Member Avatar for Puster

Hello,
I am worcking with a login script, and everytime i am trying to log on, I we get my error messege "inncorect password!"
And everythning is okay!
Can somebody pleas cheack it?

<?php 

include 'connect.php';

$session_username = $_SESSION['username'];

if ($_POST['login'])
{
  // Får dataen fra databasen.
  $username = addslashes(strip_tags($_POST['username']));
  $password = addslashes(strip_tags($_POST['password']));
  
  if(!$username||!$password)
  echo "ecnter a username and a pssword";
  else
  {
  // Her logger brukern seg inn!
  $login = mysql_query("SELECT * FROM users WHERE username='$username'");
  if (mysql_num_rows($login)==0)
  echo "no such user";
  else
  {
	while ($login_row = mysql_fetch_assoc($login))
	{
	
	//Får databsens passord!
	$password_db = $login_row['password'];
	
	//Krypteringen fra passordet!
	$password = md5($password);
	
	//Skjekk passord
	if ($password!=$password_db)
	echo "incorrect password";
	else
	{
	// skjekker om bruker har aktivert kontoen via linken!.
	$active = $login_row['active'];
	$email = $login_row['email'];
	
	if ($active==0)
		echo "You hassen activated your account, pleas cheack your email ($email)";
	else
	{
			$_SESSION['username']=$username; // assign session
			header("Location: index.php"); // refresh
	}
}
  }
}
}
}
?>
<form action='index.php' method='POST'>
Username:<br/>
<input type='text' name='username'><p />
Password:<br />
<input type='password' name='password'><P />
<input type='submit' name='login' value='Log in'>
</form>
  • 4 Contributors
  • 3 Replies
  • 192 Views
  • 9 Hours Discussion Span
  • Latest Post Latest Post by _coder
Member Avatar for Froger93

I would advise wrapping all queries inside the mysql_real_escape_string() function.

It seems as though between PHP and MySql they are not comming up with the same result.

Member Avatar for rch1231

Hello

You need spaces to separate the variable from the test:

//Skjekk passord
	if ($password != $password_db)
	echo "incorrect password";
	else
Edited by rch1231 because: forgot code markers
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.