Match Username and Password that is fetched in database - Jquery

Question

I need to match my username and password that is fetch in the database. right now the problem is I cannot match the username and password like the image you see below:

here is my code below:

HTML

    <body>  
          <div class="container box">  
           <div class="form-group">  
            <h3 align="center">Live Username Available or not By using PHP Ajax Jquery</h3><br />  
            <label>Enter Username</label>  
            <input type="text" name="username" id="username" class="form-control" />
            <input type="password" name="password" id="password" class="form-control" />


            <span id="availability"></span>
            <br /><br />
            <button type="button" name="register" class="btn btn-info" id="register" disabled>Register</button>
            <br />
           </div>  
           <br />  
           <br />  
          </div>  
  </body>

jQuery script - this is where the match availability will show after the username and password is match or mismatched

<script>  
 $(document).ready(function(){  
  $('#username, #password').blur(function(){

    var username = $('#username').val();
    var password = $('#password').val();

     $.ajax({
      url:'check.php',
      method:"POST",
      data:{user_name:username, password:password},
      success:function(data)
      {
        console.log(data);
       if(data != '0')
       {
        $('#availability').html('<span class="text-danger">Username and Password not Match</span>');
        $('#register').attr("disabled", true);
       }
       else
       {
        $('#availability').html('<span class="text-success">Username and Password Available</span>');
        $('#register').attr("disabled", false);
       }

      }

     })

  });
 });  
</script>

check.php - database connection and query

  <?php  
    //check.php  
    $connect = mysqli_connect("localhost", "username", "", "dbname"); 
    if(isset($_POST["user_name"], $_POST["password"]))
    {
     $username = mysqli_real_escape_string($connect, $_POST["user_name"]);
     $password = mysqli_real_escape_string($connect, $_POST["password"]);
     $query = "SELECT * FROM admin WHERE username = '".$username."' AND password = '".$password."' ";
     $result = mysqli_query($connect, $query);
     echo mysqli_num_rows($result);
    }
 ?>

You have password as plain text or crypted? If you use any framework your passwords probably will crypted and you must compare hashes instead of plain text password. — daremachine, May 15 '19 at 04:06
@daremachine yes you are correct i dont use crypted or hash on this example. although my database is on hash... is that a problem??? — , May 15 '19 at 04:34
If you see in db in column 'password' #%greg$65 and you try to compare this with plain text posted in post then #%greg$65 is not equal to abc in your code. — daremachine, May 15 '19 at 04:37
@daremachine yep.. the password is hash... how can we solve this problem sir? — , May 15 '19 at 04:38
First you need to know how create that hash. In php you hash your post value and then compare hash == db_hash — daremachine, May 15 '19 at 04:40
@daremachine i used md5 has sir how can i do it ? can u refer to my code please thank you — , May 15 '19 at 04:42
@daremachine , sir i think it will not work, i tried putting a password with no hash.. but it didnt work — , May 15 '19 at 04:46
echo the sql query. You will exactly know, what is happening. — Nit, May 15 '19 at 04:56
@Nit this is the query `0SELECT * FROM admin WHERE username = 'admin' AND password = '202cb962ac59075b964b07152d234b70'` which is correct.. but it says it is not match — , May 15 '19 at 04:59
Which number returns ??? `SELECT * FROM admin WHERE username = 'admin' AND password = '202cb962ac59075b964b07152d234b70'` — daremachine, May 15 '19 at 05:03
can you please tell us what is your data type of password field in Database and are you sure you are using md5 — Nit, May 15 '19 at 05:14
@Nit , yep i am sure i am using `md5` tried it on password and it worked.. but when I add username and password together it is not working — , May 15 '19 at 05:28

PHP Geek · Answer 1 · 2019-05-15T05:13:46.590

0

you can try this:

if(isset($_POST["username"], $_POST["password"])) 
    {     
 $username = $_POST["username"]; 
 $password = $_POST["password"]; 
 $query = mysql_query("SELECT username, password FROM admin WHERE username = '".$username."' AND  password = '".$password."'");
 $result=$connect->query($query);
        if(mysql_num_rows($result) > 0 )
        { 
            $_SESSION["logged_in"] = true; 
            $_SESSION["username"] = $name; 
        }
        else
        {
            echo 'The username or password are incorrect!';
        }
}

edited May 15 '19 at 05:13

answered May 15 '19 at 04:56

PHP Geek

3,949
1
16
32

does not work sir, do you think it is on the script code? – May 15 '19 at 05:05

daremachine · Answer 2 · 2019-05-15T06:26:04.153

-1

FOR MINUS POINTS This is a solution to the problem that the OP also had. Please see main thread comments. Thank you.

Just wrap your POST value into md5 function.

$password = md5(mysqli_real_escape_string($connect, $_POST["password"]));

OR can try use MD5 in database.

$query = "SELECT * FROM admin WHERE username = '".$username."' AND password = MD5('".$password."') ";

Then password hash should be equal to database hash.

edited May 15 '19 at 06:26

answered May 15 '19 at 04:44

daremachine

2,678
2
23
34

i tried it sir but as I also tried inserting password with no hash into my table.. it also didnt work but thumbs up for your idea. – May 15 '19 at 04:48
I updated answer. – daremachine May 15 '19 at 04:57
it still does not work here is the query looks like `0SELECT * FROM admin WHERE username = 'admin' AND password = MD5('202cb962ac59075b964b07152d234b70')` – May 15 '19 at 05:04
or is it in the script code??? do you think the problem is on the script code? – May 15 '19 at 05:05
no you create hash twice.. use first php approach OR second by db query. You create hash from hash now. – daremachine May 15 '19 at 05:06

Alok Mali · Accepted Answer · 2019-05-15T06:09:02.340

-1

I think your condition is wrong in the client end script. If username and password matched then it will return value which is greater than 0 . In that case, your code should be

success:function(data)
  {
    console.log(data);
    if(data == 0)
    {
      $('#availability').html('<span class="text-danger">Username and Password not Match</span>');
      $('#register').attr("disabled", true);
    } 
    else
    {
      $('#availability').html('<span class="text-success">Username and Password Available</span>');
      $('#register').attr("disabled", false);
    }
   }

edited May 15 '19 at 06:09

answered May 15 '19 at 05:59

Alok Mali

2,821
2
16
32

1

i have tried that a while ago.. but IDK why it worked ! thanks man it is amazing – May 15 '19 at 06:09

Match Username and Password that is fetched in database - Jquery

3 Answers3