SitePoint Sponsor

User Tag List

Results 1 to 8 of 8
  1. #1
    SitePoint Evangelist cturner01's Avatar
    Join Date
    Jun 2006
    Location
    My computer
    Posts
    408
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Username and password is correct???

    Can someone please tell me why the following code keeps on saying that the username and password is incorrect when they are correct? Thanks in advance.
    PHP Code:
    require "config.php";

    // Create an empty array to hold the error messages.
    $arrErrors = array();
    //Only validate if the Submit button was clicked.
    if (!empty($_POST['Submit'])) {

    $username_check "SELECT admin_username FROM diary_admin";
    $username_result mysql_query ($username_check) or die('Query failed. ' mysql_error());
                    
    $password_check "SELECT admin_password FROM diary_admin";
    $password_result mysql_query ($password_check) or die('Query failed. ' mysql_error());

        
    // Each time there's an error, add an error message to the error array
        // using the field name as the key.
        
    if ($_POST['admin_username']=='')
            
    $arrErrors['admin_username'] = 'Please enter your username.';
        if (
    $_POST['admin_password']=='')
            
    $arrErrors['admin_password'] = 'Please enter your password.';
        if (
    $_POST['admin_password'] != $username_result)
            
    $arrErrors['admin_username'] = 'That username was incorrect.';
        if (
    $_POST['admin_password'] != $password_result)
            
    $arrErrors['admin_password'] = 'That password was incorrect.';

        if (
    count($arrErrors) == 0) {
            
            
    // If the error array is empty, there were no errors.
            // Insert form processing here.
            
    print "Login successful";
        } else {
            
    // The error array had something in it. There was an error.
            // Start adding error text to an error string.
            
    $strError '<div class="formerror"><p>Please check the following and try again:</p><ul>';
            
    // Get each error and add it to the error string
            // as a list item.
            
    foreach ($arrErrors as $error) {
                
    $strError .= "<li>$error</li>";
            }
            
    $strError .= '</ul></div><p>';
        }


  2. #2
    play of mind Ernie1's Avatar
    Join Date
    Sep 2005
    Posts
    1,252
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    you have to use WHERE clause when selecting fields
    PHP Code:
    require "config.php"

    // Create an empty array to hold the error messages. 
    $arrErrors = array(); 
    //Only validate if the Submit button was clicked. 
    if (!empty($_POST['Submit'])) { 

    $username_check "SELECT admin_username FROM diary_admin WHERE admin_username='"mysql_real_escape_string($_POST['admin_username']) . "'"
    $username_result mysql_query ($username_check) or die('Query failed. ' mysql_error()); 
                     
    $password_check "SELECT admin_password FROM diary_admin WHERE admin_password ='"mysql_real_escape_string($_POST['admin_password']) . "'"
    $password_result mysql_query ($password_check) or die('Query failed. ' mysql_error()); 

        
    // Each time there's an error, add an error message to the error array 
        // using the field name as the key. 
        
    if ($_POST['admin_username']==''
            
    $arrErrors['admin_username'] = 'Please enter your username.'
        if (
    $_POST['admin_password']==''
            
    $arrErrors['admin_password'] = 'Please enter your password.'
        if (
    $_POST['admin_password'] != $username_result
            
    $arrErrors['admin_username'] = 'That username was incorrect.'
        if (
    $_POST['admin_password'] != $password_result
            
    $arrErrors['admin_password'] = 'That password was incorrect.'

        if (
    count($arrErrors) == 0) { 
             
            
    // If the error array is empty, there were no errors. 
            // Insert form processing here. 
            
    print "Login successful"
        } else { 
            
    // The error array had something in it. There was an error. 
            // Start adding error text to an error string. 
            
    $strError '<div class="formerror"><p>Please check the following and try again:</p><ul>'
            
    // Get each error and add it to the error string 
            // as a list item. 
            
    foreach ($arrErrors as $error) { 
                
    $strError .= "<li>$error</li>"
            } 
            
    $strError .= '</ul></div><p>'
        } 

    my mobile portal
    ghiris.ro

  3. #3
    SitePoint Guru glenngould's Avatar
    Join Date
    Nov 2005
    Posts
    661
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Correct this:

    if ($_POST['admin_password'] != $username_result)

    to:


    if ($_POST['admin_username'] != $username_result)
    Tweep List adds an avatar menu to Twitter (open source)
    Word Stats shows your most used words on Twitter

  4. #4
    SitePoint Evangelist cturner01's Avatar
    Join Date
    Jun 2006
    Location
    My computer
    Posts
    408
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    On line 18 of Ernie1's code there is the following error:
    Parse error: parse error, unexpected ';' in /home/blu6592/public_html/login.php on line 18. I can't seem to work the error out.

    Line 18 is here: $password_check = "SELECT admin_password FROM diary_admin WHERE admin_password ='". mysql_real_escape_string($_POST['admin_password'] . "'";.

  5. #5
    play of mind Ernie1's Avatar
    Join Date
    Sep 2005
    Posts
    1,252
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    sorry, my bad, I have changed my last post, please try again

    it should read:
    PHP Code:
    $password_check "SELECT admin_password FROM diary_admin WHERE admin_password ='"mysql_real_escape_string($_POST['admin_password']) . "'"
    my mobile portal
    ghiris.ro

  6. #6
    SitePoint Evangelist cturner01's Avatar
    Join Date
    Jun 2006
    Location
    My computer
    Posts
    408
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It is still telling me that the username and password is incorrect when it is correct.

  7. #7
    SitePoint Guru glenngould's Avatar
    Join Date
    Nov 2005
    Posts
    661
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Have you corrected the line I mentioned above, or am I wrong?

    I replaced the SQL connection with php variables and tried your code, works ok. I'm new on SQL as well, but selecting from a database table is fairly easy:
    http://www.w3schools.com/sql/sql_where.asp
    Tweep List adds an avatar menu to Twitter (open source)
    Word Stats shows your most used words on Twitter

  8. #8
    play of mind Ernie1's Avatar
    Join Date
    Sep 2005
    Posts
    1,252
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Here it is, i finally did it, hope it works for you too:
    PHP Code:
    <?php
    require "config.php"
    $self $_SERVER['PHP_SELF'];
    // Create an empty array to hold the error messages. 
    $arrErrors = array(); 
    //Only validate if the Submit button was clicked. 

    if(isset($_POST['submit'])){

    $admin_username_check mysql_query("SELECT admin_username FROM diary_admin WHERE admin_username = '"mysql_real_escape_string($_POST['admin_username']) . "'") or die(mysql_error()); 
    $admin_username_result mysql_num_rows($admin_username_check); 
                  
    $admin_password_check mysql_query("SELECT admin_password FROM diary_admin WHERE  admin_password = '"mysql_real_escape_string($_POST['admin_password']) . "'") or die('Query failed. ' mysql_error()); 
    $admin_password_result mysql_num_rows($admin_password_check);

        
    // Each time there's an error, add an error message to the error array 
        // using the field name as the key. 
        
    if(empty($_POST['admin_username'])) $arrErrors['admin_username'] = 'Please enter your admin_username.'
        if(empty(
    $_POST['admin_password'])) $arrErrors['admin_password'] = 'Please enter your admin_password.'
        if(!empty(
    $_POST['admin_username']) && $admin_username_result == 0$arrErrors['admin_username'] = 'That admin_username was incorrect.';
        if(!empty(
    $_POST['admin_password']) && $admin_password_result == 0$arrErrors['admin_password'] = 'That admin_password was incorrect.'

        if (
    count($arrErrors) == 0) { 
              
            
    // If the error array is empty, there were no errors. 
            // Insert form processing here. 
            
    print "Login successful"
        } else { 
            
    // The error array had something in it. There was an error. 
            // Start adding error text to an error string. 
            
    $strError '<div class="formerror"><p>Please check the following and try again:</p><ul>'
            
    // Get each error and add it to the error string 
            // as a list item. 
            
    foreach ($arrErrors as $error) { 
                
    $strError .= "<li>$error</li>"
            } 
            
    $strError .= '</ul></div><p>'

        echo 
    $strError;
        } 
    }

    ?>

    and the form example, you can use this for testing.

    <form method="post" action="<?php echo $self ?>">
    admin_username: <input name="admin_username" value=""/><br />
    admin_password: <input name="admin_password" maxlength="12" value=""/><br />
    <input type="submit" name="submit" value="Submit" />
    </form>
    my mobile portal
    ghiris.ro


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •