473,396 Members | 2,089 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > mysql database > questions > phpmyadmin database built on my server and i cannot connect wiht my login page

Join Bytes to post your question to a community of 473,396 software developers and data experts.

phpmyadmin database built on my server and i cannot connect wiht my login page

tolkienarda
316 100+
Hi all
I work for a small webdesign company and we have remote hosting. i built a mysql database with phpmyadmin on the server. i then downloaded and modified a php login page. i am continuing to get the ---invalid username or password--- i am not getting the E_USER_ERROR so i don't know if there is a problem with the php, how i set up the database or mabe somthing in between. so everyone knows all of my server interface is GUI. I use a company called Rackspace and software called Plesk. I set the database up on the correct domain and i setup username and passwords for all students and teachers at the school (this is for a private school management online program.)

any how here is the code

i have this setup on the domain where i built the database and here is a link to this page in action.
http://www.wyrchurch.com/RCA/login.php
as you can see the person who wrote this commented it but i changed alot here is a link to where i got the code so you can see the original cause mabe the error is comming from a change i made. now i did go back to the orginial once but it diddn't work.
http://www.tutorialized.com/tutorial/Login-Logout-with-a-Session-in-1-file/20041
Expand|Select|Wrap|Line Numbers
  1. <?
  2. // Use session variable on this page. This function must put on the top of page.
  3. session_start();
  4.  
  5. ////// Logout Section. Delete all session variable.
  6. session_destroy();
  7.  
  8. $message="";
  9.  
  10. ////// Login Section.
  11. $Login=$_POST['Login'];
  12. if($Login){ // If clicked on Login button.
  13. $username=$_POST['username'];
  14. $password=$_POST['password'];
  15.  
  16. // Connect database.
  17. $host="localhost"; // Host name.
  18. $db_user="rcadmin"; // MySQL username.
  19. $db_password="nsds2004"; // MySQL password.
  20. $database="RCA"; // Database name.
  21. $RCA = mysql_pconnect($host, $db_user, $db_password) or trigger_error(mysql_error(),E_USER_ERROR);
  22.  mysql_select_db($database, $RCA);
  23.  
  24. // Check matching of username and password.
  25. $result=mysql_query("SELECT Login, Pass, Accesslvl FROM useraccess WHERE Login='username' AND pass='password'");
  26. if(mysql_num_rows($result)!='0'){ // If match.
  27. session_register("username"); // Craete session username.
  28. header("location:main.php"); // Re-direct to main.php
  29. }else{ // If not match.
  30. $message="--- Incorrect Username or Password ---";
  31. }
  32.  
  33. } // End Login authorize check.
  34. ?>
  35.  
  36. <html xmlns="http://www.w3.org/1999/xhtml">
  37. <head>
  38. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  39. <title>Untitled Document</title>
  40. </head>
  41.  
  42. <body>
  43. <? echo $message; ?>
  44. <form id="form1" name="form1" method="post" action="<? echo $PHP_SELF; ?>">
  45. <table>
  46. <tr>
  47. <td>User : </td>
  48. <td><input name="username" type="text" id="username" /></td>
  49. </tr>
  50. <tr>
  51. <td>Password : </td>
  52. <td><input name="password" type="password" id="password" /></td>
  53. </tr>
  54. </table>
  55. <input name="Login" type="submit" id="Login" value="Login" />
  56. </form>
  57. </body>
  58. </html>
  59.  
Jan 9 '07 #1
4 4054
ronverdonk
4,258 Expert 4TB
The SELECT query is incorrect. You use constants ('username' and 'password')and you must use the variable names in which you have stored the username and the password. I also added the error message display to this statement. SELECT statement must be:[php]$result=mysql_query("SELECT Login, Pass, Accesslvl FROM useraccess WHERE Login='$username' AND pass='$password'")
or die("SELECT error: " . mysql_error());[/php]
Ronald :cool:
Jan 9 '07 #2
tolkienarda
316 100+
Hi thanks
that didn't seem to fix all of the problems. I tried to do some basic injection to bypass the user pass field
Expand|Select|Wrap|Line Numbers
  1.  1'or'1'='1 
and it worked so i now i think that the problem is definatly with my database or the connection. i remember which forum i am in so if the following is out of line please tell me and i will repost in the correct forum.
here are what the useraccess table looks listed below are all of the sql commands for the entire database.
Expand|Select|Wrap|Line Numbers
  1. CREATE TABLE `useraccess` (
  2.   `Login` varchar(4) NOT NULL default '',
  3.   `Accesslvl` int(1) NOT NULL default '0',
  4.   `Pass` varchar(10) NOT NULL default '',
  5.   PRIMARY KEY  (`Login`)
  6. ) ENGINE=MyISAM DEFAULT CHARSET=latin1;
  7.  
  8.  
and the data in it
Expand|Select|Wrap|Line Numbers
  1. INSERT INTO `useraccess` VALUES ('kska', 1, '442677ee0a');
  2. INSERT INTO `useraccess` VALUES ('lska', 1, '6a0b078b24');
  3. INSERT INTO `useraccess` VALUES ('kfar', 1, '2d9a3b9c24');
  4. INSERT INTO `useraccess` VALUES ('boli', 1, '7f3929231d');
  5. INSERT INTO `useraccess` VALUES ('calu', 1, '25bce6805f');
  6. INSERT INTO `useraccess` VALUES ('rrav', 1, '10b354ad0e');
  7. INSERT INTO `useraccess` VALUES ('jwin', 1, '1be083995a');
  8. INSERT INTO `useraccess` VALUES ('dsco', 1, '5ab409f300');
  9. INSERT INTO `useraccess` VALUES ('mshi', 1, '4ab1bfa158');
  10. INSERT INTO `useraccess` VALUES ('smen', 1, '49b042c67f');
  11. INSERT INTO `useraccess` VALUES ('ahai', 1, '496724782b');
  12. INSERT INTO `useraccess` VALUES ('kcho', 1, '2286f34263');
  13. INSERT INTO `useraccess` VALUES ('cbar', 2, '560f954803');
  14. INSERT INTO `useraccess` VALUES ('tblo', 2, '422655e331');
  15. INSERT INTO `useraccess` VALUES ('cste', 2, '66cbb47e22');
  16. INSERT INTO `useraccess` VALUES ('aste', 2, '4d4640b12e');
  17. INSERT INTO `useraccess` VALUES ('nyoh', 2, '74be5b5f63');
  18. INSERT INTO `useraccess` VALUES ('pbur', 2, '712fd7684d');
  19. INSERT INTO `useraccess` VALUES ('pgib', 2, '66acd61906');
  20. INSERT INTO `useraccess` VALUES ('ngib', 2, '5604d7af03');
  21. INSERT INTO `useraccess` VALUES ('egib', 2, '423ee8e130');
  22. INSERT INTO `useraccess` VALUES ('kgro', 2, '66f5799c22');
  23. INSERT INTO `useraccess` VALUES ('dhai', 2, '4d57fc102d');
  24. INSERT INTO `useraccess` VALUES ('thai', 2, '74bc0e6363');
  25. INSERT INTO `useraccess` VALUES ('jorh', 2, '4be463b221');
  26. INSERT INTO `useraccess` VALUES ('joeh', 2, '6ccb3e7f22');
  27. INSERT INTO `useraccess` VALUES ('khen', 2, '0e3763ae08');
  28. INSERT INTO `useraccess` VALUES ('dake', 2, '7139bc404d');
  29. INSERT INTO `useraccess` VALUES ('deke', 2, '66b3616006');
  30. INSERT INTO `useraccess` VALUES ('ckel', 2, '561c5b0f07');
  31. INSERT INTO `useraccess` VALUES (' ilo', 2, '422e22be31');
  32. INSERT INTO `useraccess` VALUES ('glut', 2, '66fb783b22');
  33. INSERT INTO `useraccess` VALUES ('bpea', 2, '4d499d0d2e');
  34. INSERT INTO `useraccess` VALUES ('jpea', 2, '7480a48c63');
  35. INSERT INTO `useraccess` VALUES ('dror', 2, '4bca34b020');
  36. INSERT INTO `useraccess` VALUES ('zrop', 2, '4e715c7948');
  37. INSERT INTO `useraccess` VALUES ('sash', 2, '0e27703f08');
  38. INSERT INTO `useraccess` VALUES ('stsh', 2, '712b9b974d');
  39. INSERT INTO `useraccess` VALUES ('epat', 2, '0123ws');
  40.  
Jan 10 '07 #3
tolkienarda
316 100+
OK i found the problem but i have no idea how to fix it.

when i entered all of my passwords into the mysql data base i used this basic structure
Expand|Select|Wrap|Line Numbers
  1. INSERT INTO `useraccess` ( `Login` , `Accesslvl` , `Pass` )
  2. VALUES (
  3. 'admin', '0', PASSWORD( 'rootpass' )
  4. );
  5.  
thanks
eirc
Jan 10 '07 #4
tolkienarda
316 100+
ok i didn't finish typing that sorry. the problem is that all of the passwords are encrypted and when i compare the passwords entered via the form i get an incorrect password. i had one password in the database that wasn't encrypted and it workded great.

and second. problem i am having is that i am a complete beginer at php and i am trying to save the Accesslvl field from that row to a variable then redirect the browser to either a student or teacher page

thanks eric
Jan 10 '07 #5

Sign in to post your reply or Sign up for a free account.

Similar topics

4
Prob in phpMyAdmin on IIS installation on Windows XP
by: JimC | last post by:
I have PHP installed on a Windows XP platform using IIS as server. When updating a MySQL database field set to MEDIUMTEXT in phpMyAdmin, the transaction seems to fail if the text contains more...
PHP
3
website connection to database time out problem : login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'
by: Maellic | last post by:
Hi, The website I am working on is built with ASP.NET and connects to a SQL Server 2000 database. The web server and database are on the same machine. I have recently tried to modify the timeout...
ASP.NET
7
Database Question
by: News | last post by:
Hello, I have to build a program with the future in mind and I need a bit of guidance from a guru or two. My program will start as a multi-user Windows Application built with VB.Net and using an...
Visual Basic .NET
3
Database connection problems
by: BobLaughland | last post by:
Hi There, I am writing an ASP .NET 2.0 web site. I have a connection string in my web.config file similar to this for connecting to my database, SERVER=125.165.165.116,1092;...
ASP.NET
9
VB.NET - Issues with VB.NET FTP Class to UNIX FTP Server
by: craig.overton | last post by:
All, I am currently developing an FTP class in VB.NET. It's kid tested, mother approved when trying to access an FTP Server on a Windows box meaning I can connect, run commands, upload and...
Visual Basic .NET
3
asp.net 2.0 membership ASPNETDB_TMP.MDF" is on a network path that is not supported for database files
by: jason | last post by:
I've been playing around with new (for 2.0) membershp functionality. I was able to build a simple login form that secures a directory on a project I built locally on my development desktop. ...
ASP.NET
2
VS2005: Cannot run the website from IIS (database problem)
by: TTT | last post by:
Hi, I have developed a website from the model "Starter kits Classified". Well, the application works good, no problem in my development environment. It uses a SqlServer 2005 express database...
ASP.NET
6
Database Owner cannot connect
by: mplpost | last post by:
Our web application requires that when a new Organization is created,a separate Database is to be created for the corresponding organization, so that each organization remains a separate entity...
Microsoft SQL Server
9
PDO: Switch database user without reopening connection
by: Gordon | last post by:
I want to add a feature to a project I'm working on where i have multiple users set up on my Postgres database with varying levels of access. At the bare minimum there will be a login user who...
PHP
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!