Hi everyone,
I'm trying to validate the password entered by the user with the password in the database. I've worked out that it checks the username fine (if the username doesn't exist it displays an error), however when it tries to validate the password with the mysql password it never works. The working 'example' is at http://scapersclearing.com/fansite/login.php;and this is the PHP (note base.php contains the database information and header.php, navigation.php and footer.php and all front-end). I'm planning on adding html entities and preventing SQL injection once this works. Username: Test - Password: password89 (md5 c1c2434f064da663997b1a2a233bf9f6)
Code: <?php
include("base.php"); //Include MySQL connection
$username = $_POST['username']; //Connect form username with strings
$password = $_POST['password']; //Connect form password with strings
$salt = "xia8u28jd0ajgfa"; //Define the salt string
$salt2 = "oqipoaks42duaiu"; //Define the second salt string
$password = md5($salt.$password.$salt2); //Encrypt the password
$result = mysql_query("SELECT * FROM members WHERE username = '".$username."'"); //Open the members table
while($row = mysql_fetch_array( $result )) { //Convert the members table into an array
if ( $username != $row['username'] ) { //If user entered username doesn't equal the database username
include("header.php"); //Print the message
include("navigation.php");
echo "Invalid username or password!";
include("footer.php");
}
else {
$username = $username_new;
$password = $password_new;
if ( $row['password'] == $password_new ) { //Validate username and password
setcookie('c_username', $username_new, time()+6000); //Set the username cookie
setcookie('c_password', $password_new, time()+6000); //Set the cookie
header("Location:index.php"); //Redirect to home page
} else {
include("header.php"); //Print the message
include("navigation.php");
echo "<div class="content"><p>Invalid username or password!<p></div>";
include("footer.php");
} } }
?>
help with multi-update
Now sure how to ask this really....
Sql and php order list script problems
Hi im having a few problems with trying to get the coding right on a orders list ive done (or trying to do) for a custom shopping cart im making... For some reason it comes up with all the orders in
Searching keywords from array
Hello everyone, Im just wondering if someone could help me with another issue im having. Im still learning PHP and I have been for a few months now, but every now and then I get stuck on small things.
script is pulling more then they have....
I have this script for my game where they can change there race. This will cost them 2,500 points. However in our database points are called crystals. If the person has 500 points, and the script
Form a inline view based on the results of the previous query?
Hi Experts,
How would I protect......
I have a from, actually, a good amount of forms. How can I make it so you can't type the characters: '!~*&^%().;-_ in the form? Where it completely blocks those characters
Passing Arguments to execlp()
I'm writing a program that mimics a unix shell. It's supposed to take commands with arguments and execute them. I'm having trouble passing in the arguments into the execlp call to correctly execute
Strange array issue, never happened before.
mysql_fetch_array returns 1 array per call. Generally that's why it is inserted into a while statement. I generally loop through them in a while statement and put them all in a master array so I
PHP search multiple input field box help
I am having a problem with my search script. At current it will simply search by a selected date which is a java based calendar that displays when using id='datedisplay' in the input form field below.
How to login with SAPCPIC userid
I have changed the Password for SAPCPIC in Development Server for 000,001 and 100 client.
