StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POPHP: 'Sorry, you must enter a valid username and password to log in' error appearing even though the select statement from the database is correct
text
Body
copied!<p>I am having some problems with login validation using PHP. I am selecting the correct data from the database (have checked this using phpmyadmin) and if I echo a SELECT* the data shown is correct.</p> <p>However, when I enter the correct login details, the script is skipping to the error message 'Sorry you must enter a valid username and password to log in'.</p> <p>I have searched for everything I can think of to try and fix this (printing results of queries etc) but no luck. The code is below:</p> <pre><code><?php $link = mysql_connect('localhost:8889', 'root', 'root', 'help_me_be_healthy') or die('Could not connect: ' . mysql_error()); //mysql_select_db('help_me_be_healthy') or die('Could not select database'); $dbc = mysql_select_db('help_me_be_healthy', $link); if (!$dbc) { die("Database could not be selected" . mysql_error()); } // Start the session session_start(); // Clear the error message $error_msg = ""; // If the user isn't logged in, try to log them in if (!isset($_SESSION['user_id'])) { if (isset($_POST['submit'])) { // Connect to the database $dbc = mysqli_connect('localhost:8889', 'root', 'root', 'help_me_be_healthy'); echo one; // Grab the user-entered log-in data $username = mysqli_real_escape_string($dbc, trim($_POST['username'])); //echo $_POST ['username']; $password = mysqli_real_escape_string($dbc, trim($_POST['password'])); //echo $_POST ['password']; if (!empty($_POST['username']) && !empty($_POST['password'])){ // Look up the username and password in the database $query = "SELECT `user_id`, `username` FROM `users` WHERE `username` = '$username' AND `password` = SHA('$password')"; $data= mysql_query($dbc,$query); if (mysqli_num_rows($data) == 1) { // The log-in is OK so set the user ID and username session vars (and cookies), and redirect to the home page $row = mysqli_fetch_array($data); $_SESSION['user_id'] = $row['user_id']; $_SESSION['username'] = $row['username']; setcookie('user_id', $row['user_id'], time() + (60 * 60 * 24 * 30)); // expires in 30 days setcookie('username', $row['username'], time() + (60 * 60 * 24 * 30)); // expires in 30 days $home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php'; header('Location: ' . $home_url); echo four; } else { // The username/password are incorrect so set an error message $error_msg = 'Sorry, you must enter a valid username and password to log in.'; echo five; } } else { // The username/password weren't entered so set an error message $error_msg = 'Sorry, you must enter your username and password to log in.'; } } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Mismatch - Log In</title> <link rel="stylesheet" type="text/css" href="style.css" /> </head> <body> <h3>Mismatch - Log In</h3> <?php // If the session var is empty, show any error message and the log-in form; otherwise confirm the log-in if (empty($_COOKIE['user_id'])) { echo '<p class="error">' . $error_msg . '</p>'; ?> <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <fieldset> <legend>Log In</legend> <label for="username">Username:</label> <input type="text" id = "username" name="username" value="<?php if (!empty($username)) echo $username; ?>" /><br /> <label for="password">Password:</label> <input type="password" id = "password" name="password" /> </fieldset> <input type="submit" value="Log In" name="submit" /> </form> <?php } else { // Confirm the successful log-in echo('<p class="login">You are logged in as ' . $_COOKIE['username'] . '.</p>'); } ?> </body> </html> </code></pre> <p>Any help would be much appreciated! </p>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload