Login problem

Question

Aser Gado 0 Junior Poster in Training

12 Years Ago

After successfully creating a registering system I can't use the login system I've created, it always gives the error message I've set "Wrong Email or Password" although the values are right!

The code for validating the login process:

<?php

$con = mysql_connect("***","*****","****");

mysql_select_db("*****", $con);

$emailin=$_POST['emailin'];
$passwordin=$_POST['password']; 

$emailin = stripslashes($emailin);
$passwordin = stripslashes($passwordin);
$emailin = mysql_real_escape_string($emailin);
$passwordin = mysql_real_escape_string($passwordin);

$sql="SELECT * FROM users WHERE email='$emailin' and password='$passwordin'";
$result=mysql_query($sql);

$count=mysql_num_rows($result);

if($count==1){
session_register("emailin");
session_register("passwordin");
header("location:profile.php");
}
else {
echo "Wrong Email or Password";
}

?>

Thanks

php

3 Contributors
3 Replies
87 Views
6 Hours Discussion Span
Latest Post 12 Years Ago Latest Post by Aser Gado

pritaeas 2,194 ¯\_(ツ)_/¯

12 Years Ago

Try this, and show us the output:

$sql = "SELECT * FROM users WHERE email='$emailin' and password='$passwordin'";
echo $sql;
$result = mysql_query($sql) or die(mysql_error());
$count = mysql_num_rows($result);
echo $count;

Edited 12 Years Ago by pritaeas because: n/a

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

dean8710 -3 Junior Poster in Training · Answer 1 · 2012-02-08T20:33:29+00:00

you forget session_start()

if($count==1){
    //session_start — Initialize session data
    session_start();

    $_SESSION['login_email'] = $emailin;
    $_SESSION['login_password'] = $passwordin;

    session_register("emailin");
    session_register("passwordin");

    //Add additional member to cookie array as per requirement
    setcookie("email", $_SESSION['login_email'], time()+60*60*24*100, "/");

    header("location:profile.php");
}
else {
    echo "Wrong Email or Password";
}

Aser Gado 0 Junior Poster in Training · Answer 2 · 2012-02-08T20:55:35+00:00

@dean, it didnt fix the problem.

@pritaes, it gave me this:

SELECT * FROM users WHERE email='Aser.Gado@gmail.com' and password=''0Wrong Email or Password

EDIT: i Fixed it, here is the code i used:

// username and password sent from form 
$emailin=$_POST['emailin']; 
$passwordin=$_POST['passwordin'];

// To protect MySQL injection 
$emailin = stripslashes($emailin);
$passwordin = stripslashes($passwordin);
$emailin = mysql_real_escape_string($emailin);
$passwordin = mysql_real_escape_string($passwordin);

$sql="SELECT * FROM users WHERE email='$emailin' and password='$passwordin'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
if(mysql_num_rows($result) > 0){
  $data = mysql_fetch_array($result);
  $_SESSION['id'] = $data['id'];
  $_SESSION['username'] = $data['username'];
  header("location:login_success.php");
} else {
  echo "Wrong Username or Password";
}