SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Enthusiast
    Join Date
    Jun 2001
    Location
    Luton, UK
    Posts
    57
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    user/password check help!!!

    Hi All
    At the moment I am learning PHP and I am going through a tute in a book - unfortunately like most books nothing ever seems to work properly. I'm trying to work on username and password verification but for some reason it never recognises my password.
    The MySQL code I am using is:----
    create database auth;
    use auth;
    create table auth (
    name varchar(10) not null,
    pass varchar(30) not null,
    primary key (name));

    insert into auth values
    ('user', 'pass');
    insert into auth values
    ( 'testuser', password('test123') );

    grant select, insert, update, delete
    on auth.*
    to webauth@localhost
    identified by 'webauth';
    --------
    and on the PHP side I am using this code:-------
    <?
    if(!isset($name)&&!isset($password))
    {
    //Visitor needs to enter a name and password
    ?>
    <h1>Please Log In</h1>
    This page is secret.
    <form action="secret.php" method="post">
    <table border = 1>
    <tr>
    <th> Username </th>
    <td> <input type = text name = name> </td>
    </tr>
    <tr>
    <th> Password </th>
    <td> <input type = password name = password> </td>
    </tr>
    <tr>
    <td colspan =2 align = center>
    <input type = submit value = "Log In">
    </td>
    </tr>
    </table>
    </form>
    <?
    }
    else
    {
    // connect to mysql
    $mysql = mysql_connect( 'localhost', 'webauth', 'webauth' );
    if(!$mysql)
    {
    echo 'Cannot connect to database.';
    exit;
    }
    // select the appropriate database
    $mysql = mysql_select_db( 'auth' );
    if(!$mysql)
    {
    echo 'Cannot select database.';
    exit;
    }
    // query the database to see if there is a record which matches
    $query = "select count(*) from auth where
    name = '$name' and
    pass = '$password'";

    $result = mysql_query( $query );
    if(!$result)
    {
    echo 'Cannot run query.';
    exit;
    }
    $count = mysql_result( $result, 0, 0 );
    if ( $count > 0 )
    {
    // visitor's name and password combination are correct
    echo "<h1>Here There!</h1>";
    echo "Welcome to this page.";
    }
    else
    {
    // visitor's name and password combination are not correct
    echo "<h1>Denied!</h1>";
    echo "You are not authorized to view this resource.";
    }
    }
    ?>
    ---------
    I just wondered if any of you could see a reason why I keep getting the denied header when I only have the 1 password in MySQL. I know MySQL is working okay as I have tried other scripts on it....

    Thanks you for any help
    Drew
    'As a computer, I find your faith in technology amusing'

  2. #2
    SitePoint Wizard
    Join Date
    Mar 2001
    Posts
    3,537
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi,

    One password in the table? You have two insert statements, so you have two passwords. Also, no one is going to be able to tell what's wrong because you have a password() function that does who knows what to the password entered by the user. I would say you are not entering the same password that is stored in your mysql table, so why don't you copy and paste what is in your mysql table and use that for the password and see if that works.

  3. #3
    What's HTML?
    Join Date
    May 2001
    Location
    San Diego, CA
    Posts
    1,701
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Otherwise just login through telnet or SSH and reset your password. I had this problem once also...and sure enough, I was entering the password wrong.
    Ryan Kuhle - A Proud Advisor - Got Questions? Just Ask!
    Get your website started for less than $20! Click Here

  4. #4
    SitePoint Enthusiast
    Join Date
    Jun 2001
    Location
    Luton, UK
    Posts
    57
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi Guys - Thanks for the input. I finally got the thing to work after I took out the word password and the second set of parentheses and it worked fine since then.

    'insert into auth values ('user', 'pass'); insert into auth values
    ( 'testuser', password('test123') );

    Cheers

    Drew
    'As a computer, I find your faith in technology amusing'


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •