Hi all,

I went through a tutorial on how to connect to the MySQL db using PHP, and I have made a login.php page, but it keeps saying 'wrong username/password' any ideas? I thought the obvious thing would be that I didin't change fields that were relative to MY database, but I think I have. Maybe there is a coding error one of you can see?


<?php
// we must never forget to start the session
session_start();

$errorMessage = '';
if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) {
include 'library/configure.php';
include 'library/open.php';

$userId = $_POST['txtUserId'];
$password = $_POST['txtPassword'];

// check if the user id and password combination exist in database
$sql = "SELECT username
FROM tbladmin
WHERE username = '$userId' AND password = PASSWORD('$password')";

$result = mysql_query($sql) or die('Query failed. ' . mysql_error());

if (mysql_num_rows($result) == 1) {
// the user id and password match,
// set the session
$_SESSION['db_is_logged_in'] = true;

// after login we move to the main page
header('Location: main.php');
exit;
} else {
$errorMessage = 'Sorry, wrong user id / password';
}

include 'library/closedb.php';
}
?>
<html>
<head>
<title>Basic Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<?php
if ($errorMessage != '') {
?>
<p align="center"><strong><font color="#990000"><?php echo $errorMessage; ?></font></strong></p>
<?php
}
?>
<form action="" method="post" name="frmLogin" id="frmLogin">
<table width="400" border="1" align="center" cellpadding="2" cellspacing="2">
<tr>
<td width="150">User Id</td>
<td><input name="txtUserId" type="text" id="txtUserId"></td>
</tr>
<tr>
<td width="150">Password</td>
<td><input name="txtPassword" type="password" id="txtPassword"></td>
</tr>
<tr>
<td width="150">&nbsp;</td>
<td><input name="btnLogin" type="submit" id="btnLogin" value="Login"></td>
</tr>
</table>
</form>
</body>
</html>

Try to echo the variables to see if they are even getting set. If so, try running the query in a command line tool (or phpmyadmin) to see if you get any results. If not, then you know there is either something in the query or the data is not entered correctly in the database.

Hope this helps.

Sorry I am very new to this... How do I echo it? I do have phpmyadmin if that's easier to work with, and I can see the db in there as we speak...

To echo, try the following:



<?php
// we must never forget to start the session
session_start();

$errorMessage = '';
if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) {
include 'library/configure.php';
include 'library/open.php';

$userId = $_POST['txtUserId'];
$password = $_POST['txtPassword'];


echo 'Username: '.$userId.'<BR> Password: '.$password;

}
?>
<html>
<head>
<title>Basic Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<?php
if ($errorMessage != '') {
?>
<p align="center"><strong><font color="#990000"><?php echo $errorMessage; ?></font></strong></p>
<?php
}
?>
<form action="" method="post" name="frmLogin" id="frmLogin">
<table width="400" border="1" align="center" cellpadding="2" cellspacing="2">
<tr>
<td width="150">User Id</td>
<td><input name="txtUserId" type="text" id="txtUserId"></td>
</tr>
<tr>
<td width="150">Password</td>
<td><input name="txtPassword" type="password" id="txtPassword"></td>
</tr>
<tr>
<td width="150">&nbsp;</td>
<td><input name="btnLogin" type="submit" id="btnLogin" value="Login"></td>
</tr>
</table>
</form>
</body>
</html>


If the variables are being assigned properly (in other words, if you get the information you entered in the form returned back to you the exact same), then try typing in the query in phpmyadmin's SQL code execution thingy (can't remember actual name):



SELECT username FROM tbladmin WHERE username = '$userId' AND password = PASSWORD('$password')


Where userId is the username that was entered, and the password is the password that was entered.

Hope this helps.

Before I do that I thought I would take a look at the table. Ok it's called tbladmin and then the fields are username and password... I couldn't see in that above code where it will look for tbleadmin?

Read my edit (the part in italics). After you have done this; and it still doesn't work, post it here as it my be something else in the code. I am about to get off of work in about half an hour and won't be back online till tomorrow afternoon sometime.

In the meantime, hope this helps.

Ok well I did the query in PHPMyAdmin, and it just said MySQL returned a zero result...

Then something is not right in the database (or the query). Check the database and make sure that there is a username and password field that contains the user information you are trying to process. After that, you may want to try something like this (for the query):



SELECT * FROM tbladmin WHERE username = '$userId' AND password = PASSWORD('$password')


Where userId is the username that was entered, and the password is the password that was entered.

If that produces a zero record result, then try this:



SELECT * FROM tbladmin WHERE username = '$userId'


If that doesn't show anything, then it is the data in the table that is either not there, or misspelled (or something along those lines).

Hope this helps.

I don't get it they both returned a zero result, but I can see them in the table as I speak... So confusing!