javascript - How to get the value of mysql.user password -

-

when log in using mysql.user can't log on if user has password. if logged on using user password page can't logged on other php.

the user inputted on log in use on connection database.

 <?php session_start(); ?>    <!doctype html>  <html>  <head>  <title>log in</title>  <meta charset="utf-8" />  <link rel="stylesheet" type="text/css" href="css/reset.css">  <link rel="stylesheet" type="text/css" href="css/structure.css">   <?php include('connection.php'); ?>   </head>   <body>  <form class="box login" method="post">     <fieldset class="boxbody">       <label>username</label>       <input type="text" tabindex="1" placeholder="username" required  name="username" id="username">       <label><label class="rlink" tabindex="5">optional</label>password</label>       <input type="password" tabindex="2" placeholder="password" name="password" id="password" >     </fieldset>     <footer>       <input type="submit" class="btnlogin" value="login" tabindex="4" name="sent">     </footer> </form>   <?php    if (isset($_post['sent'])) {     $servername = "localhost";     $username = ($_post['username']);     $password = ($_post['password']);     $message="";      // create connection     $result = $conn->query("select user mysql.user user='$username' , password='$password'");     if ($result->num_rows > 0) {                           $_session["uname"] = "$username";       $_session["pass"] = "$password";       echo '<script type="text/javascript">alert(<?php echo "success!";?>)</script>';       header("location: main.php");   } else {         $message = "successfuly entered! hi! $username";         echo '<script type="text/javascript">alert(<?php echo "$message";?>)</script>';      } }              // check connection  ?>   </body>  </html>

you'd better check database errors might happen here

$conn->query("select user mysql.user user='$username' , password='$password'");

check if query executes first. better use one

"select * mysql.user user= ?"

after checking row count. can hash current password user's salt check if equal.

for more security use prepared statements.and check if $_post['username'] , $_post['password'] set (even if input fields "required")

and echoing errors can have paragraph error id

<p id="error"></p>

and echo one

    '<script> document.getelementbyid("error").innerhtml = "'.$error.'" </script>'

my first answer sorry bad english.


Comments

Post a Comment

Popular posts from this blog

Spring Boot + JPA + Hibernate: Unable to locate persister -

-
i trying work entity inside request method of spring boot application. entity in project , pom.xml has dependencies it. why error message?: org.hibernate.unknownentitytypeexception: unable locate persister: com.ric.bill.model.bs.par package com.ric.web; import java.util.concurrent.atomic.atomiclong; import javax.persistence.entitymanager; import javax.persistence.persistencecontext; import net.sf.ehcache.cachemanager; import net.sf.ehcache.management.cache; import net.sf.ehcache.management.cachestatistics; import org.hibernate.stat.statistics; import org.springframework.beans.factory.annotation.autowired; import org.springframework.boot.autoconfigure.domain.entityscan; import org.springframework.cache.annotation.enablecaching; import org.springframework.transaction.annotation.enabletransactionmanagement; import org.springframework.transaction.annotation.propagation; import org.springframework.transaction.annotation.transactional; import org.springframework.web.bind.annotati
Read more

go - Golang: panic: runtime error: invalid memory address or nil pointer dereference using bufio.Scanner -

-
i implementing go program uses bufio.scanner , bufio.writer have packaged code follows package main import ( "fmt" "player/command" "strings" ) func main() { //enter code here. read input stdin. print output stdout commands.scanner.scan() { //scan new line , send comand variable check command exist or not input := strings.split(strings.trim(commands.scanner.text(), " "), " ") command := input[0] if command == "" { fmt.printf("$ %s:", commands.pwd) continue } if !commands.commands[command] { commands.throwerror("cannot recognize input.") } else { commands.execute(command, input[1:], nil) } fmt.printf("$ %s:", commands.pwd) } } i using init.go file in main package follows package main import ( "flag" "player/sourc
Read more

c - double free or corruption (fasttop) -

-
this code reads null terminated string file (file containing null terminated strings & should provide index wanted string). error: *** error in `./main': double free or corruption (fasttop): 0x090a4a80 *** aborted code: char *tmp_realloc=null; char *sstring=null; int i=1; /*set file pointer point string*/ fseek(fh,index,seek_set); sstring=(char*)malloc(sizeof(char)); if(sstring == null) return null; tmp_realloc=sstring; while( (*(sstring+i-1)=(char)fgetc((file*)fh)) != 0x0 ) { /*reallocate more memory*/ tmp_realloc=(char*)realloc((char*)sstring,++i); /*if not same address copy old new & set old point new*/ if(tmp_realloc != sstring){ strcpy((char*)tmp_realloc,(char*)sstring); free(sstring); sstring=tmp_realloc; } } could tell me pointer causing issue (& reason) ? remove part /*if not same address copy old new & set old point new*/ if(tmp_realloc != sstring){ strc
Read more