1

I am trying to create a login function with php.

Till now this is what I got.

<?php
include("dbconnection.php");
//select a database to work with
$mysqli->select_db("eamunter_opskrift");
Echo ("Selected the eamunter_opskrift database...<BR><BR>");
// get the username and password from the login form
$username=$_POST['username'];
$password=$_POST['password'];

//Protect username and password
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);

$query ="SELECT * FROM brugerregistration WHERE username='$username' and password='$password'";
$result = $mysqli->query($query);
$count=mysqli_num_rows($result);
// If result matched $username and $password, the count of table rows should equal 1
if($count==1){
// Register session variables and redirect the user to "login_success.php" page
session_start();
$_SESSION['username']= $username;
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

I keep getting the same error And I can't figure out what the problem is... My dbconnection.php works everywhere else.

Selected the eamunter_opskrift database...

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: [2002] No such file or directory (trying to connect via unix:///tmp/mysql.sock) in /home/www/.dk/reg/post_login.php on line 13

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: No such file or directory in /home/www/.dk/reg/post_login.php on line 13

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/www/.dk/reg/post_login.php on line 13

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: [2002] No such file or directory (trying to connect via unix:///tmp/mysql.sock) in /home/www/.dk/reg/post_login.php on line 14

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: No such file or directory in /home/www/.dk/reg/post_login.php on line 14

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/www/.dk/reg/post_login.php on line 14

Wrong Username or Password

Can anybody help me???

If important I can upload the form too, but didn't think it mattered.

Improve this question

4 Answers 4

Reset to default
3

Replace mysql_real_escape_string with $mysqli->real_escape_string

(Also, you don't need the stripslashes calls, real_escape_string should do all that for you)

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Cool thanks :-) Do you know why it keeps writing post_login.php?username=user&password=1234&Submit=Login at the end of the link. Not very clever to have the password in the link...
Likely because your <form> action would have been set to GET instead of POST.
In your HTML form, add method="post" so it reads <form method="post". That'll stop that showing up :) x
3

You are mixing up mysql_* and mysqli_* functions.

It should be

$username = $mysqli->real_escape_string($username);
$password = $mysqli->real_escape_string($password);
Improve this answer

1 Comment

Thanks didn't notice. Now I just need to get it to work with the database :-) Only getting Selected the eamunter_opskrift database... Wrong Username or Password now.
1

Try it:

<?php
    include("dbconnection.php");
    //select a database to work with
    $mysqli->select_db("eamunter_opskrift");
    Echo ("Selected the eamunter_opskrift database...<BR><BR>");
    // get the username and password from the login form
    $username=$_POST['username'];
    $password=$_POST['password'];

    //You should use your object and current connection 
    $username = $mysqli->real_escape_string($username);
    $password = $mysqli->real_escape_string($password);

    $query ="SELECT * FROM brugerregistration WHERE username='$username' and password='$password'";
    $result = $mysqli->query($query);
    $count=mysqli_num_rows($result);
    // If result matched $username and $password, the count of table rows should equal 1
    if($count==1){
    // Register session variables and redirect the user to "login_success.php" page
    session_start();
    $_SESSION['username']= $username;
    header("location:login_success.php");
    }
    else {
    echo "Wrong Username or Password";
    }
    ?>
Improve this answer

Comments

1

see the doc of mysql_real_escape_string

replace :

$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);

by :

$username = $mysqli->real_escape_string($username);
$password = $mysqli->real_escape_string($password);
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.