www.webdeveloper.com
Results 1 to 3 of 3

Thread: help me with signup and login script

  1. #1
    Join Date
    Jun 2013
    Posts
    33

    help me with signup and login script

    this is my sign up script...
    PHP Code:
    <?php

    $fname 
    $_POST['fname'];
    $lname $_POST['lname'];
    $gender $_POST['gender'];
    $email $_POST['email'];
    $password1 $_POST['pass1'];
    $password2 $_POST['pass2'];
     
    if(
    $password1 != $password2)
        
    header('Location: signup.html');

    $passwordHash sha1($_POST['pass1']);
      
     
    $mysqli = new mysqli('localhost''root''dhiraj''test'); //we change the mysqli_connect to "new mysqli"
     
     
    $query "INSERT INTO users ( u_fname, u_lname, gender,u_email, u_pass) VALUES 
            ( '
    $fname', '$lname', '$gender' , '$email', '$passwordHash' )";
     
    //remove $conn variable in order to connect to our database using OOP.
    $mysqli->query($query);
     
    $mysqli->close();
     
    header('Location: index.html');
    ?>
    and this is login script

    PHP Code:
    <?php
    $email 
    $_POST['log_email'];
    $passwordHash sha1($_POST['log_pass']);
     
    $conn mysqli_connect('localhost''root''dhiraj''test');
     

    $query "SELECT u_fname
            FROM users
            WHERE u_email = '
    $email' AND u_pass='$passwordHash';";
     
    $result mysqli_query($conn$query);
     
    if(
    mysqli_num_rows($result) < 1
    {
       echo 
    'Sorry, your username or password was incorrect!';
     
    // this echo statement gets executed. what is the problem?
    }
     

    else
    {
        
    /* Log user in */
        
    echo "Welcome back $_POST['log_email'] ";
    }
    ?>
    So everything works ...has is calculated on password...database gets updated bu the problem is after login
    the echo statement gets executed ..means no result generated from the query in the login script.
    pls help me.

    would love if provide any script. Thanks
    Last edited by NogDog; 08-22-2013 at 12:36 PM. Reason: added [php] tags

  2. #2
    Join Date
    Jul 2013
    Location
    Voorheesville NY USA
    Posts
    519
    If you had written proper code that checked for errors you would have seen an sql error in your query. You have an extra semi in your query.

  3. #3
    Join Date
    Mar 2007
    Location
    localhost
    Posts
    2,154
    Your script security is very poor, your script is open to attack.

    You need to check if the script the $_POST['submit'] is present when executed and also have a function to sanitize the inputs in to an array.

    You will find plenty of examples already posted on this site.
    Yes, I know I'm about as subtle as being hit by a bus..(\\.\ Aug08)
    Yep... I say it like I see it, even if it is like a baseball bat in the nutz... (\\.\ Aug08)
    I want to leave this world the same way I came into it, Screaming, Incontinent & No memory!
    I laughed that hard I burst my colostomy bag... (\\.\ May03)
    Life for some is like a car accident... Mine is like a motorway pile up...

    Problems with Vista? :: Getting Cryptic wid it. :: The 'C' word! :: Whois?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles