Hi! To follow my precedent problems resolved (http://forums.digitalpoint.com/showthread.php?t=629610) Now I create database and enter the good information. But don't know why I can't login with the good informations. (http://www.plus2visitheures.com/ebooks-shop/admin/login.php) username : admin password : admin I wonder if it's a php problem? can you tell me if there is an error in my script please? login.php is : <? require_once("../conn.php"); if(isset($_POST['s2'])){ $MyUsername1 = strip_tags($_POST['username1']); $MyPassword1 = strip_tags($_POST['password1']); if(empty($MyUsername1) || empty($MyPassword1)){ $MyError = "<font color=red size=1 face=verdana>Both fields are required!</font>"; } elseif(strlen($MyUsername1) < 4){ $MyError = "<font color=red size=1 face=verdana>The username must be between 4 and 20 characters long <br>and consist of only letters and numbers.</font>"; } elseif(strlen($MyPassword1) < 4){ $MyError = "<font color=red size=1 face=verdana>The password must be between 4 and 20 characters long <br>and consist of only letters and numbers.</font>"; } else{ //check the login info if exists $MyPassword5 = md5($MyPassword1); $q1 = "select * from pc_settings where AdminID = '$MyUsername1' and AdminPass = '$MyPassword5' "; $r1 = mysql_query($q1); $a1 = mysql_fetch_array($r1); if($MyUsername1 != $a1['AdminID'] && $MyPassword1 != $a1['AdminPass']){ $MyError = "<font color=red size=1 face=verdana>Incorrect Username or Password.</font>"; } elseif(!$r1){ exit("<center>There seems to a problem with a mysql query!</center>"); } else{ if(mysql_num_rows($r1) == '1'){ //mun = Merchant User Name $_SESSION['mun'] = $MyUsername1; @header("location:settings.php"); exit(); }} }} ?> <html> <head> <title>PayPal eStores - Administration Login</title> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> <style> .font12 {font:normal 12px tahoma} .input {font:normal 12px tahoma} </style> </head> <body bgcolor="#F5F5F5" onload="document.f1.username1.focus()"> <br /><br /><br /> <table align='center' border='0' cellpadding='0' cellspacing='0'><tr> <td> <table class='font12' bgcolor='#FFFFFF' align='center' style='width: 400px; border:#29527B 2px solid' cellpadding='0' cellspacing='0' class='mfont'> <tr><td><img src='img_bin/dlpc_logo_login.gif' border=0></td> <td valign=top align=right> <br><br><i>Authorization Required!</i> </td> </tr> <tr><td colspan='2' style='height: 1px; background-color: #29527B'></td></tr> <tr> <td colspan='2' style='height: 90px; text-align: center'> <form method=post action="login.php" name=f1 style='margin-top: 20px'> <table align='center' style='width: 100%' border='0' cellpadding='3' cellspacing='0' class='font12'> <tr> <td style='text-align: right; width: 30%'>Username:</td> <td style='text-align: left'><input type='text' class='input' name=username1 value=admin maxlength=20 /></td> </tr> <tr> <td style='text-align: right'>Password:</td> <td style='text-align: left'><input type='text' class='input' name=password1 value=admin maxlength=20 /></td> </tr> <tr> <td colspan=2 align=center><?=@$MyError?></td><td align=right><input type='submit' name=s2 value="Login »" /> </td> </tr> </table> </form> </td></tr> <tr><td colspan=2 align=center style='border-top:#29527B 1px solid; padding:5px; font:bold 7pt arial;color:#29527B'>Copyright © 2007 - <a href='http://www.paypalestores.com/' target='_blank'><span style='font:bold 7pt arial;color:#29527B'>PayPal eStores, Ltd.</span></a> - All Rights Reserved</td></tr> </table> </td></tr> </table> </body> </html> PHP: Thank you in advance Lydie
Try resetting the password in your database. Remember to set it to MD5 and enter your password in the edit field. It looks like the code is fine, but on the login page, change the password field to type password and not text so people cannot see what you are typing in (if standing behind your etc)
this line has logical errror if($MyUsername1 != $a1['AdminID'] && $MyPassword1 != $a1['AdminPass']){ It should be compared with $MyPassword5 not $MyPassword1 Regards Alex
Hi kmap! I change && $MyPassword1 by $MyPassword5 and you take a look of the attachement : http://www.plus2visitheures.com/database.JPG
change password in database to: 3d801aa532c1cec3ee82d87a99fdf63f Now login to the adminpanel with password "temp" and change your password there.
When I change the password in database and on the login page. Still return with 'admin' 'admin'. Don't know why it don't want to change my new password? http://www.plus2visitheures.com/database2.JPG http://www.plus2visitheures.com/ebooks-shop/admin/login.php
The code above is simply the md5 hash for "temp". It is applicable to any php script that uses md5 hashes without salts. You can generate the md5 hash for any string here: http://www.miraclesalad.com/webtools/md5.php
Hi, MD5 is typically use for encryption of data re passwords. What I mean was, when you edit your value into PHPMyAdmin, there is a dropdown with field types. Change this to MD5 and you can then type in your plaintext password into the field without having to pass it into a 3rd party site. It will then do the encryption for you. Anyway, glad you got it sorted