Member Avatar for RainaAnja

i have a problem,i log in even though im not registered in database,
please help me urgent!!!!!!!!!!!!

  • 3 Contributors
  • 9 Replies
  • 171 Views
  • 1 Hour Discussion Span
  • Latest Post Latest Post by mohan@nano
Member Avatar for mohan@nano

have u connected with database for the registration form

Member Avatar for Bachu

Can you show me your code ?

For reference Click Here

Member Avatar for RainaAnja 
<?php
include 'connectMySql.php';


session_start();
if(isset($_POST['login']))
{
    $username = mysql_real_escape_string($_POST['username']);
    $password = mysql_real_escape_string($_POST['password']);
    if($username && $password)
    {

        $query = mysql_query("SELECT * FROM users  WHERE username = '$username'");
        while($row=mysql_fetch_assoc($query))
        {
            $username = $row['username'];
            $password = $row['password'];
        }
        if($username==$username && $password==$password)
        {
            $_SESSION['username'] = $username;
            $_SESSION['password'] = $assword;
            header("location:members.php");
        }
        else
        {
            header("location:index.php?notify=Incorrect Username or Password.");
        }
    }
    else
    {
        header("location:index.php?notify=All fields are required.");
    }
}

?>
Member Avatar for Bachu

Try this

<?php
include 'connectMySql.php';

session_start();
if(isset($_POST['login']))
{
    $username = mysql_real_escape_string($_POST['username']);
    $password = mysql_real_escape_string($_POST['password']);
    if($username && $password)
    {
        $query = "SELECT * FROM users  WHERE username = '$username' AND password = '$password'";
        $result=mysql_query($query);
        $count=mysql_num_rows($result);

        if($count>0)
        {
            $_SESSION['username'] = $username;
            $_SESSION['password'] = $password;
            header("location:members.php");
        }
        else
        {
            header("location:index.php?notify=Incorrect Username or Password.");
        }
    }
    else
    {
        header("location:index.php?notify=All fields are required.");
    }
}

?>
Edited by Bachu because: text correction
Member Avatar for RainaAnja

now it does not log in registered users

Member Avatar for mohan@nano 
   <?php
    include 'connectMySql.php';
    session_start();
    if(isset($_POST['login']))
    {
    $username = mysql_real_escape_string($_POST['username']);
    $password = mysql_real_escape_string($_POST['password']);
    if($username && $password)
    {
    $query = mysql_query("SELECT * FROM users WHERE username = '$username' AND password='$password'");
    while($row=mysql_fetch_assoc($query))
    {
    $username = $row['username'];
    $password = $row['password'];
    }
    if($username==$username && $password==$password)
    {
    $_SESSION['username'] = $username;
    $_SESSION['password'] = $password;
    header("location:members.php");
    }
    else
    {
    header("location:index.php?notify=Incorrect Username or Password.");
    }
    }
    else
    {
    header("location:index.php?notify=All fields are required.");
    }
    }
    ?>
Edited by mohan@nano because: wrongly typed
Member Avatar for RainaAnja

it logs in an unregistered user again

Member Avatar for mohan@nano

have you tried with already registerd users ... if u do like that means .. what error u should get ..

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.