Problem in my login script. In my script password in md5 hash in the registration. registration is successful and the password is in md5 form in the database table.
But whenever I try to login is not == with md5 password in the database.
Code
<?php
include 'dbconnect.php';
if(!$_POST['submit'])
{
?>
<html>
...
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<p>Username :</br>
<input type="text" name="username" maxlength="20">
</p>
<p>Password :</br>
<input type="password" name="password" maxlength="20">
</p>
<p>
<input type="submit" name="submit" value="Submit">
</p>
</form>
...
</html>
<?php
}
else
{
$username = cleanString($_POST['username']);
$password = cleanString($_POST['password']);
if($username && $password)
{
$password = md5($password);
$sql="SELECT id,username FROM `users` WHERE `username`='$username' AND `password`='$password'";
$query=mysql_query($sql) or die(mysql_error());
if(mysql_num_rows($query) > 0)
{
$row = mysql_fetch_assoc($query);
$_SESSION['id'] = $row['id'];
$_SESSION['username'] = $row['username'];
echo "<script type=\"text/javascript\">window.location=\"members_area.php\"</script>";
}
else
{
echo "<script type=\"text/javascript\">
alert(\"Your username or password is incorrect\");
window.location=\"index.php\"</script>";
}
}
else
{
echo "<script type=\"text/javascript\">
alert(\"You need to input your username and password\");
window.location=\"index.php\"</script>";
}
}
?>
Anyone can please help me for correct my problem
Thanks in Advnace
But whenever I try to login is not == with md5 password in the database.
Code
<?php
include 'dbconnect.php';
if(!$_POST['submit'])
{
?>
<html>
...
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<p>Username :</br>
<input type="text" name="username" maxlength="20">
</p>
<p>Password :</br>
<input type="password" name="password" maxlength="20">
</p>
<p>
<input type="submit" name="submit" value="Submit">
</p>
</form>
...
</html>
<?php
}
else
{
$username = cleanString($_POST['username']);
$password = cleanString($_POST['password']);
if($username && $password)
{
$password = md5($password);
$sql="SELECT id,username FROM `users` WHERE `username`='$username' AND `password`='$password'";
$query=mysql_query($sql) or die(mysql_error());
if(mysql_num_rows($query) > 0)
{
$row = mysql_fetch_assoc($query);
$_SESSION['id'] = $row['id'];
$_SESSION['username'] = $row['username'];
echo "<script type=\"text/javascript\">window.location=\"members_area.php\"</script>";
}
else
{
echo "<script type=\"text/javascript\">
alert(\"Your username or password is incorrect\");
window.location=\"index.php\"</script>";
}
}
else
{
echo "<script type=\"text/javascript\">
alert(\"You need to input your username and password\");
window.location=\"index.php\"</script>";
}
}
?>
Anyone can please help me for correct my problem
Thanks in Advnace