www.webdeveloper.com
Page 1 of 2 12 LastLast
Results 1 to 15 of 19

Thread: how to validate username and password in php

  1. #1
    Join Date
    Jul 2008
    Posts
    18

    how to validate username and password in php

    hi, i problem for my php codes. i already stored username and password in mysql db. now im using login page to enter username and password to check im entering correct or not. but i don`t know the coding. plz anybody send codes.byee..

  2. #2
    Join Date
    Mar 2006
    Posts
    413
    1. Post your username and password somewhere
    2. using the posted username, look in your db for the password (for that username)
    3. if Db-Password is same as post_Password = login

  3. #3
    Join Date
    Feb 2003
    Location
    Derby, UK
    Posts
    456
    Google for something like "PHP login script", there are countless free scripts, tutorials and demos to choose from.

  4. #4
    Join Date
    Jul 2008
    Posts
    18
    thanks for all. i wrote code it will work. but another problem, in my db many user and passwords.(for ex: in my db have 10 records). so, i check fifth records password and username ,but my display page shows last records data only. i know using loop, but i don`t know how to use for loop. i need detail query and loop functions. i paste my codes below.
    PHP CODE:

    <?php
    $con = mysql_connect("localhost","root","");
    mysql_select_db("mohamed",$con);
    $username=$_POST['user'];
    $password=$_POST['pass'];
    //First lets get the username and password from the user
    $result = mysql_query("SELECT * FROM newuser");
    while($row=mysql_fetch_array($result))
    {
    $user=$row['USER_NAME'];
    $pass=$row['PASS_WORD'];
    }
    $num=mysql_num_rows($result);echo $num;
    for($i=1;$i<=$num; $i++){

    if($username == $user && $password==$pass)
    {
    header("Location: display.php");
    }
    else if($password != $pass ||$username != $user )
    {
    echo("Please Enter Correct Username and Password ...");
    header("Location: test.php");
    }
    }

    ?>

  5. #5
    Join Date
    May 2006
    Location
    the netherlands
    Posts
    454
    you should change your query to something like this:

    PHP Code:
    "SELECT * FROM newuser WHERE USER_NAME='".mysql_real_escape_string($_POST['user'])."'"
    Then, just check if the amount of rows returned is equal to 1 (make sure the username has a unique key). If it's not, the username doesn't exist. If it is you can access the database data almost directly without having to loop or anything. And then of course the next thing you do is to validate the password.


    btw, i hope you removed the password from the code that you pasted and that you don't actually have a root user with a blank password.
    Anyways, when you post these things on a forum, it's best to remove these lines of code...
    Free Scripts (PHP, Javascript, MySQL), homemade in the Excudo Devshed
    Create your own personal Startpage for free

  6. #6
    Join Date
    Jul 2008
    Posts
    18
    hai themarty, i changed my coding to run the pgm. i put "echo" to check how to run the query? but it will show the query and one warning msg. i paste below these:

    SELECT * FROM abu WHERE USER_NAME='hjsvd'
    Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\wamp\www\checklogin.php on line 10

    plz send detail query...
    byee..

  7. #7
    Join Date
    May 2006
    Location
    the netherlands
    Posts
    454
    that's impossible to say without knowing your code.
    so please post the relevant code.
    Free Scripts (PHP, Javascript, MySQL), homemade in the Excudo Devshed
    Create your own personal Startpage for free

  8. #8
    Join Date
    Jul 2008
    Posts
    18
    hai. i post relevant code:

    <?php
    $con = mysql_connect("localhost","root","");
    mysql_select_db("mohamed",$con);
    //$username=$_POST['user'];
    //$password=$_POST['pass'];
    //First lets get the username and password from the user
    //$result = mysql_query("SELECT * FROM abu");
    $result= "SELECT * FROM abu WHERE USER_NAME='".mysql_real_escape_string($_POST['user'])."'";
    echo $result;
    $num=mysql_num_rows($result);
    echo $num;
    for($i=1;$i<=$num; $i++){
    while($row=mysql_fetch_array($result))
    {
    $user=$row['USER_NAME'];
    $pass=$row['PASS_WORD'];
    }
    }


    if($username == $user && $password ==$pass)
    {
    header("Location: display.php");
    }
    else if($password!= $pass ||$username != $user )
    {
    echo("Please Enter Correct Username and Password ...");
    header("Location: test.php");
    }


    ?>

  9. #9
    Join Date
    May 2006
    Location
    the netherlands
    Posts
    454
    you are assigning a string - the query - to the variable $result, but you never actually execute the query. mysql_num_rows() needs a pointer to the result of a query, not the query(string) itself.

    http://www.php.net/mysql_num_rows
    Free Scripts (PHP, Javascript, MySQL), homemade in the Excudo Devshed
    Create your own personal Startpage for free

  10. #10
    Join Date
    Jul 2008
    Posts
    18
    thank themarty, now its work fine. ones again im tell for u thank u very much.
    byee..

  11. #11
    Join Date
    Nov 2009
    Location
    Sydney, Australia
    Posts
    5
    Hi, I'm a newbie so this will sound stupid but I was wondering if you could PLEASE post your final code bang_iti08 as I am a bit desperate with my PHP database login that is not working. Please save me from going round the twist because of this annoying code. Alternately you can help me fix my code, which is below.

    PHP Code:
    $con mysql_connect("mysql4.**********.com""**I have hidden this**""**I have hidden this**");
    if (!
    $con)
      {
      die(
    'Could not connect: ' mysql_error());
      }
    // Define username and password variables for returned post method
    $username $_POST["username"];
    $password $_POST["password"];


    if(
    $username != "" || $password != "")
    {

    $query mysql_query("SELECT username FROM members WHERE username = '" $username "' AND password = PASSWORD('" $password "')"$con);

    // Select database and log on
    mysql_select_db("a4413978_db"$con);

    $num mysql_num_rows($query);
    echo 
    $num;

    if(
    $num != 0)
    {
    $result mysql_result($query0);
    echo 
    $result
    }

    $row=mysql_fetch_array($result)
    //{
    //$user=$row['username']; 
    //$pass=$row['password'];
    //}


    //if($username == $user && $password ==$pass)
    //{
    //header("Location: index.php");
    //}
    //else if($password!= $pass ||$username != $user )
    //{
    //echo("Please Enter Correct Username and Password ...");
    //header("Location: test.php");
    //} 

  12. #12
    Join Date
    Nov 2009
    Location
    Sydney, Australia
    Posts
    5

    Question Btw

    BTW sorry my code is so messy. I usually clean up my code after I know it works.

  13. #13
    Join Date
    Feb 2003
    Location
    Derby, UK
    Posts
    456
    May not be the only thing but:

    PHP Code:
    $query mysql_query("SELECT username FROM members WHERE username = '" $username "' AND password = PASSWORD('" $password "')"$con);

    // Select database and log on
    mysql_select_db("a4413978_db"$con); 
    you should select your database before you run your query so these lines need to be the other way around. If you check your errors after queries with mysql_errno() then your code will at least tell you about things like this e.g. (untested and post-vino)

    PHP Code:
    // Select database and log on
    mysql_select_db("a4413978_db"$con);
    $query mysql_query("SELECT username FROM members WHERE username = '" $username "' AND password = PASSWORD('" $password "')"$con);
    if(
    mysql_errno()) {
        die(
    'query error: '.mysql_error());

    HTH

    Dai

  14. #14
    Join Date
    Nov 2009
    Location
    Sydney, Australia
    Posts
    5
    Thanks DaiWelsh!

  15. #15
    Join Date
    Aug 2009
    Location
    pakistan
    Posts
    3
    simply post ur user name and password to checklogin.php page
    then
    on checklogin.php page write this
    $c=mysql_connect("server","username","password");
    mysql_select_db("databasename",$c);
    extract($_REQUEST);

    $result=mysql_query("select * from table where userfeild='$user' and passwordfeild='$password'");

    if(mysql_num_rows($result))
    {

    header("location: userpage.php");
    }
    else
    {
    header("location: invalidpage.php");
    }

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles