shoopaie Posted February 22, 2011 Report Share Posted February 22, 2011 I am attempting to retrieve information from the database to compare against information given in a login form. However, I know the information is in the database, and is correct. I also know I am typing it in correctly. Username and password are getting an "Invalid Login" response, when I know they are correct. From this snippet of code, is there anything wrong??? Thank you. //validate the info given $user = mysql_real_escape_string($_POST['username']); $pass = mysql_real_escape_string($_POST['password']); //check the database $check_info = @mysql_query("SELECT * FROM 'clayton' WHERE 'username' = '$user'"); $user_info = @mysql_fetch_assoc($check_info); if($user == $user_info['username'] && $pass == $user_info['password']) { echo "Successful Login!"; } else{ echo "Invalid Login"; } Quote Link to comment Share on other sites More sharing options...
falkencreative Posted February 22, 2011 Report Share Posted February 22, 2011 The first thing I would do here is echo out the four different variables you are using. Make sure they all hold the expected values. Quote Link to comment Share on other sites More sharing options...
shoopaie Posted February 22, 2011 Author Report Share Posted February 22, 2011 Very nice Idea. Variable $user, and $pass echo out correctly. Variable $check_info, and $user_info echo out nothing. Is that correct? Also, something interesting is that when i enter no username or password, it says login successful. Quote Link to comment Share on other sites More sharing options...
shoopaie Posted February 22, 2011 Author Report Share Posted February 22, 2011 I found the answer to the problem, though easily overlooked. The original script had a line in the mysql_query that looked like this: $check_info = @mysql_query("SELECT * FROM `clayton` WHERE `username` = '$user'"); My code looked like this: $check_info = @mysql_query("SELECT * FROM 'clayton' WHERE 'username' = '$user'"); Apparently there is a HUGE difference between an apostrophe and a grave accent (the little dude on the tilde key, under the ESC key) that surrounds the words "clayton" and "username" lol...who knew. Quote Link to comment Share on other sites More sharing options...
falkencreative Posted February 22, 2011 Report Share Posted February 22, 2011 Apparently there is a HUGE difference between an apostrophe and a grave accent (the little dude on the tilde key, under the ESC key) that surrounds the words "clayton" and "username" lol...who knew. Yep, that could cause an issue. I didn't see that at first either. I believe that the single quotes indicate a string, so 'username' would mean the string "username" not the username field in the database. Usually when dealing with issues like this, the first step is to echo out any variables and make sure they hold the values that they should. The second step would be to check the query, and make sure it is returning the results you expect (I tend to do this using PHPMyAdmin, since the error messages are sometimes a bit easier to decipher.) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.