In your registration.php page you have to submit your password in database in encryption.
Follow following steps:
Step 1 : submit your password after applying MD5() function.
(in registration.php)
<?php
$submit = $_POST['submit'];
$username = $_POST['username'];
$password = md5($_POST['password']);
if($submit){
// Your Sql query.....!
}
?>
<form action="registration.php" method="POST">
<tr>
<td>
User Name :
</td>
<td>
<input name="username" type="text"/>
</td>
</tr>
<tr>
<td>
Password :
</td>
<td>
<input name="password" type="password"/>
</td>
</tr>
<tr>
<input type="submit" name="submit"/>
</form>
Step 2 : Now login.php you have compare user password with your database password
(in login.php)
<?php
session_start();
$username = $_POST['username'];
$password = md5($_POST['password']);
if ($username && $password) {
$connect = mysql_connect("localhost", "root", "") or die("Could'n connect");
mysql_select_db("logindb") or die("Could'n connect");
$query = mysql_query("SELECT * FROM login WHERE username = '$username'");
$norows = mysql_num_rows($query);
if ($norows != 0) {
while($row = mysql_fetch_assoc($query)){
$dbuname = $row['username'];
$dbpwd = $row['password'];
}
if($username==$dbuname&&$password==$dbpwd){
echo "Log in - <a href='profile.php'>Profile Page</a> click it";
$_SESSION['username']=$username;
}
else{
echo 'Incorrect Password';
}
}
else{
die("user not exist!");
}
} else {
die("plz enter username and password");
}
?>
No comments:
Post a Comment