help with basic login/create account pages

[mpsn]

Hi, I don't know why it outputs" You are now registered BUT the user name and password don't show up in the database! I want to encrypt the passwords so maybe that is problem, I don't know, please read scripts below.

 

here is register.php:

==============

<html>
<head></head>
<body>
<form method="post" action="" >
	<p>Create a username
		<input type="text" name="newUsername"/>
	</p>
	<p>Create a password
		<input type="password" name= "newPassword" />
	</p>
	<p>
		<input type="submit" value="Make account now" name="makeAccountSubmit" />
	</p>
</form>

<?php

if(array_key_exists("makeAccountSubmit",$_POST) && !empty($_POST["newUsername"]) && !empty($_POST["newPassword"]) ) {

//IF username doesn't exist, then store new user login info to db dummydpevx
mysql_connect("localhost","root");
mysql_select_db("someDB");
$newUserName=$_POST["newUsername"];
$newPassword=crypt($_POST["newPassword"]);

$usernameQuery=mysql_query("SELECT userName FROM users WHERE userName='$newUserName'");
if(mysql_num_rows($usernameQuery)==0) {
	$makeNewAccountQuery=mysql_query("INSERT INTO users userName,userPassword VALUES('$newUserName','$newPassword')");
	print "You are now registered, <a href='login.php'>proceed to login</a>";
}
if(mysql_num_rows($usernameQuery)==1)
	print "Username taken. Please make another one. <br />";
}

 

here is login.php:

============

<html>
<head></head>
<body>
	<form method="post" action="">
		<label>Username:</label>
		<input type="text" name="username" />
		<br />
		<label>Password:</label>
		<input type="password" name="password" />
		<p>
			<input type="submit" value="Login" name="Login" />
			<input type="reset" value="Reset" name="Reset" />
		</p>

	</form>
<?php
if(array_key_exists("Login",$_POST) && !empty($_POST["username"]) && !empty($_POST["password"])) {
	$attemptedUsername=$_POST["username"];
	$attemptedPassword=$_POST["password"];

	mysql_connect("localhost","root");
	mysql_select_db("someDB");

	$getLoginInfoQuery=mysql_query("SELECT userName,userPassword FROM users WHERE userName=$attemptedUsername AND userPassword=$attemptedPassword");
	$getLoginInfo=mysql_fetch_assoc($getLoginInfoQuery);
	$getUsername=$getLoginInfo["userName"];
	$getPassword=crypt($getLoginInfo["userPassword"]);

	if(crypt($attemptedPassword,$getPassword)==$getPassword) {
		session_start();//NB: Start session BEFORE doing any session stuff!
		$_SESSION["isAuthenticated"]="userAuthenticated";
		header("Location: xmlShredderIndex.php");
		exit;
	}
	else
		print "Please register!";
}

 

Also, if any has time, please see my other post, it is straightforward instructions to see if you get same error as me, thanks.

http://www.phpfreaks.com/forums/index.php?topic=347639.msg1640652#msg1640652

 

Any help much appreciated!

[MasterACE14]

I suspect it doesn't like your query, try this:

$makeNewAccountQuery=mysql_query("INSERT INTO users (`userName`,`userPassword`) VALUES('$newUserName','$newPassword')") or die("Really? an error? ".mysql_error());

[trq]

You print your success message without actually checking first to see that your query succeeds. Obviously it fails.

[mpsn]

Hi, MasterAce, yes, it was the parenthesis that mysql was nitpicky about so now my register page works, and it ouputs the link Click here to login (login.php), BUT now on the login.php, I type in username userA, and password userA (I checked db and password was encrypted), it says" Please register!"

 

Hi, thorpe, what do you mean output message comes first!

 

Again, I hope any experts can help a fellow out and take a look at my other post (it is fairly three line script; I don't like to have to repost it otherwise I get warning...)

^{Edit by thorpe: Don't spam one thread with another either or the same will apply}

 

Any help much appreciated!

[mpsn]

Please help me, why doesn't it store to db if it outputs: "You are now registered!"

 

Any help much appreciated!

[trq]

Post your current code.