Another PHP code error for the day, help???

N

Nikita Bratsky2017-01-20 19:09:54

PHP

Nikita Bratsky, 2017-01-20 19:09:54

$connect = mysql_connect("localhost", "cj28778_bd", "1234567") or die(mysql_error());
 mysql_select_db("cj28778_bd");

if(isset($_POST['submit'])){
   $username = $_POST['username'];
   $login = $_POST['login'];
   $password = $_POST['password'];
   $r_password = $_POST['r_password'];
 }
 if ($password == $r_password) {
 	$password = md5($password);
 	$query = mysql_query("INSERT INTO users VALUES('','$username', '$login', '$password')") or die(mysql_error());
 }
 else{
 	die("Пароли не совпадают");
 }


 if (isset($_POST['enter'])) {
  $e_login = $_POST['e_login'];
  $e_password = md5($_POST['e_password']);


  $query = mysql_query("SELECT * FROM users WHERE login='$e_login'");
  $user_data = mysql_fetch_array($query);

  if ($user_data['password'] == $e_password) {
  	echo "Авторизация прошла успешно!";
  }
  else{
  	echo "Неверный пароль или логин";
  }
  
 }

Here is the code, and when trying to log in, "Incorrect password or login" is constantly displayed, regardless of the correctness of the password. To all this, when registering, two cells are created in the mysql table, the second row in the table matches the password, but there is no login and id

. 3 cells absolutely identical to each other can also be created

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

T

Tom Nolane, 2017-01-20
@NikBr_9

check echo'm the $e_password variable after md5. I think she's the problem. (perhaps it is empty at all) (or $e_login is empty)
p.s. Maybe the password is too long? do you have a password in mysql with a length of 26 and hashing - does not fit (respectively cuts off)?

A

Alexander Sharihin, 2017-01-20
@Pinsky

1. Escape the SQL parameters. Your site is already one big hole - you can do anything with the database.
2. Debugging is for wimps?