php - Log in System Where Username and password input are compared to the values saved in database

Question

    <?php
    session_start();
    include("conn.php");
    if(isset($_POST['login'])){
    if($_POST['user']=="admin" and $_POST['pass']=="abc123"){
    $_SESSION['user']=1;
    header("location:login.php");
    exit(); }
    else {
    echo "WRONG USERNAME OR PASSWORD";
    }
    }
    ?>

Please convert it so that the username and password will be compared to the database.. database is dbcom, tbluser with two fields user and pass...

need any reply as soon as possible, running out of time for our project... help is highly appreciated, thanks

Answer 1

このコードを使用してください。

<?php
    session_start();
    include("conn.php");
    $qry=mysql_query("select * from tbluser");
    $credentials=mysql_fetch_array($qry);
    if(isset($_POST['login']))
    {
        if($_POST['user']==$credentials["user"] and $_POST['pass']==$credentials["Pass"])
        {
           $_SESSION['user']=1;
           header("location:login.php");
           exit();
        }
       else 
       {
          echo "WRONG USERNAME OR PASSWORD";
       }
    }
?>

Answer 2

これを好きにしてみてください：

//set vars
$user = $_POST['user'];
$pass = md5($_POST['pass']);

if ($user&&$pass) 
{
//connect to db
$connect = mysql_connect("$server","$username","$password") or die("not connecting");
mysql_select_db("users") or die("no db :'(");
$query = mysql_query("SELECT * FROM $tablename WHERE username='$user'");

$numrows = mysql_num_rows($query);


if ($numrows!=0)
{
//while loop
  while ($row = mysql_fetch_assoc($query))
  {
    $dbusername = $row['username'];
    $dbpassword = $row['password'];
  }
  else
      die("incorrect username/password!");
}
else
  echo "user does not exist!";
} 
else
    die("please enter a username and password!");