Results 1 to 3 of 3
  1. #1
    Join Date
    Sep 2004
    Posts
    1

    Unanswered: Why won't this script work?

    It's for a simple register/login script I'm working on. All the information (username, email, and password) is going into the database fine. The password is going in md5($_POST['userpass']); so it's encrypted. Here's the problem I have:


    login.html:
    ********
    <form action="login.php" method="post">
    Username: <input type="text" name="username" size="10">
    Password: <input type="password" name="userpass" size="10">
    <input type="submit" value="submit" name="submit">
    </form>
    ********

    login.php:
    ********
    <?
    //replace username and password with your mysql name and password
    $conn = mysql_connect("localhost","***","***");

    //select the database
    $db = mysql_select_db("***");

    $username = $_POST['username'];

    $email = $_POST['email'];

    $userpass = md5($_POST['userpass']);

    $sql = "select * from users where username='$username' and password='$userpass'";

    $result = mysql_query($sql);

    if (mysql_num_rows($result)!= 1) {

    $error = "Login failed";

    echo "Login failed";

    } else {

    $_SESSION['username'] = "$username";

    $_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];

    // any other data needed to navigate the site or

    // to authenticate the user can be added here

    echo "Welcome";

    }?>
    ********

    When I run the script (yes the information is in the database), it says Login failed, which means mysql_num_rows($result)!= 1), however...it does. I've taken out the password part in the $sql line and it seems to work fine, so something with the md5 encryption isn't working. Is there a better/another way to do this, or is there something really wrong here?

    Thanks!

  2. #2
    Join Date
    Oct 2003
    Posts
    706
    Print things. Print the actual query string and the actual num-rows value returned. Run the query separately to be sure that the result is exactly as you expect. Never Assume.
    ChimneySweep(R): fast, automatic
    table repair at a click of the
    mouse! http://www.sundialservices.com

  3. #3
    Join Date
    Mar 2004
    Posts
    480
    What version of MySQL are you using? Check the manual about long passwords. I seem to remember that there is a problem with a particular version may be 4.x may be 5.x that you need to use OLD PASSWORD when creating a password or your script in PHP can't recognize the password. This is because of some encryption of the password in MySQL.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •