3
Answers

why the same error: You entered an incorrect password.

Israel

Israel

8y
396
1
Hi!
 
I wrote these codes and everything is fine. But I am still receiveing this error message: You entered an incorrect password. Any help please. 
 
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Project 7-4: Building A Login Form</title>
</head>
<body>
<h2>Project 7-4: Building A Login Form</h2>
<?php
// if form not yet submitted
// display form
if (!isset($_POST['submit'])) {
?>
<form method="post" action="login.php">
Username: <br />
<input type="text" name="username" />
<p>
Password: <br />
<input type="password" name="password" />
<p>
<input type="submit" name="submit" value="Log In" />
</form>
<?php
// if form submitted
// check supplied login credentials
// against database
} else {
$username = $_POST['username'];
$password = $_POST['password'];
// check input
if (empty($username)) {
die('ERROR: Please enter your username');
}
if (empty($password)) {
die('ERROR: Please enter your password');
}
// attempt database connection
try {
$pdo = new PDO('mysql:dbname=addressbook;host=localhost','root', '');
} catch (PDOException $e) {
//Chapter 7: Working with Databases and SQL 243
die("ERROR: Could not connect: " . $e->getMessage());
}
// escape special characters in input
$username = $pdo->quote($username);
// check if usernames exists
$sql = "SELECT COUNT(*) FROM user WHERE username = $username";
if ($result = $pdo->query($sql)) {
$row = $result->fetch();
// if yes, fetch the encrypted password
if ($row[0] == 1) {
$sql = "SELECT password FROM user WHERE username = $username";
// encrypt the password entered into the form
// test it against the encrypted password stored in the database
// if the two match, the password is correct
if ($result = $pdo->query($sql)) {
$row = $result->fetch();
$salt = $row[0];
if (crypt($password, $salt) == $salt) {
echo 'Your login credentials were successfully verified.';
} else {
echo 'You entered an incorrect password.';
}
} else {
echo "ERROR: Could not execute $sql. " . print_r($pdo->errorInfo());
}
} else {
echo 'You entered an incorrect username.';
}
} else {
echo "ERROR: Could not execute $sql. " . print_r($pdo->errorInfo());
}
// close connection
unset($pdo);
}
?>
</body>
Answers (3)