $_POST['usernameTbx'];
$pass = $_POST['passwordTbx'];
if(isset($_REQUEST['submit'])!='')
{
    //VALIDATE USERNAME TEXTBOX
    if($_REQUEST['usernameTbx']=='') {
        $errCount += 1;
        $_SESSION['error'] += array('usernameTbx' => "Username cannot be empty");
    }
    //VALIDATE PASSWORD TEXTBOX
    if($_REQUEST['passwordTbx']=='') {
        $errCount += 1;
        $_SESSION['error'] += array('passwordTbx' => "Password cannot be empty");
    } 

        $sql=mysql_query("Select username , password FROM user_tbl WHERE username ='".$user."' AND password = '".$pass."'");
        $row = mysql_fetch_array($sql); 
        if($row["username"]==$user && $row["password"]==$pass)
        {
            $_SESSION['sysMsg'] = array('$strSuccess' => "You have successfully logged in!" );
        }
        else
        {
            $_SESSION['sysMsg'] = array('$strFail' => "Incorrect Username or Password" );
        }

    header('Location: loginPage.php');
}
?>

User login always throws: Incorrect username and password

Recommended Answers Collapse Answers

All 4 Replies

Recommended Answers