Hello to all,

I am facing an issue with login form.
Everything is correct, but..

<?php
session_start();
include("config.php");

    $username =   $_POST["username"];
    $password =  $_POST["password"];

    $sql = "SELECT * FROM register where E_mail = '$username' and password = '$password'";
    $result = mysqli_query($conn, $sql);

    if ($result) 
    {

        $_SESSION['username'] = $username;
        header("location:index.php");
    }
    else
    {
        echo "Invalid Username and Password.... Pls try again".$conn->error;
    }
?>

I think there is an issue with query because
it checks if the username is available in 'register' table or not..
after that it checks password availability in table.
user can crack the login form by using his password or other one's id.
means, username and password should be exist in the same row
but it is checking the username and password existance in table.
oops, I think you are not getting... but please read this again and try to understand what i want to say

Recommended Answers

All 2 Replies

  1. Password should be crypted!
  2. Use filter_input() function e.g. $username = filter_input(INPUT_POST, "username");
  3. Check if($username !== NULL && $password !== NULL){ ... } before query
  4. Do not put user input parameters directly to SQL query! - Use prepared statement: prepare(), bind_param(), execute()
  5. For precise string comparison use like binary instead of =

you should do all the things @AndrisP has stated and plus the following:

check if connected to the database,
e.g.

if (mysqli_connect_errno())
{
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

after if ($result) you should do:
$rowcount=mysqli_num_rows($result);

then if($rowcount == 1)
then assign the username to session.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.