Forum

Posted: **12 Feb 2017, 20:00**

hello,
i have a problem with this code:

if(isset($_POST['submit_login']))
{
    $txt_login=  mysqli_real_escape_string($con,$_POST['txtlogin']);
    $txt_pass=  mysqli_real_escape_string($con,$_POST['txtpass']);
    if(empty($txt_login) || empty($txt_pass))
    {
        $err=true;
        $message="please enter information";
    }  else {
        $hashed_password=  hash('ripemd160', $txt_pass);
        
        $sql="SELECT user_ID FROM tbl_users WHERE user_login='$txt_login' AND user_password= '$hashed_password' AND status= 'sent' AND active= '1'";
        $result=mysqli_query($con,$sql);
        if(mysqli_num_rows($result)===1){
            $_SESSION['user_login']=$txt_login;
            redirect("myskils.php");
        }else
        {
            $err=true;
            $message="your name or your password in incorrect";
            echo $hashed_password;
        }
    }
}

when i run this code, it dont return any query, so users dont redirect("myskils.php")
it display this message "your name or your password in incorrect"!!!
thank you for your help

Posted: **13 Feb 2017, 08:14**

Hello,
Possible some data from $sql query is incorrect. Try this code and see if there is sql error:

Code: Select all

$sql="SELECT user_ID FROM tbl_users WHERE user_login='$txt_login' AND user_password='$hashed_password' AND status='sent' AND active='1'";
$result=mysqli_query($con,$sql);
if($result){
  if(mysqli_num_rows($result)>0){
    $_SESSION['user_login']=$txt_login;
    redirect("myskils.php");
  }
  else {
    $err=true;
    $message="your name or your password in incorrect";
    echo $hashed_password;
  }
}
else {
  echo 'Error: '. mysqli_error($con) .' in the sql, or some sql data is incorrect:<br>'. $sql;
}

Posted: **13 Feb 2017, 16:25**

hello,
Unfortunately, the same message is displayed again. "your name or your password is incorrect".
When I removed this code "user_password='$hashed_password'" it works correctly, but with this "user_password='$hashed_password'"
it does not work.
i used in register form and login form this code" $hashed_password= hash('ripemd160', $txt_pass); "
it was same for both forms.

Posted: **13 Feb 2017, 17:41**

Maybe the password is incorrect. You can check in phpmyadmin to see if the value of the $hashed_password is the same with data saved in the "user_password" column.

Posted: **13 Feb 2017, 18:02**

i checked, value of $hashed_password that saved in db and value of user password when user try enter password in form, with "echo $hashed_password;" in login.php
both of them are same.

it works correct in localhost by XAMPP but does not work in host!!!

Posted: **13 Feb 2017, 19:01**

Not know what the problem is, nor how I can help you.
Try put manually the password from mysql in the $sql query and see if it works. Something like this:

Code: Select all

$sql="SELECT user_ID FROM tbl_users WHERE user_login='$txt_login' AND user_password='pass_from_mysql' AND status='sent' AND active='1'";

Eventualy apply: echo $sql; and test the resulted string in phpmyadmin.
If it not works, the problem might be from the mysql table; if it works the problem might be something from the form to php.

Posted: **13 Feb 2017, 20:30**

thank you for your help.
i can find this problem!
it was a space line in user_password=' $hashed_password' in register code.
all of the passwords in db had a space line. I did not realize it.
thank you any way.

Forum

Select in mysql table with password from form not work

Select in mysql table with password from form not work

Select in mysql table with password from form not work

Select in mysql table with password from form not work

Select in mysql table with password from form not work

Select in mysql table with password from form not work

Select in mysql table with password from form not work

Select in mysql table with password from form not work