Jump to content

Login Code not working correctly


shoopaie

Recommended Posts

I am attempting to retrieve information from the database to compare against information given in a login form. However, I know the information is in the database, and is correct. I also know I am typing it in correctly. Username and password are getting an "Invalid Login" response, when I know they are correct. From this snippet of code, is there anything wrong??? Thank you.

 

 

//validate the info given
$user = mysql_real_escape_string($_POST['username']);
$pass = mysql_real_escape_string($_POST['password']);

//check the database
$check_info = @mysql_query("SELECT * FROM 'clayton' WHERE 'username' = '$user'");
$user_info = @mysql_fetch_assoc($check_info);

if($user == $user_info['username'] && $pass == $user_info['password'])
{
	echo "Successful Login!";
}
else{
	echo "Invalid Login";
}

Link to comment
Share on other sites

I found the answer to the problem, though easily overlooked. The original script had a line in the mysql_query that looked like this:

 

$check_info = @mysql_query("SELECT * FROM `clayton` WHERE `username` = '$user'");

 

My code looked like this:

 

$check_info = @mysql_query("SELECT * FROM 'clayton' WHERE 'username' = '$user'");

 

Apparently there is a HUGE difference between an apostrophe and a grave accent (the little dude on the tilde key, under the ESC key) that surrounds the words "clayton" and "username" lol...who knew.

Link to comment
Share on other sites

Apparently there is a HUGE difference between an apostrophe and a grave accent (the little dude on the tilde key, under the ESC key) that surrounds the words "clayton" and "username" lol...who knew.

Yep, that could cause an issue. I didn't see that at first either. I believe that the single quotes indicate a string, so 'username' would mean the string "username" not the username field in the database.

 

Usually when dealing with issues like this, the first step is to echo out any variables and make sure they hold the values that they should. The second step would be to check the query, and make sure it is returning the results you expect (I tend to do this using PHPMyAdmin, since the error messages are sometimes a bit easier to decipher.)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...