urgent help plz

efimmike

i cannot register and log in with the registered name even though the username and password is added in database.

e.g
if i am registered as

username :mike
password: 1234567

if i log in with this account, i have an error saying user does not exist. the error applies to both username and password.

at 1st i thought it was my md5 encryption, but i increased the password value in the db to 100

thanks





<?php
// login script
session_start (); // once loged in maintains session until user closes the session.

$username = $_POST["username"];
$password = $_POST["password"];

if($username && $password)
    {

  $connect= mysql_connect("localhost" , "root", "oooo") or die("Couldn't connect!");
  mysql_select_db("cms") or die ("couldn't find db");

    $query = mysql_query("SELECT * FROM users WHERE username='$username'"); //matching db username with that which has been typed.

   $numrows = mysql_num_rows( $query );  //count the number of rows that ve been retrieve from the db

  if($numrows!=0) //check whether a row has been return where it suply the username above

  {
     while( $row = mysql_fetch_assoc ($query)) //fetch each row from $query and put into $row array.
     {
        $dbusername = $row ['username']; // extract from db
        $dbpassword = $row ['password'];

 }
    if($username==$dbusername && md5($password)==$dbpassword)
    {
     echo ("You re in! <a href = 'member.php' > Click </a> here to enter the member page."); 

     $_SESSION ['username'] = $username; // set session for users
    }

      else
        echo("Incorrect password!");

  }
  else
     die("That user does not exist!");

 }   
    else
     die("Please enter a username and password");

?>


<?php
// member registration script
echo "<h1> Register </h1>" ;

$submit = $_POST['submit'];

$fullname = strip_tags ($_POST['fullname']); // stips off html codes if entered in the fields.
$username = strtolower (strip_tags($_POST['username'])); // strtolower changes the xters to lower case.
$password = strip_tags ($_POST['password']);
$repeatpassword = strip_tags ($_POST['repeatpassword']);
$date = date("Y-m-d");

if ($submit)
{

 //open db
          $connect= mysql_connect("localhost" , "root", "oooo") or die("Connection failled");
          mysql_select_db("cms") or die ("cannot find cms");// select db which is 'cms'

   $namecheck = mysql_query ("SELECT username FROM users WHERE username='$username' ");

$count =  mysql_num_rows ($namecheck);    //function check, returns # rows contanin within the query above.

echo "count";


//    if($count !=0)  // check to avoid duplication of users registration.
   //      {
    //     die ("username already exist");

     }



 //check existance
 if ($fullname &&$username && $password && $repeatpassword)
      {
        if ($password == $repeatpassword)
        {

      // check char length of username and fullname
    if (strlen ($username) >25 || strlen ($fullname) >25)
     {
        echo ("Length of username or fullname is too long");
     }

     else
        {
          // check password length

          if(strlen ($password) >25 || strlen ($password) <6)
   {
   echo "Password must be between 6 and 25 characters";
   }

   else
   {
   // register the user

   // encrypt password.
         $password = md5($password);                       
         $repeatpassword = md5($repeatpassword);  



  $queryreg = "INSERT INTO users (id, fullname, username, password,date)
    VALUES('','$fullname', '$username','$password','$date')";
    mysql_query($queryreg) or die(mysql_error());

    echo ("You ve been registered! <a href ='ndex.php'> Return to log in page </a>");

   }



        }


    }
      else
         echo "Your passwords do not match";

  }
  else
  echo "Please fill in <b>all</b> fields ";                                          



//}

?>







<html>
<p>
<form action="register.php" method="post" >

<table>
   <tr>
       <td>
       Your full name:
       </td>
       <td> <input type="text" name="fullname" value=" <?php echo $fullname; ?>" >
       </td>

   </tr>
<tr>
       <td>
       Choose a username:
       </td>
       <td> <input type="text" name="username" value=" <?php echo $username; ?>" >
       </td>
   </tr>

   <td>
   Choose a password:
   </td>
   <td> <input type="password" name="password">
   </td>

   </tr>

<tr>
       <td>
      Repeat Your password:
       </td>
       <td> <input type="password" name="repeatpassword">
       </td>

   </tr>

</table>

 <p>
 <input type="submit" name="submit"  value="Register">

</form>


</html>

halojoy

Put this test in beginning of your login script:

<?php
// login script
session_start (); // once loged in maintains session until user closes the session.

echo $_POST["username"].'<br />'.$_POST["password"];
exit(); // stop --- just DEBUGGING

$username = $_POST["username"];
$password = $_POST["password"];

if($username && $password)
    {

I could see nothing wrong with register script
and nothing wrong with the login script.
So, my wild guess is that it is somewhere in login form page.
With the <form method="post" action="loginpage.php">
If I am correct, then the DEBUG test I post here, will tell that values from form
does not correctly come to login page.
.... but sure, I could be wrong 😃

bradgrafelman

What's the value of the 'password' field in your database, and what password was used to create that row?

If the password data was truncated when it was created (e.g. you used a VARCHAR field that was too short), then simply increasing the length of the field won't fix previously-inserted rows.

efimmike

Thanks for your comments.
Please, how do i display the data from the database into my registered user page.
i.e

if an admin registers i want him to view his info on the page rather than going to the bd

after registration he should get a page like this

Username: Jay
Email:jay@cms.com
Affiliate:cms
etc

hope u understand what i mean. bcos the current page only shows u ve been registered without displaying the details.
What should i do
thanks