Jump to content
php.lv forumi

login.php

ziedinjsh

By ziedinjsh
in Iesācējiem

 Share

Recommended Posts

ziedinjsh Newbie

ziedinjsh

Posted
Posted

Kas šeit nav pareizi.. kad meiģinu ielogoties viņš rāda visu laiku bad login, bet kapēc? it kā jau visam vajadzētu būt, vai arī esmu kaut kur kļūdījies?

<?php
session_start();
include "misc/config.php";
$status = (isset($_GET['status'])) ? $_GET['status'] : '';

if(isset($_POST['login'])){

$email = strip_tags($_POST['email']);
$password = strip_tags($_POST['password']);


$query = sprintf("SELECT ID FROM users WHERE email = '%s' AND password = '%s' LIMIT 1;", mysql_real_escape_string($email), mysql_real_escape_string($password));
$result = mysql_query($query);
if(1 != mysql_num_rows($result)) {

header('Location: login.php?status=error');
}else{
$row = mysql_fetch_assoc($result);

$_SESSION['user_ID'] = $row['ID'];
header('Location: login.php?status=done');
}
}
if ($status == 'error'){
echo "<span style='color:#ff0000'>bad login</span>";
}
echo "<form method='post' action='".$_SERVER['PHP_SELF']."'>";
echo "<table><tr>";
echo "<td>email</td><td><input type='text' name='email'></td>";
echo "</tr><tr>";
echo "<td>password</td><td><input type='password' name='password'></td>";
echo "</tr><tr>";
echo "<td></td><td><input type='submit' name='login' value='Login'>";
echo "</tr></table>";


if($status == 'done'){
echo "Wecome to member page";
}
?>

 

varbūt viņš nenolasa password pie: 

$password = strip_tags($_POST['password']);

jo pie register man ir 

$password = md5($_POST[password]);

Link to comment
Share on other sites
rATRIJS Newbie

rATRIJS

Posted
Posted (edited)

Ja tev datu bāzē glabājās md5($password), tad tu nevari sameklēt "SELECT * FROM users WHERE password = $password". Tev vajag meklēt pēc md5($password).

 

$query = sprintf("SELECT ID FROM users WHERE email = '%s' AND password = '%s' LIMIT 1;", mysql_real_escape_string($email), md5($password));

Edited by rATRIJS
Link to comment
Share on other sites
ziedinjsh Newbie

ziedinjsh

Posted
  • Author
Posted (edited)

kas man ir jādara ar ?

$email = strip_tags($_POST['email']);
$password = strip_tags($_POST['password']);

ieliku query ar md5($password) kā ir augstāk norādīts.

ielku šo:

$result = mysql_query($query) or die(mysql_error);

erroru neizmeta, bet es paskatījos caur phpmyadmin tabulās dati ir.

 

es meiģināju šādi:

$email = strip_tags($_POST['email']);
$password = md5($_POST['password']);

Vienalga izmet bed login..

izņēmu ārā tās rindiņas, arī neiet.. tā kā viņš tur ir tagad tā arī niet! nesaprotu..

 

tas viss tagad izskatās šādi:

<?php
session_start();
include "misc/config.php";
$status = (isset($_GET['status'])) ? $_GET['status'] : '';

if(isset($_POST['login'])){

$email = strip_tags($_POST['email']);
$password = strip_tags($_POST['password']);

$query = sprintf("SELECT ID FROM users WHERE email = '%s' AND password = '%s' LIMIT 1;", mysql_real_escape_string($email), md5($password));
$result = mysql_query($query) or die(mysql_error);
if(mysql_num_rows($result) != 1){ 

header('Location: login.php?status=error');
}else{
$row = mysql_fetch_assoc($result);

$_SESSION['user_ID'] = $row['ID'];
header('Location: login.php?status=done');
}
}
if ($status == 'error'){
echo "<span style='color:#ff0000'>bad login</span>";
}
echo "<form method='post' action='".$_SERVER['PHP_SELF']."'>";
echo "<table><tr>";
echo "<td>email</td><td><input type='text' name='email'></td>";
echo "</tr><tr>";
echo "<td>password</td><td><input type='password' name='password'></td>";
echo "</tr><tr>";
echo "<td></td><td><input type='submit' name='login' value='Login'>";
echo "</tr></table>";


if($status == 'done'){
echo "Welcome to member eare";
}
?>

Edited by ziedinjsh
Link to comment
Share on other sites
briedis Apprentice

briedis

Posted
Posted

briedis, nedomāju. Vai esmu palaidis kaut ko garām, kopš kura laika mysql_num_rows skaitu cenšas salīdzināt ar definēšanu (=) nevis ==?

 

if($a != $b) TRUE if $a is not equal to $b.
if($a !== $b) TRUE if $a is not equal to $b, or they are not of the same type. (introduced in PHP 4)

 

Nekādas definēšanas tur nav... definēšana būtu, ja būtu if(!($a = $b))

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing
×
×
  • Create New...