Login Does not work even by putting the right password

Question

Login Does not work even by putting the right password

Asked 3 years, 9 months ago

Viewed 49 times

2

The problem in the case is that regardless of whether the password is wrong or right it says the credentials are wrong, and does not log in //php code

   if (isset($_POST['login']))
{
    //variaveis que serão usadas no sistema.
    $username = mysqli_real_escape_string($connect, $_POST["username"]);
    $password = mysqli_real_escape_string($connect, $_POST["password"]);
    //verificação se existe um usuario com este nome no sistema.
    if(empty($username))
    {
        array_push($erros, "O Usuário é necessário!");
    }
    //verificação da senha do usuario escolhido
    if(empty($password)){
        array_push($erros, "Uma senha é necessária");
    }
    if(count($erros) === 0){
        //query SQL que irá ser usada
        $sql = "SELECT * FROM usuario WHERE email=? OR username=? LIMIT 1";
    
        //declaração e preparação da query
        $stmt = $connect->prepare($sql);

        // declaração dos pontos de interrogação da query
        $stmt->bind_param('ss', $username, $username);

        // declaração de execução da query
        $stmt->execute();

        //armazena o resultado da declaração em uma variável
        $result = $stmt->get_result();

        //extração de um usuário do resultado
        $user = $result->fetch_assoc();
        
        //verificação se a senha está certa
        if (password_verify($password, $user['password']))
        {
            $_SESSION['id'] = $user['id'];
            $_SESSION['username'] = $user['username'];
            $_SESSION['email'] = $user['email'];
            $_SESSION['verified'] = $user['verified'];

            $_SESSION['message'] = "Agora você está logado!";
            $_SESSION['alert-class'] = "alert-success";
            header('location: index.php');
            exit();
        } else{
            $erros['login_fail'] = "Credenciais erradas!";
        }
    }
     
        //código do formulário de login

                    <form method="POST" action="login.php" class="box">
                <?php include('erros.php'); ?>
                <h1>login</h1>
                <input type="text" name ="username" value="<?php echo $username ?>" placeholder="LOGIN">

                <input type="password" name ="password" placeholder="SENHA">

                <input type="submit" name="login" value="FAZER LOGIN"> 

                
                <h3><a href="./forgot.php">Esqueceu a Senha</a></h3>
                <h3><a href="./create.php">Criar Conta</a></h3>
            </form>

Hello! Before if (password_verify($password, $user['password'])) check whether $user['password'] has value. Can make a echo or var_dump for example.

– tvdias

2021/01/23 at 10:01
Another important point is to know how the password that is in the database was generated.

– tvdias

2021/01/23 at 11:16
i used echo before "if" and actually matches the password of the database, but for some reason does not enter the login part of the code and enters Else

– Jovane Urashima

2021/01/23 at 21:23
Checks if the password was saved with md5. If so, Voce should convert the password to md5 first.

– Bernardo Lopes

2021/01/23 at 22:22
If the password matches the one in the database (and you were able to verify this) then it’s really wrong.

– tvdias

2021/01/23 at 23:43
i used password_hash()pra fazer a criptografia da senha, e no caso dopassword_verify` it would use the hash and password the user wrote to check, but is not working

– Jovane Urashima

2021/01/24 at 03:33
Tries to update the password in the BD using again the password_hash.

– tvdias

2021/01/25 at 14:41
Show exactly your code where you are encrypting the password please

– Eduardo Pereira

2021/02/02 at 10:32

Show 3 more comments

No answers

Browser other questions tagged php html mysql

You are not signed in. Login or sign up in order to post.