Question:

Php MySQL Database Password problem???!!!?

by  |  earlier

0 LIKES UnLike

I've made in MySql a Database (members) and 1 table (users)

and 2 Fields in it:

1. username - varchar(30)

2. password - varchar(30)

In Php I've made: Register.php, login.php, members.php, logout.php.

Everything is alright it works, but when i Register whit a name example: John

password: 12345

It says registered successfully, but when i try to login whit "John" & "12345" It says: "Incorrect Password".

The username and the password has entered the database but the passoword is something like this: 0c10749e230a74b09c6b0e7af.

I've tried whit this password too but it hasn't work.

So The Main Problem is that the password don't enters the database correctly or i don't know...

REGISTER.PHP:

<?php

// Connects to your Database

mysql_connect("localhost", "xy_admin", "xyz") or die(mysql_error());

mysql_select_db("xy_members") or die(mysql_error());

//This code runs if the form has been submitted

if (isset($_POST['submit'])) {

//This makes sure they did not leave any fields blank

if (!$_POST['username'] | !$_POST['pass'] | !$_POST['pass2'] ) {

die('Kérem töltsön ki minden mezõt!

<a href=register.php>vissza</a>');

}

// checks if the username is in use

if (!get_magic_quotes_gpc()) {

$_POST['username'] = addslashes($_POST['username']);

}

$usercheck = $_POST['username'];

$check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'")

or die(mysql_error());

$check2 = mysql_num_rows($check);

//if the name exists it gives an error

if ($check2 != 0) {

die('Sajnos a(z) '.$_POST['username'].' név már foglalt, kérem válasszon egy másik nevet.

<a href=register.php>vissza</a>');

}

// this makes sure both passwords entered match

if ($_POST['pass'] != $_POST['pass2']) {

die('A jelszavak nem egyeznek, kérem írja be ujból.

<a href=register.php>vissza</a>');

}

// here we encrypt the password and add slashes if needed

$_POST['pass'] = md5($_POST['pass']);

if (!get_magic_quotes_gpc()) {

$_POST['pass'] = addslashes($_POST['pass']);

$_POST['username'] = addslashes($_POST['username']);

}

// now we insert it into the database

$insert = "INSERT INTO users (username, password)

VALUES ('".$_POST['username']."', '".$_POST['pass']."')";

$add_member = mysql_query($insert);

?>

<h1>Sikeres regisztrácio!</h1>

<p>Köszönjük, hogy regisztrált, most már <a href=login.php>bejelentkezhet</a>.</p>

<?php

}

else

{

?>

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">

<table border="0">

<tr><td>Név:</td><td>

<input type="text" name="username" maxlength="60">

</td></tr>

<tr><td>Jelszó:</td><td>

<input type="password" name="pass" maxlength="10">

</td></tr>

<tr><td>Jelszó ujra:</td><td>

<input type="password" name="pass2" maxlength="10">

</td></tr>

<tr><th colspan=2><input type="submit" name="submit" value="Regisztrálás"></th></tr> </table>

</form>

<?php

}

?>

Or the Problem is in the LOGIN.PHP???

 Tags:

   Report
Answer The Question I've Same Question Too

3 ANSWERS

Sort By: Date  |  Rating

  1. tuntis is correct


  2. I think you need to add an extension name to your SQL Configuration File.

  3. It looks like your register.php is ok if the data is getting into the database table.  The password is being encrypted with the MD5 hash on the line

    $_POST[&#039;pass&#039;] = md5($_POST[&#039;pass&#039;]);

    - this means that if anyone manages to access the users table, they still can&#039;t read the users&#039; passwords.  On the login.php, is this also being done? I&#039;m betting not if the authentication is failing - it is probably the unencrypted password being searched for rather than the encrypted one and so this search is (quite correctly) failing.

    Also, as another answer mentions, check your password field length in your table.

    http://en.wikipedia.org/wiki/Md5
You're reading: Php MySQL Database Password problem???!!!?

Question Stats

Latest activity: earlier.
This question has 3 answers.

BECOME A GUIDE

Share your knowledge and help people by answering questions.
Register Now