Login ... - Printable Version

Login ... - Printable Version

+- LCKB (https://lckb.dev/forum)
+-- Forum: ** OLD LCKB DATABASE ** (https://lckb.dev/forum/forumdisplay.php?fid=109)
+--- Forum: Website Scripting & Security (https://lckb.dev/forum/forumdisplay.php?fid=197)
+---- Forum: Webmasters Help & Talk (https://lckb.dev/forum/forumdisplay.php?fid=142)
+----- Forum: Help & Requests (https://lckb.dev/forum/forumdisplay.php?fid=116)
+----- Thread: Login ... (/showthread.php?tid=2090)

- SmoGG - 08-01-2013

Damn I need help :/

I wanna learn PHP and i will start with a really simple login script.

So I searched on Google "php login script with mysql" and i found 2

(I have look other scripts from MaX and Blackfire, Sentence but its to high for me)

I only need login & login and thats what i have now:

Login //HTML\\

<form method="post" action="login.php">
<input type="hidden" name="submit" />
<input type="text" value="" name="user" id="login" placeholder="Username"/>
<input type="password" value="" name="passwd" id="pass" placeholder="Password"/>
<div id="space"></div>
<div id="loginbtn"><input name="image" type="image" value="Log In" src="images/login.jpg"></div>
</form>

Login //PHP\\

<?php
session_start();
?>

<?php
$verbindung = mysql_connect("localhost", "root" , "")
or die("Verbindung zur Datenbank konnte nicht hergestellt werden");
mysql_select_db("auth") or die ("Datenbank konnte nicht ausgewÃƒÂ¤hlt werden");

$username = $_POST["user"];
$passwort = md5($_POST["passwd"]);

$abfrage = "SELECT user_id, passwd FROM bg_user WHERE user_id LIKE $username LIMIT 1";
$ergebnis = mysql_query($abfrage);
$row = mysql_fetch_object($ergebnis);

if($row->passwd == $passwort)
{
$_SESSION["user_id"] = $username;
echo "Login erfolgreich. <br> <a href=\"index.php\">GeschÃƒÂ¼tzer Bereich</a>";
}
else
{
echo "Benutzername und/oder Passwort waren falsch. <a href=\"index.php\">Login</a>";
}

?>

But I get every time "username or password are wrong" but why ?! >.<
(sorry but I dont know much about this so please dont laugh or tell me noob
& dont come with "the script isnt safe" .. its my first try)

- AdiH97 - 08-01-2013

Here you have

<?php
session_start();

$verbindung = mysql_connect("localhost", "root" , "mysqlroot")
or die("Verbindung zur Datenbank konnte nicht hergestellt werden");
mysql_select_db("auth") or die ("Datenbank konnte nicht ausgewÃƒÂ¤hlt werden");

$username = $_POST["user"];
$passwort = md5($_POST["passwd"]);

$abfrage = "SELECT user_id,passwd FROM bg_user WHERE user_id = $username";
$ergebnis = mysql_query($abfrage);
$row = mysql_fetch_array($ergebnis);
$user_id = $row[user_id];
$passwd = $row[passwd];

if($username = $user_id AND $passwort = $passwd)
{
$_SESSION["user_id"] = $username;
echo "Login erfolgreich. <br> <a href=\"index.php\">GeschÃƒÂ¼tzer Bereich</a>";
}
else
{
echo "Benutzername und/oder Passwort waren falsch. <a href=\"index.php\">Login</a>";
}
?>

Tested by me.

- SmoGG - 08-01-2013

Thanks (: