CODEWITHSUNDEEP
phpauthentication
user2488773
user2488773

Reputation: 1

Says that password is incorrect, but it's correct

I have problem. I've created a system, that I can login with lowercase and capital letters in nickname that exists in mySQL, but if I try to login with lowercase or capital letters it says, that my password is incorrect, but when I try to login with right nickname it logs in, so where is the problem?

Here is my code:

if(isset($_POST['jungtis'])) {

    if($_POST['login_slapyvardis'] != "" && $_POST['login_slaptazodis'] != "") {

        $login_slapyvardis = mysql_real_escape_string($_POST['login_slapyvardis']);
        $login_slaptazodis = mysql_real_escape_string($_POST['login_slaptazodis']);
        $apsaugotaslogin_slaptazodis = md5($login_slaptazodis);

        if($login_sumazintas == $mysqlskc['name']) {

        $mysql = mysql_query("SELECT * FROM ucp_users WHERE name='$login_slapyvardis'") or die(mysql_error());
        $mysqlskc = mysql_fetch_assoc(mysql_query("SELECT * FROM ucp_users WHERE name=LOWER('$login_slapyvardis')"));
        $login_sumazintas = strtolower($login_slapyvardis);

            $mysqli = mysql_fetch_assoc($mysql);

            if($mysqli['password'] == $apsaugotaslogin_slaptazodis) {

                $_SESSION['Logged'] = $mysqli['id'];
                $ip = $_SERVER['REMOTE_ADDR'];
                mysql_query("UPDATE ucp_users SET lastip = '$ip' WHERE id = '$mysqli[id]'");
                header('Location: /home');

Note: I know it is better that I need to use PDO or mysqli, but I am using mysql_ only for now.

Upvotes: 0

Views: 163

Answers (1)

DevZer0
DevZer0

Reputation: 13525

you need to fix your query.

$mysqlskc = mysql_fetch_assoc(mysql_query("SELECT * FROM ucp_users WHERE LOWER(name)=LOWER('$login_slapyvardis')"));

Upvotes: 1

Related Questions