LOGIN error

kkk

Hi, Just wondering if someone could help me please. Below I have code for my user login. I have entered some data manually in my database. However, when I try to login I get the error: "I'm sorry, no such user currently exists on our database or an incorrect password has been supplied. Please try again" Although I know that the username and password that I have supplied is correct (from what I have manually placed in the database). Could someone tell me how I'm going wrong please.

<?php
session_start();
require_once ("Connections/connection_properties.php"); //database connection 
$thisPage = $_SERVER['PHP_SELF'];  //the name of the current page 

if(isset($_REQUEST['submit'])) {
	//the form was submitted; submit button "Sign in" was pressed

if(isset($_REQUEST['username']) && !empty($_REQUEST['username'])) {
	$username = $_REQUEST['username'];
} else {
	$username = null;
}

if(isset($_REQUEST['password']) && !empty($_REQUEST['password'])) {
	$password = $_REQUEST['password'];
} else {
	$password = null;
}


//Using the username and password supplied, a query is used to check the database to see if the the user exists
$checkLoginQuery = "SELECT * FROM user WHERE userID='$username' AND password = password('$password')";
$checkLoginResult = mysql_query($checkLoginQuery) or die(mysql_error());

if (mysql_num_rows($checkLoginResult)==1) {
	//this user exists in the database

	//find out if he is an admin or a user
	$checkLoginRow = mysql_fetch_array($checkLoginResult);
	$isAdmin = $checkLoginRow['isAdmin'];
	$thisUserID = $checkLoginRow['userID'];
	$_SESSION['isAdmin'] = $isAdmin;
	$_SESSION['thisUserID'] = $thisUserID;
	/*if ($isAdmin) {
		echo "the user is an admin\n";
	} else {
		echo "the user is a non-admin\n";
	}*/
	 header("location:welcome.php");

} else {
	echo "I'm sorry, no such user currently exists on our database or an incorrect password has been supplied. Please try again";
}


} else {
	//the form has not been submitted
?>

<head>
<title>Login</title>
</head>

<body>
<form name="login_form" form action="<?php echo $thisPage; ?>" method="post"><fieldset><legend>Login</legend>
<label for= "username" >Username :</label>
<input name="username" type="text" size="20" maxlength="20" />
<br />
<label for= "password" >Password :</label>
<input name="password" type="password" size="20" maxlength="15" />
<br /> 

<br /> 
<input name="submit" type="submit" value="Sign In" />
<input name="reset" type="reset" value="Clear" /></fieldset>
</form>
</body>
</html>

<?php
}
?>

bradgrafelman

When posting PHP code, please use the board's [noparse]

..

[/noparse] bbcode tags as they make your code much easier to read and analyze.

As for your problem, how did you manually enter in the credentials you're trying?

EDIT: Also, please do not cross-post the same issue across multiple forums.

kkk

thankyou,

I created usernames and passwords directly into the mysql database.

I'm unsure why the php login isn't working? Please help.

bradgrafelman

kkk;10978742 wrote:
I created usernames and passwords directly into the mysql database.

That doesn't really tell us anything. Can you show us the exact SQL query used?

Also, can you show us the CREATE TABLE syntax that describes this table? Specifically, what type (and length, if applicable) is the password column?

Derokorian

Are you sure you told mysql to use the password function on your password when you input it manually? Did you type it directly in say phpMyAdmin without setting the password function? If so you password is stored raw, and you are encoding the comparison.