Click here to Skip to main content
14,766,249 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
I have created a PHP & MySql login but its not working. Like if i put right or wrong username/password Its showing "Wrong Username or Password" everytime.

here is my coding.

Login.html form coding

<form id="form1" name="form1" method="post" action="login.php">
          <div class="form-group col-md-6">
              <label class="sr-only" for="exampleInputEmail1">User Name: *</label>
              <input required type="text" class="form-control" id="username" name="username" placeholder="User Name: *">
            </div>
<div class="form-group col-md-6">
              <label class="sr-only" for="exampleInputEmail1">Password: *</label>
              <input required type="password" class="form-control" id="password" name="password" placeholder="Password: *">
            </div>
            &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
            <input id="submit" type="submit" class="btn btn-lg btn-primary" value="Submit" style="width: 130px">
          Forgot Username or Password ?</form></div>


login.php page coding

<?php
session_start();

ob_start();

$conn = mysqli_connect("localhost","root","","hct_db");
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }
 // Define $myusername and $mypassword
$username=$_POST['username'];
$password=$_POST['password'];


// To protect MySQL injection (more detail about MySQL injection)
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysqli_real_escape_string($conn, $username);
$password = mysqli_real_escape_string($conn, $password);
$sql="SELECT username, password FROM admin ORDER BY username";
$result=mysqli_query($conn,$sql);

// Mysql_num_row is counting table row
$count=mysqli_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("username");
session_register("password");
header("location:admin/index.php");
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>



Please Help ME
Posted
Updated 26-Nov-20 7:00am
Comments
Nelek 11-Sep-14 4:53am
   
Have you checked if the place where you are saving the user/pass to be searched on login is right?

Please check this

<?php
session_start();
 
ob_start();
 
$conn = mysqli_connect("localhost","root","","hct_db");
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }
 // Define $myusername and $mypassword
$username=$_POST['username'];
$password=$_POST['password'];
 

// To protect MySQL injection (more detail about MySQL injection)
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysqli_real_escape_string($conn, $username);
$password = mysqli_real_escape_string($conn, $password);
$sql="SELECT username, password FROM admin where username='".$username."' and password='".$password."'";
$result=mysqli_query($conn,$sql);
 
// Mysql_num_row is counting table row
$count=mysqli_num_rows($result);
 
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
 
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("username");
session_register("password");
header("location:admin/index.php");
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>
   
v2
Comments
Member 10551326 11-Sep-14 5:11am
   
Hello Sir, I am getting this error now Fatal error: Call to undefined function session_register()
ChauhanAjay 11-Sep-14 5:15am
   
change that line to
$_SESSION['username'] = $username;
and same goes for password tooo.
Member 10551326 11-Sep-14 5:21am
   
wow its working fine <3 thankq sir :) thanks a lot..!!
<?php

	$username=$_POST['username'];
	$password=$_POST['password'];

	
	include 'connection.php';

	$sql="SELECT * FROM user WHERE username='$username' AND password='$password'";

	$query=mysqli_query($con,$sql);

	$count=mysqli_num_rows($query);


	if ($count==0)
	 {
		echo "Sorry Username or Password Wrong or BLocked";
	}
   
v2
Comments
Dave Kreskowiak 26-Nov-20 12:34pm
   
Saving passwords in clear text in the database is a horrible solution.
Richard Deeming 27-Nov-20 8:09am
   
Especially when combined with the SQL Injection vulnerability.
CHill60 27-Nov-20 3:53am
   
Absolutely the wrong way to go about this (as is the accepted solution). For a better way of handling passwords see Password Storage: How to do it.[^]

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900