I got a simple error in my code... just can't pin point it.

[ManiacalV]

The salt changes every time you refresh. If you crypt your password before you enter it into the DB (as a varchar, not password)  and use the

Code: [Select]

if(crypt($entered_password, $DB_password) == $DB_password)) {it will use the same salt and should work.

Even easier is md5()

When you insert the password into the DB, enter it as md5($password)

Then when you check, just do a

Code: [Select]

if(md5($entered_password) == $DB_password)) {

and you don't have to worry about salt or anything. md5 is the same every time. I've hashed a 200 character string, and changed case on one character and md5 will still come up with a completely different hash.

It's easy to use, and if you don't plan on unencrypting it, works well for what you're doing. (IMHO)

[kerek]

Great man, it works nicely. I added a couple of if's and such to test a couple of different inputs that the user could do.
Yet, I am missing one and I'm not sure exactly how I would go about doing it.
Say, the user inputs the username Brian and that doesn't exist in the database, right now it just refreshs itself and does nothing (because I havent told it to do anything) but I want my script to check and if the username is not in existance (right now I only have 1 in my DB) that it will refresh itself and display a message, similar to if the password is wrong.

I believe that is the last thing I need to cover for my script to be pretty solid.
Check it out. Pretty much complete:
http://http://www.joystickadventures.com/logintest/login.php
username: matt
password: 123

So, I just need to check the DB to see if the username is there, if its not then display an error message. I'm sure it's easy and I'm just overlooking how to do it.
Thanks man.

Tell me any other suggestions you may have from the link which has my script in working order.

EDIT: oh yeah, how does one display my viewposts.php page in oldest last fashion. I think it is DESC or something but I can't remember.

[ManiacalV]

Code: [Select]

<?
include("inc/connect_db.inc.php");
if ($submit == "Login"){
   $query="SELECT * FROM users WHERE username='$username'";
   $mysql_stuff = mysql_query($query);
   if(mysql_num_rows($mysql_stuff) < 1) {
      // do stuff for new user
      echo "New user, please resgister or whatnot<br>";
      die();
    }



[kerek]

Hrm. Sorry if I was unclear.

What I need is something more along the lines of if someone logins with the username Brian, and there is no Brian in the database, then it will prompt the error.

Like user not found, or something....

Sorry for the confusion

[ManiacalV]

The text was an example, you can put anything you want there.

[kontir]

Since u get the error and php has got the new versions u have to use @mysql_fetch_array. So u have to put a @ in front mysql. It is required on the php version.

[Tarential]

Since u get the error and php has got the new versions u have to use @mysql_fetch_array. So u have to put a @ in front mysql. It is required on the php version.

Don't give advice if you don't know what you are talking about. Stupid people might actually believe you. The "@" is used for error suppression.