Hi everyone,
I'm trying to validate the password entered by the user with the password in the database. I've worked out that it checks the username fine (if the username doesn't exist it displays an error), however when it tries to validate the password with the mysql password it never works. The working 'example' is at http://scapersclearing.com/fansite/login.php;and this is the PHP (note base.php contains the database information and header.php, navigation.php and footer.php and all front-end). I'm planning on adding html entities and preventing SQL injection once this works. Username: Test - Password: password89 (md5 c1c2434f064da663997b1a2a233bf9f6)
Code: <?php
include("base.php"); //Include MySQL connection
$username = $_POST['username']; //Connect form username with strings
$password = $_POST['password']; //Connect form password with strings
$salt = "xia8u28jd0ajgfa"; //Define the salt string
$salt2 = "oqipoaks42duaiu"; //Define the second salt string
$password = md5($salt.$password.$salt2); //Encrypt the password
$result = mysql_query("SELECT * FROM members WHERE username = '".$username."'"); //Open the members table
while($row = mysql_fetch_array( $result )) { //Convert the members table into an array
if ( $username != $row['username'] ) { //If user entered username doesn't equal the database username
include("header.php"); //Print the message
include("navigation.php");
echo "Invalid username or password!";
include("footer.php");
}
else {
$username = $username_new;
$password = $password_new;
if ( $row['password'] == $password_new ) { //Validate username and password
setcookie('c_username', $username_new, time()+6000); //Set the username cookie
setcookie('c_password', $password_new, time()+6000); //Set the cookie
header("Location:index.php"); //Redirect to home page
} else {
include("header.php"); //Print the message
include("navigation.php");
echo "<div class="content"><p>Invalid username or password!<p></div>";
include("footer.php");
} } }
?>
login from external site
Hi my new experience begins, Now what i am trying to do is i make three pages, login.php logout.php index.php . Now if i will not give correct detail i can not see the index.php ,all working perfect
problems with script
I made a small script wich exchanges points in my website: <?phpsession_start();include_once"config.php";$username = $_SESSION['username']; if(isset($_POST['exchange'])){$spoints =
Weekly Calendar
Hi, I am looking at creating a weekly calendar. The calendar will read from Monday - Sunday. Does anyone know of any examples or tutorails on how I can achieve this, as I have tried searching without
cURL and Sessions
Ohai.So, I'm trying to cURL a bunch of things off of a page, and put them into a session. I've added all of the items so they look like $_SESSION['fur'] = ge_item(6814)Now I just need to figure out
problem in program for counting no of chars using pointers
Hi all, I was trying to make a program which counts number of chars in a string using concpt of pointers. Following is the code:
image upload, resize THEN submit form
Ok so I have a form that requires the user to upload an image, and then do something with that image (using some ajax scripts), then fill out the rest of the form and submit. I have the upload script
Significance of BPM
Hi Experts,
How to show the difference between two data field in a database with php.
Hello php gurus,how r u all... i'm not so well facing a typical problem please help me...i'm working with php and mysql.my problem is...in a data base have two integer field like parent_id &
Regarding accessing SQL query issued by any user in Oracle 10g
Hi all,
An odd assignment statement. Can someone explain this assignment to me?
What purpose is served by the bit of code between the two equal signs in the $installurl set? Is this some sneaky way of setting $baseurl? I remember the code seemed to blow up when I took it