LCKB ** OLD LCKB DATABASE ** Website Scripting & Security Webmasters Help & Talk Help & Requests v
Login ...

Threaded Mode
Login ...
SmoGG
Unregistered
 
#1
08-01-2013, 04:42 PM

Damn I need help :/

 

I wanna learn PHP and i will start with a really simple login script.

So I searched on Google "php login script with mysql" and i found 2

(I have look other scripts from MaX and Blackfire, Sentence but its to high for me)

 

I only need login & login and thats what i have now:

 

Login //HTML\\

<form method="post" action="login.php">
<input type="hidden" name="submit" />
<input type="text" value="" name="user" id="login" placeholder="Username"/>
<input type="password" value="" name="passwd" id="pass" placeholder="Password"/>
<div id="space"></div>
<div id="loginbtn"><input name="image" type="image" value="Log In" src="images/login.jpg"></div>
</form>

Login //PHP\\

<?php
session_start();
?>

<?php
$verbindung = mysql_connect("localhost", "root" , "")
or die("Verbindung zur Datenbank konnte nicht hergestellt werden");
mysql_select_db("auth") or die ("Datenbank konnte nicht ausgewählt werden");

$username = $_POST["user"];
$passwort = md5($_POST["passwd"]);

$abfrage = "SELECT user_id, passwd FROM bg_user WHERE user_id LIKE $username LIMIT 1";
$ergebnis = mysql_query($abfrage);
$row = mysql_fetch_object($ergebnis);

if($row->passwd == $passwort)
{
$_SESSION["user_id"] = $username;
echo "Login erfolgreich. <br> <a href=\"index.php\">Geschützer Bereich</a>";
}
else
{
echo "Benutzername und/oder Passwort waren falsch. <a href=\"index.php\">Login</a>";
}

?>

But I get every time "username or password are wrong" but why ?! >.<
(sorry but I dont know much about this so please dont laugh or tell me noob
& dont come with "the script isnt safe" .. its my first try)

AdiH97 Offline
Junior Member
**
Posts: 31
Threads: 1
Thanks Received: 0 in 0 posts
Thanks Given: 0
Joined: Sep 2011
Reputation: 0
#2
08-01-2013, 09:44 PM

Here you have

<?php
session_start();

$verbindung = mysql_connect("localhost", "root" , "mysqlroot")
or die("Verbindung zur Datenbank konnte nicht hergestellt werden");
mysql_select_db("auth") or die ("Datenbank konnte nicht ausgewählt werden");

$username = $_POST["user"];
$passwort = md5($_POST["passwd"]);

$abfrage = "SELECT user_id,passwd FROM bg_user WHERE user_id = $username";
$ergebnis = mysql_query($abfrage);
$row = mysql_fetch_array($ergebnis);
$user_id = $row[user_id];
$passwd = $row[passwd];


if($username = $user_id AND $passwort = $passwd)
{
$_SESSION["user_id"] = $username;
echo "Login erfolgreich. <br> <a href=\"index.php\">Geschützer Bereich</a>";
}
else
{
echo "Benutzername und/oder Passwort waren falsch. <a href=\"index.php\">Login</a>";
}
?>

Tested by me.

Find
SmoGG
Unregistered
 
#3
08-01-2013, 10:57 PM
Thanks (:


Forum Jump:


Users browsing this thread: 1 Guest(s)