User not found in PHP login with BD

Question

User not found in PHP login with BD

Asked 9 years, 1 month ago

Viewed 312 times

1

I am trying to log into the system using PHP database but even using the correct email and password, it does not connect. I believe you really can’t find the record, since it goes through the query but not the following if.

Follow the Login.class:

<?php
class Login{

    public function logar($email, $senha){
        $buscar=mysql_query("SELECT * FROM usuario WHERE email='$email' AND senha='$senha' LIMIT 1");

        if(mysql_num_rows($buscar) == 1){

            $dados=mysql_fetch_array($buscar);

            $_SESSION["email"]= $dados["email"];
            $_SESSION["senha"]= $dados["senha"];

            setcookie("logado",1);
            $log=1;

        }
            if(isset($log)){

                $flash="Logado com sucesso";

            }else{

                if(empty($flash)){
                $flash= "Digite seu e-mail e sua senha corretamente!"; //Se peço para retornar o $email ele retorna.

                }
            }
            echo $flash;

    }

} ?>

And the login.php

<?php
    if($startaction == 1 && $acao == "logar"){

    //Dados
    $email= ($_POST["email"]);
    $senha= sha1($_POST["senha"]); //$senha=addslashes(sha1($_POST["senha"]."ProjetoY"));


    if(empty($email) || empty($senha)){
        $msg="Preencha todos os campos!";

    }else{
        if(!filter_var($email,FILTER_VALIDATE_EMAIL)){
            $msg="Digite seu e-mail corretamente!";

        }else{
            //Executa a busca pelo usuario
            $login=new Login;
            echo "<div class=\"flash\">";
            $login=$login->logar($email, $senha); 
            echo"</div>";

        }
    }} ?>

2

And what can we do to help you, other than warn you that your code is vulnerable to attack?

– Maniero

2015/09/24 at 23:11
2

Makes it vulnerable!!!

– Rodrigo Gomes

2015/09/24 at 23:13
I know about vulnerabilities and I even have ideas to make a better security, but at first it’s just to show a login system. rs

– Yaazif

2015/09/24 at 23:38
where is your connection to the bank?!

– Mastria

2015/09/24 at 23:45
Dude this is college work, these days a guy came up with difficulty with that same code! hahaha

– Rogers Corrêa

2017/02/19 at 05:55
Look what they are teaching in the faculties. It must be Systems Technology :P

– Rogers Corrêa

2017/02/19 at 05:55
Password is not encrypted in the bank?

– Diego Vieira

2018/01/20 at 16:56

Show 2 more comments

1 answer

Browser other questions tagged php mysql query login

You are not signed in. Login or sign up in order to post.

by Mastria • **1,133** points · Answer 1 · 2015-09-25T00:03:59+00:00

Its class, read and improved, there are several ways to improve security, but as the subject is not that:

<?php
    class Login {

        private $conexao;

        public function __construct() {
            $this->conexao = mysql_connect('localhost', 'root', '') or die("Erro na conexão!");
            mysql_select_db('banco', $this->conexao);
        }

        public function logar($email, $senha) {
            $buscar = mysql_query("SELECT * FROM usuario WHERE email= '".addslashes(trim($email))."' AND senha= '".addslashes(trim($senha))."' LIMIT 1", $this->conexao);

                if(mysql_num_rows($buscar ) == 1) {
                    $dados = mysql_fetch_array($buscar);
                    $_SESSION["email"]= $dados["email"];
                    $_SESSION["senha"]= $dados["senha"]; // qual a necessidade de guardar a senha em sessao???

                    setcookie("logado",1);
                    $log=1;
                }

                if(isset($log)) {
                    $flash = "Logado com sucesso";
                } else { 
                    if(empty($flash)) {
                        $flash= "Digite seu e-mail e sua senha corretamente!"; //Se peço para retornar o $email ele retorna.
                    }
                }
                echo $flash;
        }
    }
?>