I'm getting an error whenever I try to pass a password from a form. I ran the password field queries below and get the following output. My varchar length for the password column is set for 255. With the first query, I'm returned the password unencrypted, with the second it's returned encrypted...I've tried entering the password both plain text and encrypted in my form and still no joy. Any suggestions? Thanks from the obvious newbie!
SELECT password FROM login
where loginName = 'tfreeman' =password bux
SELECT password( 'tfreeman' ) =password('tfreeman')
0efd8d9c2edcd25c
Error = "The Login Name, 'tfreeman' exists, Please try password again."
--------------------------------------------------
<?php
/* Program: Login.php
Desc: Login progam to provide access to the TT app. for existing users.
*/
session_start();
session_register('auth');
session_register('logname');
include("connect.inc"
;
switch (@$do)
{
case "login":
$connection = mysql_connect($host, $user,$password)
or die ("Couldn't connect to server."
$db = mysql_select_db($database, $connection)
or die ("Couldn't select database."
$sql = "SELECT loginName FROM login
WHERE loginName = '$fusername'";
$result = mysql_query($sql) or die ("Couldn't execute query."
$num = mysql_num_rows($result);
if ($num == 1) // login name was found
{
$sql = "SELECT loginName FROM login
WHERE loginName = '$fusername'
AND password=password('$fpassword')";
$result2 = mysql_query($sql)
or die("Couldn't execute query."
$num2 = mysql_num_rows($result2);
if ($num2 > 0) // password is correct
{
$auth="yes";
$logname=$fusername;
$today = date("y-m-d h:m:s"
$sql = "INSERT INTO user_logins (loginName,loginTime)
VALUES ('$logname','$today')";
mysql_query($sql) or die ("Can't execute query."
header("Location: tt.php"
}
else // password is not correct
{
unset($do);
$message="Please try password again.<br>";
include("login_form.inc"
}
}
elseif ($num == 0) // login name not found
{
unset ($do);
$message = "The Login Name, '$fusername' exists, Please try password again<br>";
include ("login_form.inc"
}
break;
default;
include ("login_form.inc"
}
?>
SELECT password FROM login
where loginName = 'tfreeman' =password bux
SELECT password( 'tfreeman' ) =password('tfreeman')
0efd8d9c2edcd25c
Error = "The Login Name, 'tfreeman' exists, Please try password again."
--------------------------------------------------
<?php
/* Program: Login.php
Desc: Login progam to provide access to the TT app. for existing users.
*/
session_start();
session_register('auth');
session_register('logname');
include("connect.inc"
;switch (@$do)
{
case "login":
$connection = mysql_connect($host, $user,$password)
or die ("Couldn't connect to server."
;$db = mysql_select_db($database, $connection)
or die ("Couldn't select database."
;$sql = "SELECT loginName FROM login
WHERE loginName = '$fusername'";
$result = mysql_query($sql) or die ("Couldn't execute query."
;$num = mysql_num_rows($result);
if ($num == 1) // login name was found
{
$sql = "SELECT loginName FROM login
WHERE loginName = '$fusername'
AND password=password('$fpassword')";
$result2 = mysql_query($sql)
or die("Couldn't execute query."
;$num2 = mysql_num_rows($result2);
if ($num2 > 0) // password is correct
{
$auth="yes";
$logname=$fusername;
$today = date("y-m-d h:m:s"
;$sql = "INSERT INTO user_logins (loginName,loginTime)
VALUES ('$logname','$today')";
mysql_query($sql) or die ("Can't execute query."
;header("Location: tt.php"
;}
else // password is not correct
{
unset($do);
$message="Please try password again.<br>";
include("login_form.inc"
;}
}
elseif ($num == 0) // login name not found
{
unset ($do);
$message = "The Login Name, '$fusername' exists, Please try password again<br>";
include ("login_form.inc"
;}
break;
default;
include ("login_form.inc"
;}
?>
