Shoutout to the YouTube user "mmtuts" because this is basically a copy from his tutorial (at least I learned something) (https://www.youtube.com/watch?v=LC9GaXkdxF8).
This is my first attempt for a website with a login system.
TL;DR: I ran into the problem where not even the correct passwords work with any user (aparently the user is accepted since I had the error "wronguser" aka user not found in the database but then I found my mistakes).
I am running my database using MySQL and Apache (using XAMPP). I've tried to rewrite all the names on the database and the main PHP index where the website is with the login inputs on a modal.
mysqli_stmt_bind_param($stmt, "ss", $mailuid, $mailuid);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
if ($row = mysqli_fetch_assoc($result)) {
$pwdCheck = password_verify($password, $row['Password']); <!-- CHECKS IF INSERTED PASSWORD = DATABASE PASSWORD FOR INSERTED USER -->
if ($pwdCheck == false) { <!-- IF PASSWORD DOESN'T MATCH WITH DATABASE PASSWORD FOR INSERTED USER THEN GO TO THIS "WRONG PASSWORD" ERROR PAGE (KEEPS GOING TO THIS PAGE) -->
header("Location: ../index.php?error=password_errada1");
exit();
}
else if($pwdCheck == true) { <!-- IF THE PASSWORD IS CORRECT THEN OPEN SESSION FOR THE INSERTED USER -->
session_start();
$_SESSION['userId'] = $row['idAluno'];
$_SESSION['userUid'] = $row['NumeroAluno'];
$_SESSION['userPrimeiroNome'] = $row['PrimeiroNome'];
$_SESSION['userUltimoNome'] = $row['UltimoNome'];
$_SESSION['userAno'] = $row['Ano'];
$_SESSION['userTurma'] = $row['Turma'];
$_SESSION['userRequisitou'] = $row['Requisitou'];
header("Location: ../index.php?login=login_sucesso");
exit();
}
Looked for answers and tried to fix it for at least 1 hour now. Sorry if my post is going against any rules that I might not know about. I am so done because I know stuff like this it's always a dumb mistake.
EDIT 1: I can provide more code if wanted.
$servername = "localhost";
$dBUsername = "root";
$dBPassword = "";
$dBName = "loginsystem";
$conn = mysqli_connect($servername, $dBUsername, $dBPassword, $dBName);
if (!$conn) {
die("Erro de conexão: ".mysqli_connect_error());
}
dbStructure Code:
CREATE TABLE alunos
(
idAluno
int(11) NOT NULL,
NumeroAluno
varchar(7) NOT NULL,
Password
varchar(50) NOT NULL,
Email
varchar(50) NOT NULL,
PrimeiroNome
varchar(25) NOT NULL,
UltimoNome
varchar(25) NOT NULL,
Ano
int(2) NOT NULL,
Turma
varchar(8) NOT NULL,
Requisitou
int(1) NOT NULL DEFAULT '0'
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
</div>