I have a problem logging into a domain admin panel that is connected to my app.
I get wrong username and password, even though I have copying the username and password from tbl_admin
from phpmyadmin.
this is from my phpmyadmin SQL Structure.
CREATE TABLE `tbl_admin` (
`id` int(11) NOT NULL,
`full_name` varchar(255) NOT NULL,
`username` varchar(100) NOT NULL,
`password` varchar(100) NOT NULL,
`email` varchar(200) NOT NULL,
`phone` varchar(255) NOT NULL,
`image` varchar(255) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
/////////////////////code below is my function.php from filemanager////////////////////////////////////
#Admin Login
function adminUser($username, $password)
{
global $mysqli;
$sql = "SELECT id,username FROM tbl_admin where username = '".$username."' and password = '".md5($password)."'";
$result = mysqli_query($mysqli,$sql);
$num_rows = mysqli_num_rows($result);
if ($num_rows > 0)
{
while ($row = mysqli_fetch_array($result))
{
echo $_SESSION['ADMIN_ID'] = $row['id'];
echo $_SESSION['ADMIN_USERNAME'] = $row['username'];
return true;
}
}
}
At your query
$sql = "SELECT id,username FROM tbl_admin where username = '".$username."' and password = '".md5($password)."'";
you compares your password to password coded to md5 at database row. If you try to copy a password directly from table tbl_admin remove md5 command at you query
$sql = "SELECT id,username FROM tbl_admin where username = '".$username."' and password = '".$password."' LIMIT 1;" ;
Then you can copy a password from your tbl_admin. If you want to keep md5 command at you query you have to know a password before coding to md5 string.
LIMIT 1
is for faster mysql preformance
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.