Click here to Skip to main content
15,867,851 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
hello. i can't log in my website. if i put password without md5, then can i successfully login. otherwise i can't log in. where is problem? can you help me?
login.php
PHP
   session_start();
            ob_start();
          $dbhost="host";
         $dbusername="dbusername";
         $dbpassword="dbpassword";
          $db_name="dbname";
            $tbl_name="sign_up";
           mysql_connect("$dbhost", "$dbusername", "$dbpassword")or die("cannot connect");
                 mysql_select_db("$db_name")or die("cannot select DB");
       $email=$_POST['email'];
       $password=$_POST['password'];
       $email = stripslashes($email);
       $password = stripslashes($password);
       $email = mysql_real_escape_string($email);
      $password = mysql_real_escape_string($password);
     $sql="SELECT * FROM $tbl_name WHERE email='$email' and password='$password'";
     $result=mysql_query($sql);
     $count===1){session_register("email");
      session_register("password");
  header("location:login_success.php");
 }
     else {
       echo "Wrong email or Password";
}
  ob_end_flush();
  ?>
Posted
Updated 22-May-14 4:06am
v3

1 solution

Your are doing it wrong. If your password is encrypted in the db then you will have to encrypt data before verification.

$sql="select * from tablename where username='".$username."' And password=md5('".$password."')";
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900