user name and password are not working - php

Folks, Please check my code..am executing the below code by http://localhost/mycart/login.php?is_ajax=1&username=srini&password=srini Then am getting this error even though passing valid user name and password. kindly help me thanks
mysql_num_rows() expects parameter 1 to be resource, boolean given in
C:\wamp\www\mycart\login.php on line 25 and username 'srini' and password 'srini' not found
<?php
$is_ajax = $_REQUEST['is_ajax'];
if (isset($is_ajax) && $is_ajax) {
error_reporting(E_ALL ^ E_NOTICE);
$uname = $_REQUEST['username'];
$pword = $_REQUEST['password'];
$uname = htmlspecialchars($uname);
$pword = htmlspecialchars($pword);
echo $uname;
echo $pword;
$con = mysql_connect("localhost", "root", "root");
if (!$con) {
die('Connection Failed' . mysql_error());
}
mysql_select_db("test", $con);
$result = mysql_query("SELECT * FROM login WHERE L1 = $uname AND L2 = $pword");
$num_rows = mysql_num_rows($result);
if ($num_rows > 0)
echo "success";
else
echo "username '{$uname}' and password '{$pword}' not found";
mysql_close($con);
}
?>

Your result is probably false. Try this:
$result = mysql_query("SELECT * FROM login WHERE L1 = '".$uname."' AND L2 = '".$pword."'");

Use ' in your SQL query to mask string values:
$result = mysql_query("SELECT * FROM login WHERE L1 = '" . $uname . "' AND L2 = '" . $pword . "'");

Related

mysqli_num_rows return 0 always

here am trying to get username and password from the database and if their result is found then redirect to some page but mysqli_num_rows returns 0 always i dunno why `
if (isset($_POST['login'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$query = "SELECT * FROM `login` WHERE username = '$username' AND password = '$password'";
$run = mysqli_query($con,$query);
if (mysqli_num_rows($run) == 1) {
header("location: login.php");
}}?>
`
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "ornament"; // My local DB Name
$conn = mysqli_connect($servername, $username, $password, $dbname);
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$username = "test"; // $_POST["username"] value
$password = "test"; // $_POST["password"] value
$sql = "SELECT * FROM `ornament` WHERE username = '$username' AND password = '$password'";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) == 1) {
echo "correct";
} else {
echo "wrong";
}
mysqli_close($conn);
?>
</body>
</html>
OUTPUT:
correct
I have a database name and table name are same, But for me it's working fine.
NOTE: Please check the whether you are using correct password while getting from POST.
Any how you got a solution, Have a great day
Thanks
Muthu

Php getting id of current user not working

I was trying to make a page where you can log in and then change your nickname or/and password. Everything in mySQL database, but when I try to save the id to session variable, it doesn't work. Any suggestions?
I am using XAMPP, users is my table in database users, I'm not posting login form code, because it's very simple.
Everything is connected, code doesn't give any warnings or errors.
login.php (fragment):
$sql = "SELECT * FROM users WHERE nickname = '$myusername' and pass = '$mypassword' and confirmed = 1";
$result = mysqli_query($conn,$sql);
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);
$count = mysqli_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1) {
$logged = true;
while($row = mysqli_fetch_assoc($result)) {
echo "id: " . $row["id"];
$_SESSION['currentId'] = $row["id"];
echo 'Id: ' . $_SESSION['currentId'];
}
}else {
$error = "Your Login Name or Password is invalid";
}
}
change.php (whole):
<?php
session_start();
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "Users";
$currentId = $_SESSION['currentId'];
if($currentId<1){echo 'No Id.';}
else {echo 'CurrentId: ';
echo $currentId;}
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
echo "Connected successfully <br>";
if($_SERVER["REQUEST_METHOD"] == "POST") {
// username and password sent from form
$aCUname = mysqli_real_escape_string($conn,$_POST['CUname']);
$aCUpass = mysqli_real_escape_string($conn,$_POST['CUpass']);
$sql = "UPDATE users SET nickname = '$aCUname', pass = '$aCUpass' WHERE id = '$currentId';";
$result = mysqli_query($conn,$sql);
echo 'Updated successfully.';
}
?>
Thanks for help.
I got a solution. I just had to delete
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);
from login.php. Thanks to #Shashikumar Misal !

Log in script shows blank page

This code does not seem to be working. It only shows a blank page when I click the login button. What could be the issue.
<?php
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$con = mysql_connect("localhost","root","root");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("register", $con);
$query =("SELECT * FROM users WHERE username = '". $username ."' AND password = '". $password ."' LIMIT 1");
$count = mysql_num_rows($query);
if ($count == 0) {
echo 'Error: username or password wrong ';
} else {
echo "Registration Successful, redirecting";
header("refresh:3; url=login.html");
mysql_close($con)
?>
Use an IDE not only an Editor!
Using my IDE it showed me an error right away and it was quite easy to fix afterwards:
<?php
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$con = mysql_connect("localhost","root","root");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("register", $con);
$query =("SELECT * FROM users WHERE username = '". $username ."' AND password = '". $password ."' LIMIT 1");
$count = mysql_num_rows($query);
if ($count == 0) {
echo 'Error: username or password wrong ';
} else {
echo "Registration Successful, redirecting";
}
header("refresh:3; url=login.html");
mysql_close($con);
?>
You forgot the closing curly brackets of the else part AND the semi colon in your second last line!

php query alwaysfalse no matter what

I have tried to read and do (incorporate) anything I find on here. But I have not found the solution. I'm using wamp server and I have a user table with 2 users one with email and password as test and test1 and no matter what I try the if statement always returns false.
<?php
$user = "root";
$pass = "";
$db = "testdb";
$db = new mysqli("localhost", $user, $pass, $db) or die("did not work");
echo "it connected";
$email = "test";
$pass1 = "test1";
$qry = 'SELECT * FROM user WHERE email = " '. $email .' " AND password = " '.$pass1.' " ';
$result = mysqli_query($db, $qry) or die(" did not query");
$count = mysqli_num_rows($result);
if( $count > 0)
echo " found user ";
else
echo " did not find user or password";
?>
I have tried to augment mysqli_num_rows but then it comes out always true
You have spaces in your query around your variables:
" '. $email .' "
change to:
"'. $email .'"
MySQL will take those spaces literally when it searches for matches.
I needed to eliminate the blank spaces in the encapsulation of the variable
<?php
$user = "root";
$pass = "";
$db = "testdb";
$db = new mysqli("localhost", $user, $pass, $db) or die("did not work");
echo "it connected";
$email = "test";
$pass1 = "test1";
$qry = 'SELECT * FROM user WHERE email = "'. $email .'" AND password = "'.$pass1.'"';
$result = mysqli_query($db, $qry) or die(" did not query");
$count = mysqli_num_rows($result);
if( $count > 0)
echo " found user ";
else
echo " did not find user or password";
?>
If you are using mysqli class version then you should use like below :
<?php
$user = "root";
$pass = "";
$db = "testdb";
$mysqli = new mysqli("localhost", $user, $pass, $db);
$email = "test";
$pass1 = "test1";
$qry = sprintf('SELECT * FROM user WHERE email = "%s" AND password = "%s"',$email,$pass1);
$result = $mysqli->query($qry);
$count = $result->num_rows;
if( $count > 0)
echo " found user ";
else
echo " did not find user or password";
$mysqli->close();
?>

error when i call function that contain mysql connection

---------------conn.php-----------------
<?php
session_start();
function conn{
$hostname = "localhost";
$userDB = "root";
$password = "";
$databaseName = "forum";
$con = mysql_connect($hostname, $userDB, $password) or
die("failed to connect");
mysql_select_db($databaseName, $con) or
die("failed to connect with database");
}
?>
---------------------logindata.php------------
<?php
session_start();
conn();
$myusername = mysql_real_escape_string($_POST['username']);
$mypassword = mysql_real_escape_string($_POST['password']);
$query = mysql_query("select * from users where username = '" . $myusername . "' and password = '" . $mypassword . "' ");
if (mysql_num_rows($query) < 1) {
echo "wrong";
} else {
$_SESSION['username'] = $myusername;
$query = mysql_query("select * from users where username = '" . $myusername . "' and password = '" . $mypassword . "' ");
$row = mysql_fetch_assoc($query);
$_SESSION['id'] = $row['id'];
$_SESSION['name'] = $row['name'];
$_SESSION['email'] = $row['email'];
echo '<meta http-equiv="Refresh" content="0; URL=posts.php" />';
}
mysql_close($con);
?>
The error appears is (( ( ! ) Fatal error: Call to undefined function conn() in C:\wamp\www\TechnologySociety\logindata.php on line 6
))
when i call the function
You need to include conn.php in logindata.php
//logindata.php
<?php
....
include("conn.php");
session_start();
You are calling session_start() twice, so that will generate another error.
You should also look at using mysqli instead of mysql
you only need to start the session ones -- session_start();
you doc session_start() creates a session or resumes the current one based on a session identifier passed via a GET or POST request, or passed via a cookie.
also don't forget to include the connection function..
include_once('conn.php');
Try this code for logindata.php
<?php
require('conn.php');
session_start();
conn();
$myusername = mysql_real_escape_string($_POST['username']);
$mypassword = mysql_real_escape_string($_POST['password']);
$query = mysql_query("select * from users where username = '" . $myusername . "' and password = '" . $mypassword . "' ");
if (mysql_num_rows($query) < 1) {
echo "wrong";
} else {
$_SESSION['username'] = $myusername;
$query = mysql_query("select * from users where username = '" . $myusername . "' and password = '" . $mypassword . "' ");
$row = mysql_fetch_assoc($query);
$_SESSION['id'] = $row['id'];
$_SESSION['name'] = $row['name'];
$_SESSION['email'] = $row['email'];
echo '<meta http-equiv="Refresh" content="0; URL=posts.php" />';
}
mysql_close($con);
?>
--------------- logindata.php ------------
at this line at the top of logindata.php
include_once("conn.php");
you are missing
required conn.php
before
conn();
Also in logindata.php there is no need to call
session_start();
since it is already called in conn.php and after including it with required() it will be added and called
also in conn.php add parentheses to the function definition
function conn(){
change
function conn{
to:
function conn(){
and return the connection at end of function
function conn(){
$hostname = "localhost";
$userDB = "root";
$password = "";
$databaseName = "forum";
$con = mysql_connect($hostname, $userDB, $password) or
die("failed to connect");
mysql_select_db($databaseName, $con) or
die("failed to connect with database");
return $con;
}
who you should call,
$link = conn();
$query = mysql_query($sql, $link);

Categories