0

I know this question have been asked before and I've searched it but couldn't get to solve my problem. whenever I run this code, I get "invalid login" message. username and password is saved in mysql database. Below is my code.

<?php
    $dbhost = "localhost";
    $dbuser = "root";
    $dbpass = "";
    $db = "mydb";

    $dbconnect= mysqli_connect($dbhost, $dbuser, $dbpass, $db);
    mysqli_select_db($dbconnect,$db) or die("could not connect to database");


    if (isset($_POST['username']) && isset($_POST['password'])){
        $username = $_POST['username'];
        $password = $_POST['password'];
        $username = stripslashes($username);
        $password = stripslashes($password);

        $query = "SELECT * from users WHERE username = '$username' AND password = '$password' LIMIT 1";
        $result = mysqli_query($query);

        $count = mysqli_num_rows($result);

        if($count==1){
            echo "Login successufull!!!";
            exit();
        }else{
            echo "Invalid login";
            exit();
        }       
    }
?>

<!Doctype html>
<html>
<head>
    <link href='style.css' type='text/css' rel='stylesheet'>
</head>
<body>
    <form action = 'main.php' method="post" enctype='multipart/data-form'>
        <h1>User login information</h1>
        <p>Username:<input type= 'text' name='username'></p>
        <p>Password:<input type = 'password' name = 'password'></p>
        <p><input type = 'submit' name = 'submit' value='Submit'></p>

    </form>
</body>
</html>
Improve this question
10
  • look at this line very carefully $result = mysqli_query($query); - what's missing? deviated from your other question's method stackoverflow.com/q/33593455 Commented Nov 18, 2015 at 3:31
  • 4
    @ChristianVarga don't you think this line stop programming a pick up another career kinda harsh ? we don't know that which purpose he is using this. You can suggest something but thats not mean the harsh way Commented Nov 18, 2015 at 3:35
  • this doesn't help you echo "Invalid login"; get the real error. Commented Nov 18, 2015 at 3:36
  • 1
    @Fred thanx for your suggestion and I appreciate you not providing me direct answer and forced me to look myself in problem. Commented Nov 18, 2015 at 4:07
  • 2
    @christianVarge . Perhaps it's a project for his personal use and he's experimenting with code. It doesn't mean he plans to deploy this into a production environment. Yes it's not secure we get it, your comment was unwarranted and un constructive Commented Nov 18, 2015 at 4:11

1 Answer 1

Reset to default
1

Try this and see if it works. I used this as a test with my private server. It works fine. If this doesn't work for you then echo out $username and $password to see what they contain then see if they match your database.

<?php
    $dbhost = "localhost";
    $dbuser = "root";
    $dbpass = "";
    $db = "mydb";

    $dbconnect= mysqli_connect($dbhost, $dbuser, $dbpass, $db);
    mysqli_select_db($dbconnect,$db) or die("could not connect to database");


    if (isset($_POST['username']) && isset($_POST['password'])){
        $username = $_POST['username'];
        $password = $_POST['password'];
        $username = stripslashes($username);
        $password = stripslashes($password);

        $query = "SELECT * from users WHERE username = '$username' AND password = '$password'";
        $result = mysqli_query($dbconnect, $query);

        $count = mysqli_num_rows($dbconnect, $result);

        if($count == 1){
            echo "Login successufull!!!";
            exit();
        }else{
            echo "Invalid login";
            exit();
        }       
    }
?>

HTML:

<!Doctype html>
<html>
    <head>
        <link href='style.css' type='text/css' rel='stylesheet'>
    </head>
    <body>
        <form action = 'main.php' method="post" enctype='multipart/data-form'>
            <h1>User login information</h1>
            <p>Username:<input type= 'text' name='username'></p>
            <p>Password:<input type = 'password' name = 'password'></p>
            <p><input type = 'submit' name = 'submit' value='Submit'></p>

        </form>
    </body>
</html>
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

maybe i am missing something but how does mysqli_query even work without the connection object. to my understanding it is either $dbconnect->query($query) or mysqli_query($dbconnect,$query)
@Memor-X code was not working, i was getting same error and i echoed the username and password and it was retrieving correct user info. Now i've figured out what was the problem and code is working fine now. thanx for taking time and replying.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.