Member Avatar for mrjoli021

Why doesnt this code work. I keep getting false even when i type in the correct username and password

$user_name = mysql_query("SELECT * FROM users WHERE username =
                                           '".$Entered_UserName ."' 
                                           AND password = '".md5($Entered_PassWord) . "'");

         $user_name_password = mysql_fetch_assoc($user_name);

         if($user_name_password === false)
           {
           	echo 'false';
           }
         else
           echo 'true';
         }
  • 4 Contributors
  • 3 Replies
  • 108 Views
  • 15 Hours Discussion Span
  • Latest Post Latest Post by cwarn23
Member Avatar for Stefano Mtangoo

Why doesnt this code work. I keep getting false even when i type in the correct username and password

Try this (I didn't test it)

$user_name = mysql_query("SELECT * FROM users WHERE username = {'$Entered_UserName'}  AND password =  '{md5($Entered_PassWord)}' ");

         $user_name_password = mysql_fetch_assoc($user_name);

         if($user_name_password)
           {
           	echo True';
           }
         else
           echo 'False';
         }
Member Avatar for network18

Why doesnt this code work. I keep getting false even when i type in the correct username and password

$user_name = mysql_query("SELECT * FROM users WHERE username =
                                           '".$Entered_UserName ."' 
                                           AND password = '".md5($Entered_PassWord) . "'");

         $user_name_password = mysql_fetch_assoc($user_name);

         if($user_name_password === false)
           {
           	echo 'false';
           }
         else
           echo 'true';
         }

are you sure that you are md5 encrypting the password when you are storing it to the database, when the user first time enters it, while registration.

Member Avatar for cwarn23

Try the following:

$user_name = mysql_query('SELECT * FROM users WHERE username ="'.mysql_real_escape_string($Entered_UserName).'" AND password = "'.md5($Entered_PassWord).'"') or die(mysql_error());

         $user_name_password = mysql_fetch_assoc($user_name);

         if($user_name_password === false)
           {
           	echo 'false';
           } else{
           echo 'true';
         }
Edited by cwarn23 because: n/a
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.