if i register with user name and password like this:
John
123456
when i log in, if i do john, it doesn't let me log in and it says "wrong password", although its wrong username.
can you please help me?
i have a problem with case sensitive, login page.
-
PaxBritannia
- Posts: 680
- Joined: Sun Apr 18, 2010 1:54 pm
Re: i have a problem with case sensitive, login page.
Could you post the script that handles the logins? (reguser.php if you followed the tutes)
Pax.
Pax.
-
Jackolantern
- Posts: 10891
- Joined: Wed Jul 01, 2009 11:00 pm
Re: i have a problem with case sensitive, login page.
Yep, sounds like a logic issue, but we will have to see the code. Also, if there is any issues with the username or password being caps or not, there are a host of functions that can be used to correct that. We will have to take a look 
The indelible lord of tl;dr
Re: i have a problem with case sensitive, login page.
here is the login.php, i did another tut, not in this site...
thanks for help
Code: Select all
<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
strtolower($username == "username");
if ($username&&$password)
{
$connect = mysql_connect("localhost","root","") or die("Couldn't connect!");
mysql_select_db("phplogin") or die("Couldn't find db");
$query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrows = mysql_num_rows($query);
if ($numrows!=0)
{
while ($row = mysql_fetch_assoc($query))
{
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
//check to see if they match!
if ($username==$dbusername&&$password==$dbpassword)
{
echo "?????? ??????! <a href='member.php'>???? ??</a> ????? ????? ????? ????????";
$_SESSION['username']=$username;
}
else
{
echo "?????? ????? ?? ?????!";
}
}
else
{
die("?????? ??? ?? ????!");
}
}
else
{
die("????? ????? ?? ????? ??????!");
}
?>thanks for help
-
PaxBritannia
- Posts: 680
- Joined: Sun Apr 18, 2010 1:54 pm
Re: i have a problem with case sensitive, login page.
With the Hebrew, I don't really know which is "wrong password" and which is "wrong username" 
What I did find is you used "strtolower" which converts a string to lowercase. And you used it weirdly.
I tried to fix it (my Hebrew skills are non-existent), and here it is:
By the way, for security reasons, you should not tell the user which one of their user/password combo is incorrect. Only tell them that the combo is incorrect. Also, try to make use of tabbing, it will help you with the debugging and make it easier to read.
Pax.
What I did find is you used "strtolower" which converts a string to lowercase. And you used it weirdly.
I tried to fix it (my Hebrew skills are non-existent), and here it is:
Code: Select all
<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
$username == strtolower($username); // Why do you need this? This will make it case INSENSITIVE
if ($username&&$password){
$connect = mysql_connect("localhost","root","") or die("Couldn't connect!");
mysql_select_db("phplogin") or die("Couldn't find db");
$query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrows = mysql_num_rows($query);
if ($numrows!=0){
while ($row = mysql_fetch_assoc($query)){
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
//check to see if they match!
if ($username==$dbusername&&$password==$dbpassword){
echo "You logged in <a href='member.php'>click here</a> to continue.";
$_SESSION['username']=$username;
}else{
echo "You entered an incorrect password";
}
}else{
die("You entered an incorrect username");
}
}else{
die("You did not submit a username/password");
}
?>Pax.
Re: i have a problem with case sensitive, login page.
Also, set the cookie by pulling from the database. Don't set it based on the user-input POST data. That way you can avoid issues with variable capitalization in other stuff.