What am I doing wrong?

@wietsedAug 23.2006

Hello,

I think I’m going to need a little bit of help.
I don’t exactly know where to post this, because it has a little bit of PHP, MySQL and JS.

The PHP script is this:

[code=php] <?php mysql_connect(“localhost”, “username”, “password”) or die(mysql_error()); mysql_select_db(“users”) or die(mysql_error());

$result = mysql_query(“SELECT * FROM users”) or die(mysql_error());

$row = mysql_fetch_array( $result );

$username=$row[‘user’]; $password=$row[‘pass’];

echo “<html>”; echo “<head>”; echo “<SCRIPT LANGUAGE=”JavaScript” src=”login.js”>”; echo “</SCRIPT>”; echo “</head>”; echo “<body>”; echo “<center>”;

echo “<table border=”1″ width=”400″>”; echo “<tr align=”left”>”; echo “<td width=”200″>Username:</td>”; echo “<td width=”200″>”; echo “<input type=”text” name=”user” size=”35″>”; echo “</td>”; echo “</tr>”; echo “<tr align=”left”>”; echo “<td width=”200″>Password:</td>”; echo “<td width=”200″>”; echo “<input type=”text” name=”passw” size=”35″>”; echo “</td>”; echo “</tr>”; echo “</table>”; echo “<p />”; echo “<form name=”login”>”; echo “<input type=”submit” value=”Login!” onClick=”Login()”>”; echo “</center>”; echo “</form>”; echo “</body>”; echo “</html>”; ?> [/code]

Besides storing the username and password from the database in a variable,
this script echoes the html page which includes a submit bottom
The submit bottom calls a function stores in the “login.js” file.

Here is that JS script:

[CODE] function Login(){ var done=0; var user=document.login.user.value; var passw=document.login.passw.value;

if (user==$username && passw==$password) {window.open(‘main.html’); done=1;}

if (done==0) { alert(“Invalid login!”); } }

[/CODE]

This script compares the username & password typed in the boxes, with the variables from the database (user==$username && passw==$password).

Unfortunately, it just doesn’t seem to work.
When I echo the variables $username and $password I do get the correct info, so that works.
What doesn’t work is compare these with the values from the input fields on the page.

Well, quite a story, and I hope you inderstand what I’m trying to explain.

Any help is very much appreciated ?

to post a comment

PHP

8 Comments(s) _↴

@wietsedauthorAug 24.2006 — #nobody???

@LiLcRaZyFuZzYAug 24.2006 — #why using javascript?

@wietsedauthorAug 24.2006 — #why using javascript?[/QUOTE]

OK, if you have a more simple solution, I'd be glad to hear it ?

@LiLcRaZyFuZzYAug 24.2006 — #something like that

[code=php]
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
 <html>
 <head>
 <title></title>
 <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
 <style type="text/css">
 fieldset{
 border: 0;
 }
 
   ul.ul_form{
   list-style-type: none;
   }
   </style>
  </head>
  <body>
   <?php
   if(isset($_POST['user']) && isset($_POST['passw'])){
   $user = $_POST['user'];
   $passw = $_POST['passw'];
 
   # mysql connection
   $connection = mysql_connect("localhost", "username", "password") or die(mysql_error());
   mysql_select_db("users") or die(mysql_error()); 
 
   $query = "SELECT * FROM users WHERE user='$user' AND pass='$passw' LIMIT 1";
   # WARNING: I strongly recommend that you don't save your password in text, but only save the hash (see md5)
 
   $result = mysql_query($query);
 
   if(!$result){
   die("Login failed. Try again.");
   }else{
   $row = mysql_fetch_array($result, MYSQL_ASSOC);
   }
   }else{
   ?>
   <fieldset>
   <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
   <ul class="ul_form">
   <li>Username:</li>
   <li><input type="text" name="user" class="text_field"></li>
   <li>Password:</li>
   <li><input type="password" name="passw" class="text_field"></li>
   <li><input type="submit" value="log in"></li>
   </ul>
   </form>
   </fieldset>
   <?php
   }
   ?>
  </body>
 </html>
 [/code]

@netbuddyAug 24.2006 — #Change either this: $_passw = $_POST['passw']; to this: $passw = $_POST['passw'];

OR!!!

Change this: $query = "SELECT * FROM users WHERE user='$user' AND pass='$passw' LIMIT 1"; to this: $query = "SELECT * FROM users WHERE user='$user' AND pass='$_passw' LIMIT 1";

Whichever way you want to playit.

@LiLcRaZyFuZzYAug 24.2006 — #Change either this: $_passw = $_POST['passw']; to this: $passw = $_POST['passw'];

OR!!!

Change this: $query = "SELECT * FROM users WHERE user='$user' AND pass='$passw' LIMIT 1"; to this: $query = "SELECT * FROM users WHERE user='$user' AND pass='$_passw' LIMIT 1";

Whichever way you want to playit.[/QUOTE]
intentional typo ?

@wietsedauthorAug 25.2006 — #I got it working!

Thank you very much!!!

@LiLcRaZyFuZzYAug 25.2006 — #?

Also in #PHP _↴

Local PHP Advice Please Start Batch file and exe files from php and html Problem with inserting new rows into mysql

Success!

Help @wietsed spread the word by sharing this article on Twitter...

Tweet This

What am I doing wrong?

8 Comments(s) _↴

Also in #PHP _↴

Success!

Social

Version

What am I doing wrong?

8 Comments(s) ↴

Also in #PHP ↴

Success!

The web is an endless sea of information. Don't miss the boat... Subscribe!

Social

Version

8 Comments(s) _↴

Also in #PHP _↴