Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 3 days ago.
Improve this question
Im new to php and im building a login and registration form.
Everything works except when i click log in with a user credentials that are in my database my error for "user not found is showing.
I've included the code snippet for my error to see if i have typed something wrong.
protected function getUser($email, $pwd)
{
$stmt = $this->connect()->prepare("SELECT pwd FROM web WHERE lName = ? OR Email = ?;");
if (!$stmt->execute(array($email, $pwd))) {
$stmt = null;
header("location: ../index.php?error=stmtfailed");
exit();
}
if ($stmt->rowCount() == 0) {
$stmt = null;
header("location: ../index.php?error=usernotfound");
exit();
}
$pwdHashed = $stmt->fetchAll(PDO::FETCH_ASSOC);
$checkPwd = password_verify($pwd, $pwdHashed[0]["pwd"]);
if you need any more info let me know!
Related
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 7 years ago.
Improve this question
My code looks like this and on my page (w-o-l.ml/login.php) it displays this message
Parse error: syntax error, unexpected end of file in /home/u536535282/public_html/includes/config.php on line 36
<?php
ob_start();
session_start();
//set timezone
date_default_timezone_set('America/New_York');
//database credentials
define('DBHOST','mysql.hostinger.co.uk');
define('DBUSER','u536535282_evan7');
define('DBPASS','anaavcnM9t7');
define('DBNAME','u536535282_dbsql');
//application address
define('DIR','http://w-o-l.ml/');
define('SITEEMAIL','it#w-o-l.ml');
try {
//create PDO connection
$db = new PDO("mysql:host=".DBHOST.";port=8889;dbname=".DBNAME, DBUSER, DBPASS.");
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch(PDOException $e) {
//show error
echo '<p>'.$e->getMessage().'</p>';
exit;
}
//include the user class, pass in the database connection
include('classes/user.php');
include('classes/phpmailer/mail.php');
$user = new User($db);
?>
if someone could point me to what is wrong i would appreciate it
Looking at how SO parsed your code, I would say that
$db = new PDO("mysql:host=".DBHOST.";port=8889;dbname=".DBNAME, DBUSER, DBPASS.");
should be
$db = new PDO("mysql:host=".DBHOST.";port=8889;dbname=".DBNAME, DBUSER, DBPASS);
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 7 years ago.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Improve this question
below is my simple login.php code, I created a user with
usermail: admin userpass: admin123
But whenever I try to login with admin account, it ignores the if statement and it opens the homepage.php, what might be the problem, thank you.
<?php
$connection = mysql_connect("localhost","user","password") or die("Could not connect to the database");
mysql_select_db("nisbet", $connection);
error_reporting(0);
if($_POST['login']){
if($_POST['usermail'] && $_POST['userpass']){
$usermail = mysql_real_escape_string($_POST['usermail']);
$userpass = mysql_real_escape_string(hash("sha512",$_POST['userpass']));
$user = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `usermail` = '$usermail'"));
if($user == 0){
die("User does not exits <a href='index.php'>← Back</a>");
}
if($user['userpass'] != $userpass){
die("Incorrect password! <a href='index.php'>← Back</a>");
}
//die("You are now logged in as $usermail !");
if($user['usermail'] == 'admin' && $user['userpass'] == 'admin123'){
header('Location: adminpage.php');
}else{
header('Location: homepage.php');
}
}
}
The $userpass variable contains a hash of the submitted password, so comparing it to "admin123" won't work.
You should compare it to the hash of "admin123" instead, or not comparing them a second time since you've already done that before in your code.
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 9 years ago.
Improve this question
I am trying to create login system with access level but i the bellow code always shows please enter you password. please help me where i am wrong.
session_start();
if(isset($_REQUEST['submit'])) {
$username=$_POST['username'];
$mypassword=$_POST['password'];
if($username){
if($password){
require('conn/iclude.php');
$password=sha1($password);
$query=mysql_query("SELECT * FROM admin where name='$username'");
$numrow=mysql_num_rows($query);
if($numrow==1){
$row=mysql_fetch_assoc($query);
$dbid=$row['id'];
$dbuser=$row['name'];
$dbpass=$row['pass'];
$role=$row['role'];
if($password==$dbpass) {
$_SESSION['username']=$dbuser;
$_SESSION['useridid']=$dbid;
if($role == 1){
header('Location:admin.php');
}elseif ($role==2) {
header('Location:1/neasp.php');
}elseif ($role==3) {
header('Location:2/index.php');
}elseif ($role==4) {
header('Location:3/index.php');
}elseif ($role==5) {
header('Location:4/index.php');
}
}else{}
}else{
echo"Hello World";
}
}else{echo "You must enter your password";}
}else {echo "You must enter your name";}
}
thanks below is html form
$mypassword=$_POST['password'];
^^^^^^^^^^^ **MY** password
if($password){
^^----no **MY**
If your system was properly configured for debugging, e.g. display_errors and error_reporting turned on, you'd have gotten warnings about using undefined variables. A development/test system should *NEVER have these settings off in the first place.
You are also vulnerable to SQL injection attacks. Enjoy having your server pwn3d.
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 8 years ago.
Improve this question
I am trying to add a resend verification action to my login/register system using tampus login system. I am following this tutorial.
Okay I am not a fan of php frameworks so I will make this one for you with MySQL:
if(empty($_POST["user"]) || empty($_POST["pass"])){
echo "Missing values";
} else {
//You would need the mysql connection variable named $db_conn
$db_conn = mysqli_connect("localhost","user","pass","db_name");
$user = $_POST["user"];
$pass = md5($_POST["pass"]);//MD5 encrypt;
$sql = "SELECT id FROM users WHERE username='$user' AND password='$pass'"
$query = mysqli_query($db_conn,$sql);
if(mysql_num_rows($query) > 1){
//Do the login thingys like cookies and redirects
} else {
echo "Check your credentials";
}
}
I think I could not made it easier and better to understand
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
seem that I can't make it right.
Basically, three PHP files are used: - login.php, testconnect.php and numrows.php
numrows.php is the main file that first start played.
login.php and testconnect.php are good.
numrows.php:-
<?php
global $dbh1;
require_once "testconnect.php";
try
{
$stmt = $dbh1->prepare("select count(distinct mfg_code) from test");
$stmt->execute();
}
catch(PDOException $err)
{
$alertmsg = $err->getMessage();
}
$num = $stmt->fetch("PDO::FETCH_ASSOC:");
$num = json_encode($num);
echo $num;
?>
The log error from apache showed ""GET /testnumcards.php HTTP/1.1" 500 -". Again the error I encountered while debugging is "NetworkError: 500 Internal Server Error".
What is the right way to do?
Your problem not in making $dbh available but in inconsistent code and wrong syntax.
At least make your file this way, without all the useless and wrong code
<?php
require_once "testconnect.php";
$stmt = $dbh1->prepare("select count(distinct mfg_code) from test");
$stmt->execute();
$num = $stmt->fetch(PDO::FETCH_ASSOC); // note the proper syntax
$num = json_encode($num);
echo $num;
then look into error_log for the details