Nikita Bratsky2017-01-20 19:09:54
Nikita Bratsky, 2017-01-20 19:09:54

Another PHP code error for the day, help???

$connect = mysql_connect("localhost", "cj28778_bd", "1234567") or die(mysql_error());

   $username = $_POST['username'];
   $login = $_POST['login'];
   $password = $_POST['password'];
   $r_password = $_POST['r_password'];
 if ($password == $r_password) {
 	$password = md5($password);
 	$query = mysql_query("INSERT INTO users VALUES('','$username', '$login', '$password')") or die(mysql_error());
 	die("Пароли не совпадают");

 if (isset($_POST['enter'])) {
  $e_login = $_POST['e_login'];
  $e_password = md5($_POST['e_password']);

  $query = mysql_query("SELECT * FROM users WHERE login='$e_login'");
  $user_data = mysql_fetch_array($query);

  if ($user_data['password'] == $e_password) {
  	echo "Авторизация прошла успешно!";
  	echo "Неверный пароль или логин";

Here is the code, and when trying to log in, "Incorrect password or login" is constantly displayed, regardless of the correctness of the password. To all this, when registering, two cells are created in the mysql table, the second row in the table matches the password, but there is no login and id f9501bafe40648a988902bea029eab27.png. 3 cells absolutely identical to each other can also be created

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Tom Nolane, 2017-01-20

check echo'm the $e_password variable after md5. I think she's the problem. (perhaps it is empty at all) (or $e_login is empty)
p.s. Maybe the password is too long? do you have a password in mysql with a length of 26 and hashing - does not fit (respectively cuts off)?

Alexander Sharihin, 2017-01-20

1. Escape the SQL parameters. Your site is already one big hole - you can do anything with the database.
2. Debugging is for wimps?

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question