created a login registration system and refuses to work

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

I am in the process of creating a user base system for my website. So far it went well and learn some very basic sql along the way. The reason why I created it was so later on in the development, registered users can upload files.

So, I managed to create a login system/registration system using php to link to the all the database info. and create a sql database.
However, I keep getting this message when I want to register as a new user when I press the submit button:
Could not connect: Access denied for user 'hp_*******login'@'192.168.0.***' (using password: YES)

This is what I written in my register.php file:

<?PHP

//Database Information

$dbhost = 'sql*****.******.com';
$dbname = '****';
$dbuser = 'hp_****_login';
$dbpass = '*****';

//Connect to database

mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());


$name = $_POST['name'];
$email = $_POST['email'];
$username = $_POST['username'];
$password = md5($_POST['password']);

// lets check to see if the username already exists

$checkuser = mysql_query("SELECT username FROM users WHERE username='$username'");

$username_exist = mysql_num_rows($checkuser);

if($username_exist > 0){
echo "I'm sorry but the username you specified has already been taken. Please pick another one.";
unset($username);
include 'register.html';
exit();
}

// lf no errors present with the username
// use a query to insert the data into the database.

$query = "INSERT INTO users (name, email, username, password)
VALUES('$name', '$email', '$username', '$password')";
mysql_query($query) or die(mysql_error());
mysql_close();

echo "You have successfully Registered";
?>

I can give the rest of the html files if people want to know how it works?


-Mallet

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

First off i assume you have checked the db username and password spelling and case, also does the db user have the rights to connect to your database? also i noticed that your host isn't local, is remote access enabled for the user

 

thanks ThomasMc
It took my hosting sometime but in the end what they did was assign me the correct info for Database Information and I also told them about enabling remote access enabled for the user. which they didnt have a foggiest idea

And so the database works and sends the user login details via email... cool.
However, that I got users to assign login details how do I take the next step up and assign details on who can upload files onto the website? and also, how do I get a login system to fully function? As I tried setting one up, but it keep showing up as a blank page whenever you press the submit button for the login details.

Its very frustrating as I look it up on google and cant seem to find much info on the login system. and when I do find it, it just doenst work


-Mallet

 

do you have some sort of login.php?

 

yep, I got a login.php file here:

<?php

//Database Information

$dbhost = "*******.*****.com";
$dbname = "hp_*******_login";
$dbuser = "hp_********";
$dbpass = "********";

//Connect to database

mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());

session_start();
$username = $_POST[‘username’];
$password = md5($_POST[‘password’]);

$query = “select * from users where username=’$username’ and password=’$password’”;

$result = mysql_query($query);

if (mysql_num_rows($result) != 1) {
$error = “Bad Login”;
include “login.html”;

} else {
$_SESSION[‘username’] = “$username”;
include “memberspage.php”;
}

?>

the page goes to a blank screen after you press the submit button. doesnt show any errors after that.
Iam not sure if thats suppose to happen :hhhmmm
is there any books recommend in this sort of field that can make me understand it more clearer?


-Mallet

 

It may be a side effect of using something like Word, but the single quotes in your login.php are not consistent.

Sometimes you use ‘’ and some times ’’ It should really be ''.

This may also be an interaction with the Forum. Best to use a plain text editor like Notepad.

Harry.

 

thanks guys. got it working. the quotes were playing havoc. they were pretty much everywhere

I read up about the sql injection hack which Iam abit worried about if I get loads of users to sign up. Theres a function called: "mysql_real_escape_string" and wanted to know where abouts the code goes and when to use it?


-Mallet

 

This page here is pretty explicit on the subject! And includes examples.

Harry.

 

cheers Harry.
Spent the weekend reading about it

This is what I written to get it secured:
// Query
$query = sprintf("SELECT * FROM users WHERE username='%s' AND password='%s'",
mysql_real_escape_string($username),
mysql_real_escape_string($password));

tested using the sql hack and seems to work. however, even before I used the mysql_real_escape_string it still woundt hack into my login system. it looks like its a success...... I think
Thanks again guys.

-Mallet