Hello all,

I'm having a bizarre problem with the most basic of logins. I'm using a function to pass two parameters, just email and password but it just will not work and I can't understand why. I ran the query in the database and it returned a COUNT value of 0, the odd part is that when I remove the password section the COUNT returns 1.

I've double checked the password and it echo's out the same hash as the one stored in the db, but I'm totally confused.

Any help would be much appreciated.

Here is the login form snippet

        <form action="" method="POST">

            <p>
            <input type="email" name="login_email" placeholder="Email address"/>
            </p>

            <p>
            <input type="password" name="login_password" placeholder="Password" />
            </p>

            <p>
            <input class="btn" type="submit" name="login" id="login" value="Login" />
            </p>


        </form>




if (isset($_POST['login'])) 

            {
                $login_email    = $_POST['login_email'];
                $login_password = $_POST['login_password'];

                $login_password = md5($login_password);

                    if (empty($login_email) || empty($login_password)) 

                        {
                            echo "Email and password required.";
                        } 

                    else 

                        {   
                             echo $login = login_check($login_email, $login_password);
                             $_SESSION['user_id'] = $user_id;

                             header('location: index.php');
                             exit();        
                        }


            }





function login_check($login_email, $login_password){

    $login_email = mysql_real_escape_string($login_email);
    $login_query = mysql_query("SELECT COUNT(`user_id`) as `count`, `user_id` FROM `users` WHERE `email`='$login_email' AND `password`='$login_password' ") or die (mysql_error());
    return (mysql_result($login_query, 0) == 1) ? mysql_result($login_query, 0, `user_id`) : false;

I ran the query in the database and it returned a COUNT value of 0, the odd part is that when I remove the password section the COUNT returns 1.

Sounds like you inserted the record with a different password, or a different hash. The code you have looks fine. There must be a discrepancy between the inserting of a user and selecting one (specifically the password).

okey check that new version of the function:

function login_check($login_email, $login_password){
$login_email = mysql_real_escape_string($login_email);
$login_query = mysql_query("SELECT COUNT(`user_id`) as `count`, `user_id` FROM `users` WHERE `email`='$login_email' AND `password`='$login_password' ") or die (mysql_error());
$row=mysql_fetch_array($login_query);//new lines
$cnt=0
$cnt=intval($row["count"]);
> return ($cnt>0) ? $row["user_id"] : false;
}

Hello guys, a few days back I clicked on the up arrow and entered a comment but it doesn't show, so just in case you didn't receieve my message I would like to thank you both for your help, it's all sorted now although I'm still unsure as to why !

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.