i have a simple html form with username and password boxes. When they click the submit button it fires a login script, which contains this line:

$query = mysql_query("select * from user where name = '$Name' and password = '$Password'");

problem is, a user can login with another users password ie

id ¦ pwd
user 1 ¦ pwd1
user 2 ¦ pwd2
user 3 ¦ pwd3

what happens is that user 1 can login with user 2 or 3's password and vice versa.

Any way around this, or a more secure statement?

When I did it, I used this to query the DB:

$query = "SELECT * FROM password WHERE username='$username'";$usename equaled the username the input into the form.

Then, I checked if the password in the DB for that row was the same as what the users had entered in the password box on the form. This will keep people from being able to enter their username with other passwords. It also has the advantage of being able to let users know if they entered their username or password incorrectly, as you can detect which of the two did not match up...

Well, I did use similar code and I could only get in with proper password. Check your code again with different values.

Arup Bhanja
Need a CMS? its here : http://arupbhanja.com

does that mean you have a db called password?

No, actually, password is the tablename.

i don't know if this is related but are you supposed to delcare all the variables in the php script at the top the same you would do with vb?

for every single variable in my php script i've declared it at the top as $var = $_POST['var'];

is this relevant, cos its still not working?

Yes, in the situation you posted, it is necessary, because not all servers have global variables enabled. If you post some code, perhaps someone will be able to notice an error that would keep it from working.

<html>
<head>
<title>User Log in</title>
</head>
<body>
<h2>Log in results</h2>
<?
$Name = $_POST['Name'];
$query = $_POST['query'];
$Password = $_POST['Password'];
$dbcnx = $_POST['dbcnx'];
$db = $_POST['db'];

$Name = stripslashes($Name);
$Password = stripslashes($Password);

if((!$Name) ||(!$Password))
{
echo "You did not submit the following information: <br>";
if (!$Name){
echo "You need to enter a User ID <br>";
}
if (!$Password){
echo"You need to enter a password <br>";
}

//show the login form again
include "dave.html";
exit();
}

//connect to database server
@ $dbcnx = mysql_connect("localhost", "root");
if (!$dbcnx)
{
echo ("Error: Could not connect to server");
}

//select database
$db = mysql_select_db("userdb", $dbcnx);
if (!$db)
{
echo ("Could not connect to database");
exit;
}

//login
$query =mysql_query( "select * from users where name= '$Name' and password = '$Password'");

if (!$query)
{
echo("incorrect user name");
exit();
}
else

{
echo ("<BR><BR><BR><BR>");
echo ("logged on! Welcome " .$Name);

?>
</body>
</html>

well just one thing that i noticed quickly glancing through your script (since i dont have much experience with MySQL) is that you forgot to close your else brackets right at the very end...other than that, im stayin out of this thread, lol...

I solved this problem :D

Heres what i added:

a check underneath the login to see if any rows were retrieved. If no rows are retrieved then the login must be invalid, therefore display an invalid login message:

so the login part looks like this now:

//login
$query = mysql_query("select * from users where name= '$Name' and password = '$Password'");

if (mysql_num_rows($query) > 0)
{
echo ("Logged In!");
}
else
{
echo ("Invalid login Information");
exit();
}


:)