PDA

Click to See Complete Forum and Search --> : mySQL help please

mg8
11-08-2003, 01:46 PM
Hey. I'm having a problem :p

I'm not sure what it is but I get errors, like:

Error. Incorrect password $1$s2.T60SG$cwq38f0oACGBEae4osL25/ doesn't match

That is the main on I get.

Thanks :)

This is my register1.php page.

<?
$username = $HTTP_POST_VARS['username'];
$password = $HTTP_POST_VARS['password'];
$passwordcheck = $HTTP_POST_VARS['passwordcheck'];
$table = "users";

$password = crypt($password, $password);
$passwordcheck = crypt($passwordcheck, $password);

if ($password == $passwordcheck)
{
$connect = mysql_connect("localhost:2082","dragon_mystic", "misawam")
or die("Could not connect: " . mysql_error());
$insert = mysql_db_query("dragon_main", "INSERT INTO ".$table." (displayname,encpassword)
VALUES ('".$username."','".$password."')")
or die("Query error: " . mysql_error());
if ($insert)
{
echo "Registration complete!<br><br><br><br>";
echo "Login<br><br>";
?>
<form action="../../login.php" name="form" method="post">
Username: <input type="text" name="username"><br><br>
Password: <input type="password" name="password"><br><br>
<input type="submit" value="Submit" name="submit">
</form>
<?

}
}
else
{
echo "Your passwords do not match. Please go back. ".$password." = 1 ".$passwordcheck." = 2";
}
?>



This is login.php

<?
$username = $HTTP_POST_VARS['username'];
$password = $HTTP_POST_VARS['password'];
$password = crypt($password, $password);
$table = "users";
$test = "No";
$connect = mysql_connect("host","name", "password")
or die("Could not connect: " . mysql_error());
$lookUser = mysql_db_query("dragon_main","SELECT displayname FROM ".$table." WHERE displayname = '".$username."'")
or die(mysql_error());
$verifyUser = mysql_result($lookUser,0);
$lookPass = mysql_db_query("dragon_main","SELECT encpassword FROM ".$table." WHERE displayname = '".$username."'")
or die(mysql_error());
$verifyPassword = mysql_result($lookPass,0);
if ($username == $verifyUser)
{
if ($password == $verifyPassword)
{
$test = "yes";
header("Location: /index.shtml");
}
else
{
die("Error. Incorrect password ".$password." doesn't match ".$verifyPass);
}
}
else
{
die("Error. Unknown username");
}
?>

Thanks again!
DaiWelsh
11-11-2003, 11:12 AM
ok, firstly your error message is wrong you have

die("Error. Incorrect password ".$password." doesn't match ".$verifyPass);


but it should use $verifyPassword like the rest of the script.

Secondly you don't need to do two queries to get username and password, change to

$lookUser = mysql_db_query("dragon_main","SELECT displayname,encpassword FROM ".$table." WHERE displayname = '".$username."'")
or die(mysql_error());
$verifyUser = mysql_result($lookUser,0);
$verifyPassword = mysql_result($lookUser,1);

to save yourself some server load.

Then if the fixed error message does not help you track the problem down I would advise you to first of all test it with all the crypt calls commented out so that you are using plain passwords. That way if the passwords don't macth it should be more obvious what has gone wrong. Then when you have it working, put the crypt calls back in and it should still work the same way.

HTH,

Dai