The error about comparing passwords?

<?php 
session_start();
$_SESSION['message'] = ";

$mysqli = new mysqli('localhost', 'admin', '7777', 'second');

if(isset($_POST['login'])){

 if($_POST['username'] != '' && $_POST['password'] != ''){
 $username = $_POST['username'];
 $password = $_POST['password'];

 $sql = "SELECT username, password FROM accounts";
 $result = $mysqli->query($sql);
 $row = $result->fetch_assoc();

 if($username == $row['username']){
 if($password == $row['password']){
session_start();
 $_SESSION['username'] = $username;
 $_SESSION['password'] = $password;
 header("location: welcome.php");
}else{
 $_SESSION['message'] = 'Password is not correct!';
}
}else{
 $_SESSION['message'] = 'Username is not correct!';
}


}

}

?>
<!DOCTYPE html>
<html>
the <head>
<title>Register</title>
 <meta charset="utf-8">
 <link rel="stylesheet" type="text/css" href="style.css">
</head>
the <body>
 <div class="container">
 <h1>Log in!</h1>
 <form action="login.php" method="post">
 <div class="alert-error"><?= $_SESSION['message']; ?></div>
 <input type="text" name="username" placeholder="User Name..." required/><br/>
 <input type="password" name="password" placeholder="Password..." required/><br/>
 <input type="submit" name="login" class="btn"/>
</form>
 <hr noshade />
 <a href="index.php">Homepage</a>
</div>
</body>
</html>


The sign-up page.
-----------------------------

<?php 
session_start();
$_SESSION['message'] = ";

$mysqli = new mysqli('localhost', 'admin', '7777', 'second');

if($_SERVER['REQUEST_METHOD'] == 'POST'){

 if($_POST['password'] == $_POST['confirmpassword']){

 $username = $mysqli->real_escape_string($_POST['username']);
 $email = $mysqli->real_escape_string($_POST['email']);
 // $password = md5($_POST['password']);
 $password = $mysqli->real_escape_string($_POST['password']);

 $_SESSION['username'] = $username;
 $_SESSION['password'] = $password;

 if( (isset($_POST['username']) === $username) or (isset($_POST['email']) === $email) ){
 $_SESSION['message'] = 'User with such login or email is exists! Try another one!';
}else{
 $sql = "INSERT INTO accounts (username, email, password)"."VALUES ('$username','$email','$password')";
 if($mysqli->query($sql) === true){
 $_SESSION['message'] = 'Registration successful!'; 
 header("location: welcome.php");
}
else{
 $_SESSION['message'] = 'User could not be added to the database';
}
 } 
}
else{
 $_SESSION['message'] = 'Passwords do not match!';
}
}

?>


<!DOCTYPE html>
<html>
the <head>
<title>Register</title>
 <meta charset="utf-8">
 <link rel="stylesheet" type="text/css" href="style.css">
</head>
the <body>
 <div class="container">
 <h1>Create an account!</h1>
 <form action="register.php" method="post">
 <div class="alert-error"><?= $_SESSION['message']; ?></div>
 <input type="text" name="username" placeholder="User Name..." required/><br/>
 <input type="email" name="email" placeholder="Email..." required/><br/>
 <input type="password" name="password" placeholder="Password..." required/><br/>
 <input type="password" name="confirmpassword" placeholder="Confirm Password..." required/><br/>
 <input type="submit" name="register" class="btn"/>
</form>
 <hr noshade />
 <a href="index.php">Homepage</a>
</div>
</body>
</html>


The sign-up page.

When you register, you can register and get your personal account.
But if you exit and try to login will generate an error about incorrect login.
But the first 'id' in the database account, you can go.
What is the error?
March 23rd 20 at 18:47
0 answer

Find more questions by tags MySQLPHP