<?php $host = "localhost"; $username = "root"; $password = "vladon12"; $db_name = "cdcol"; $tbl_name = "members"; mysql_connect($host, $username, $password) or die("can't connect"); mysql_select_db($db_name) or die(mysql_error()); $username = $_POST['username']; $password = $_POST['password']; $sql = "SELECT * FROM $tbl_name WHERE username='$username' and password='$password'"; $result = mysql_query($sql); $count = mysql_num_rows($result); if($count==1) { session_register("username"); session_register("password"); header("location:login_success.php"); } else{ echo "Неверный Логин или Пароль"; } ?>

Here's what's wrong here, it writes me "Invalid Login or Password" Even if the password and Login are correct, what should I do? Thank you in advance)

Closed due to the fact that off-topic participants D-side , cheops , aleksandr barakin , user194374, Streletz Jun 17 '16 at 6:57 .

It seems that this question does not correspond to the subject of the site. Those who voted to close it indicated the following reason:

  • “Questions asking for help with debugging (“ why does this code not work? ”) Should include the desired behavior, a specific problem or error, and a minimum code for playing it right in the question . Questions without an explicit description of the problem are useless for other visitors. See How to create minimal, self-sufficient and reproducible example . " - D-side, cheops, aleksandr barakin, Community Spirit, Streletz
If the question can be reformulated according to the rules set out in the certificate , edit it .

  • one
    after $count = mysql_num_rows($result); do die(var_dump($count, mysql_fetch_array($result), $username, $password, mysql_error())); what will lead out? - Sh4dow
  • Do you have exactly one such login / password entry in the table? How many mysql_num_rows returns? - Avalon
  • $sql = "SELECT * FROM $tbl_name WHERE username='$username' and password='$password'"; - never do that. And in general, do not do necrophilia with mysql_* (they are already deprecated) - take, finally, PDO. Or PEAR :: DB, at worst. - drdaeman

5 answers 5

In your code, two variables refer to the same name $ username

    maybe the password in md5 is stored in the database?

       .... if(mysql_result(mysql_query("SELECT count(*) FROM $tbl_name WHERE username='$username' and password='$password'" LIMIT 1),0)==1) { session_register("username"); session_register("password"); header("location:login_success.php"); } else { echo "Неверный Логин или Пароль"; } ....

        The code works fine. Option 2:

        1. something is not passed in $_POST['username'] or $_POST['password']
        2. or in the table "members" jamb. By the way, can I see it dump?

          Can not that connection? Point it hard.

          Maybe not $_POST ?

          Maybe in the login password there is a sign '

          Maybe you should cut the spaces, \r and \n at the login and password?

          And maybe the table name is incorrectly specified, or some wrong characters are getting out somewhere? Worth asking at the muscle itself about the error ?

           <? // ... error_reporting(E_ALL); $DB = mysql_connect($host, $username, $password) or die("can't connect"); mysql_select_db($db_name, $DB) or die(mysql_error()); $username = $_POST['username']; // точно не $_GET? $password = $_POST['password']; // точно не $_GET? $username = trim($username); $password = trim($password); $username = mysql_real_escape_string($username, $DB); $password = mysql_real_escape_string($password, $DB); var_dump($username, $password); $sql = "SELECT * FROM `" .$tbl_name. "` WHERE username='" .$username. "' and password='". $password. "'"; $result = mysql_query($sql, $DB); echo '<pre>'.$sql.'</pre><p>'.mysql_error($DB).'</p>'; // ... ?>