Login troubles

Beginners - Learning PHP
#1

ok so I made a login for my website but sadly people can use the same username over and over and it messes up my mysql data base. I don’t know what to add to my php code for it to stop :confused:

[code]<?php

$username = $_POST[‘username’];
$password = $_POST[‘password’];

if ($username&&$password)
{

$connect = mysql_connect(“localhost”,“bagobone_Peter”,“boomerdog222”) or die (“Couldn’t connect!”);
mysql_select_db(“bagobone_phplogin”) or die (“couldn’t find database!”);
$query = mysql_query(“SELECT * FROM users WHERE username= ‘$username’”);

$numrows = mysql_num_rows($query);
if ($numrows!=0)
{

while ($row = mysql_fetch_assoc($query))
{
        $dbusername = $row['username'];
		$dbpassword = $row['password'];
		$activated = $row['activated'];
		
		if ($activated=='0')
		{
			die("Your account is not yet active. Please check your E-mail.");
			exit();
		}
}

if ($username==$dbusername&&md5($password)==$dbpassword)
{
	echo "Welcome to The Dream Flow. Click <a href='home.php'>here</a>.";
	$_SESSION['username']=$dbusername;
}
else
	echo "Incorrect Password!";

}
else
die(“That user doesn’t exist!”);
}
else
die (“Please enter a username and password”);

?>

Username:
Password:

Register?

[/code]
#2

Sounds like you are providing the incorrect form here. You need to validate the register form to stop people using the same username, not the login one.

#3

Hi there,

You can do a simple username validation by querying the MySQL server with the username you receive from the user:

[php]

<?php $db = new mysqli('HOSTNAME', 'USERNAME', 'PASSWORD', 'DATABASE'); $user = $_POST['username']; $result = $db->query("SELECT * FROM users WHERE user='$user'"); if($result->num_rows > 0) { $error = "The username $user is already in use. Please try again."; } ?>[/php]

This script will allow you to verify that no other user has the same username in your database.

Hope this helps.

Sponsor our Newsletter | Privacy Policy | Terms of Service