Indie-Resource.com

Were Back!
http://www.indie-resource.com/forums/

i have a problem with case sensitive, login page.

http://www.indie-resource.com/forums/viewtopic.php?t=1914

Page 1 of 1

i have a problem with case sensitive, login page.

Posted: Mon Jun 28, 2010 2:45 am
by Mefarsem
if i register with user name and password like this:

John
123456

when i log in, if i do john, it doesn't let me log in and it says "wrong password", although its wrong username.

can you please help me?

Re: i have a problem with case sensitive, login page.

Posted: Mon Jun 28, 2010 3:43 am
by PaxBritannia
Could you post the script that handles the logins? (reguser.php if you followed the tutes)

Pax.

Re: i have a problem with case sensitive, login page.

Posted: Mon Jun 28, 2010 4:36 am
by Jackolantern
Yep, sounds like a logic issue, but we will have to see the code. Also, if there is any issues with the username or password being caps or not, there are a host of functions that can be used to correct that. We will have to take a look :)

Re: i have a problem with case sensitive, login page.

Posted: Mon Jun 28, 2010 11:05 am
by Mefarsem
here is the login.php, i did another tut, not in this site...

Code: Select all

<?php

session_start();

$username = $_POST['username'];
$password = $_POST['password'];




strtolower($username == "username");



        if ($username&&$password)
            {
    
                $connect = mysql_connect("localhost","root","") or die("Couldn't connect!");
                mysql_select_db("phplogin") or die("Couldn't find db");  

                $query = mysql_query("SELECT * FROM users WHERE username='$username'");


                $numrows = mysql_num_rows($query);

                if ($numrows!=0)
{

    while ($row = mysql_fetch_assoc($query))
    {
        $dbusername = $row['username'];
        $dbpassword = $row['password'];
    } 
 
    //check to see if they match!
    if ($username==$dbusername&&$password==$dbpassword)
    {  
        echo "?????? ??????! <a href='member.php'>???? ??</a> ????? ????? ????? ????????";
        $_SESSION['username']=$username;
        


                            }
                            else
                            {
                                echo "?????? ????? ?? ?????!";
                            }
 
                                        }
                                        else
                                        {
                                              die("?????? ??? ?? ????!");
                                        }


                                                }
                                                 else
                                                                             
                                                 {
                                                       die("????? ????? ?? ????? ??????!");
                                                 }
                                                 
                                                 
                                        
?>


thanks for help

Re: i have a problem with case sensitive, login page.

Posted: Mon Jun 28, 2010 11:55 am
by PaxBritannia
With the Hebrew, I don't really know which is "wrong password" and which is "wrong username" :lol:

What I did find is you used "strtolower" which converts a string to lowercase. And you used it weirdly.

I tried to fix it (my Hebrew skills are non-existent), and here it is:

Code: Select all

<?php

session_start();

$username = $_POST['username'];
$password = $_POST['password'];


$username == strtolower($username); // Why do you need this? This will make it case INSENSITIVE

        if ($username&&$password){
    
                $connect = mysql_connect("localhost","root","") or die("Couldn't connect!");
                mysql_select_db("phplogin") or die("Couldn't find db");  

                $query = mysql_query("SELECT * FROM users WHERE username='$username'");

                $numrows = mysql_num_rows($query);

            if ($numrows!=0){

				while ($row = mysql_fetch_assoc($query)){
					$dbusername = $row['username'];
					$dbpassword = $row['password'];
				} 

						//check to see if they match!
				if ($username==$dbusername&&$password==$dbpassword){  
					echo "You logged in <a href='member.php'>click here</a> to continue.";
					$_SESSION['username']=$username;
				}else{
					echo "You entered an incorrect password";
				}

            }else{
                die("You entered an incorrect username");
            }

		}else{
        die("You did not submit a username/password");
        }
                                                 
                                                 
                                        
?>
By the way, for security reasons, you should not tell the user which one of their user/password combo is incorrect. Only tell them that the combo is incorrect. Also, try to make use of tabbing, it will help you with the debugging and make it easier to read.

Pax.

Re: i have a problem with case sensitive, login page.

Posted: Mon Jun 28, 2010 1:10 pm
by Noctrine
Also, set the cookie by pulling from the database. Don't set it based on the user-input POST data. That way you can avoid issues with variable capitalization in other stuff.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited