SitePoint Sponsor

User Tag List

Results 1 to 5 of 5

Hybrid View

  1. #1
    SitePoint Addict
    Join Date
    Jul 2011
    Location
    Hyderabad,India.
    Posts
    327
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    username and password verification

    hi all,
    my database name is "test".in the "test" database
    i have created a table name called "log" which has two fields
    namely username and password.
    i have given username as "admin" and password as "admin123".
    now i have written one code using php so that when i click the submit button both the username as "admin" and password as "admin123" gets matched then it should direct to the next page...
    tell me how to check whether username and passwords are matching and if it matches it must point to the action part what we give in <form method="POST" action="www.php">
    kindly tell me what i must add to the below program.....
    below is the code in php......
    Code:
    <?php
    $host="localhost";  
    $username="root";  
    $password="";  
    $db_name="test"; 
    $tbl_name="log"; 
    
    mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
    mysql_select_db("$db_name")or die("cannot select DB");
     
    $myusername=$_POST['myusername']; 
    $mypassword=$_POST['mypassword'];
    
    $myusername = stripslashes($myusername);
    $mypassword = stripslashes($mypassword);
    $myusername = mysql_real_escape_string($myusername);
    $mypassword = mysql_real_escape_string($mypassword);
    
    $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
    $result=mysql_query($sql);
    
    // Mysql_num_row is counting table row
    $count=mysql_num_rows($result);
    // If result matched $myusername and $mypassword, table row must be 1 row
    if($count==1)
    {
    // Register $myusername, $mypassword and redirect to file "login_success.php"
    session_register("myusername");
    session_register("mypassword"); 
    header("location:login_success.php");
    }
    else 
    {
    echo "Wrong Username or Password";
    }
    ?>

  2. #2
    SitePoint Enthusiast
    Join Date
    May 2010
    Location
    Netherlands
    Posts
    31
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    With the current code, it should work if your field names are "myusername" and "mypassword" and the content entered matches that in the database.
    You might also want to read this to get familiar with the way PHP handles forms.

    Additionally, for security reasons it's better to save your passwords using a one-way encryption mechanism like md5 or sha1, so your passwords are not stored in plain text in your database.

  3. #3
    SitePoint Addict
    Join Date
    Jul 2011
    Location
    Hyderabad,India.
    Posts
    327
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by dsmIT View Post
    With the current code, it should work if your field names are "myusername" and "mypassword" and the content entered matches that in the database.
    You might also want to read this to get familiar with the way PHP handles forms.

    Additionally, for security reasons it's better to save your passwords using a one-way encryption mechanism like md5 or sha1, so your passwords are not stored in plain text in your database.
    in database my field names are username and password....
    by adding the extra thing below is it correct.....
    for me it is displaying the message "wrong username or password".
    tell me how to do...
    it is not for security reasons.just a simple one......
    Code:
    <?php
    $host="localhost";  
    $username="root";  
    $password="";  
    $db_name="test"; 
    $tbl_name="log"; 
    
    mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
    mysql_select_db("$db_name")or die("cannot select DB");
     
    $myusername=$_POST['myusername']; 
    $mypassword=$_POST['mypassword'];
    
    $myusername = stripslashes($myusername);
    $mypassword = stripslashes($mypassword);
    $myusername = mysql_real_escape_string($myusername);
    $mypassword = mysql_real_escape_string($mypassword);
    
    $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
    $result=mysql_query($sql);
    
    // Mysql_num_row is counting table row
    $count=mysql_num_rows($result);
    // If result matched $myusername and $mypassword, table row must be 1 row
    if($count==1)
    {
    // Register $myusername, $mypassword and redirect to file "login_success.php"
    session_register("myusername");
    session_register("mypassword"); 
    header("location:login_success.php");
    }
    else 
    {
    echo "Wrong Username or Password";
    }
    ?>
    <form action="foo.php" method="post">
        UserName:  <input type="text" name="username" /><br />
        Password:  <input type="password" name="password" /><br />
        <input type="submit" name="submit" value="Submit" />
    </form>

  4. #4
    SitePoint Enthusiast LSC-Rob's Avatar
    Join Date
    Jul 2005
    Location
    Sydney, NSW Australia
    Posts
    91
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by dsmIT View Post
    With the current code, it should work if your field names are "myusername" and "mypassword" and the content entered matches that in the database.
    (Emphasis is mine)

    Your php is referencing:
    Code PHP:
    $_POST['myusername'];
    but your form is
    Code HTML4Strict:
    <input type="text" name="username" />
    Rob G.
    ShopManager - Sales & Repair Business Management Software

  5. #5
    SitePoint Addict
    Join Date
    Jul 2011
    Location
    Hyderabad,India.
    Posts
    327
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    k instead of myusername if i replace with username then will it solve the problem...
    Code:
    <?php
    $host="localhost";  
    $username="root";  
    $password="";  
    $db_name="test"; 
    $tbl_name="log"; 
    
    mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
    mysql_select_db("$db_name")or die("cannot select DB");
     
    $username=$_POST['username']; 
    $password=$_POST['password'];
    
    $username = stripslashes($username);
    $password = stripslashes($password);
    $username = mysql_real_escape_string($username);
    $password = mysql_real_escape_string($password);
    
    $sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
    $result=mysql_query($sql);
    
    // Mysql_num_row is counting table row
    $count=mysql_num_rows($result);
    // If result matched $username and $password, table row must be 1 row
    if($count==1)
    {
    // Register $myusername, $mypassword and redirect to file "login_success.php"
    session_register("username");
    session_register("password"); 
    header("location:login_success.php");
    }
    else 
    {
    echo "Wrong Username or Password";
    }
    ?>
    <form action="foo.php" method="post">
        UserName:  <input type="text" name="username" /><br />
        Password:  <input type="password" name="password" /><br />
        <input type="submit" name="submit" value="Submit" />
    </form>
    if i give correct username and password where it will takes to me.....
    when will "login_success.php" and "foo.php" will be executed....
    kindly tell me


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •