c# Login using HttpWebRequest

Question

I am looking to have a program which connects to a webpage that requires a userid and password, I used following code to do so. But somehow it failed

CODE: PHP FILE

login.php

$userid= $_POST['userid'];
$password= $_POST['password'];

if (!$conn) {
    die("Connection failed: " . mysqli_connect_error());
}
if (mysqli_query("SELECT userid,password FROM aster_users WHERE userid = '$userid' AND password = '$password'")) {
    echo "login successfully";
} else {
    echo "Login failed: " . mysqli_error($conn);
}

C# :

 private void btnLogin_Click(object sender, EventArgs e)
        {
  var request = (HttpWebRequest)WebRequest.Create("http://10.0.589.124/login.php");
            request.Method = WebRequestMethods.Http.Post;
            request.ContentType = "application/x-www-form-urlencoded";
            using (var stream = request.GetRequestStream())
            {
                var buffer = Encoding.UTF8.GetBytes("userid= " + txtusername.Text + " & password= " + txtpassword.Text +"");
                stream.Write(buffer, 0, buffer.Length);
            }
            var response = (HttpWebResponse)request.GetResponse();
            string result = String.Empty;
            using (var reader = new StreamReader(response.GetResponseStream()))
            {
                result = reader.ReadToEnd();
            }
            txtmessage.Text = result;
}

What am I doing wrong here? Any help Please, many thanks! :)

Answer 1

Try this :

$userid= $_POST['userid'];
$getpassword= $_POST['password'];

if (!$conn) {
    die("Connection failed: " . mysqli_connect_error());
}

$sql = "SELECT userid,password FROM aster_users WHERE userid = '$userid' AND password = '$getpassword'";
$result = mysqli_query($conn, $sql);
$count=mysqli_num_rows($result);

if($count==1){
    echo "login successfully";
} else {
    echo "Login failed" . mysqli_error($conn);
}