Erro when i try to connect mysql database to corona

Hi im trying to do the Rob’s Miracle tuto, but have a little problem when i try to connect mysql with php,

what that error means?

RESPONSE: <“result”:403,“message”:“Forbidden”>

im using hostinger this is my code

loginScreen.lua 

local mime = require("mime") local json = require("json") local widget = require("widget") local font = system.nativeFont local userid = nil local password = nil local URL = nil local background = display.newRect(0,0,\_W,\_H) background:setFillColor(100,100,100); local loginScreen = display.newGroup() loginScreen:insert(background) local labelHeadline = display.newText(loginScreen, " Member Login",0,0,font,34) labelHeadline:setReferencePoint(display.CenterLeftReferencePoint) labelHeadline.x = \_W \* 0.5 - 140 labelHeadline.y = 70 loginScreen:insert(labelHeadline) local labelUsername = display.newText(loginScreen,"Username", 0,0,font, 18) labelUsername:setReferencePoint(display.CenterLeftReferencePoint) labelUsername.x = \_W \* 0.5 - 128 labelUsername.y = 120 loginScreen:insert(labelUsername) local labelPassword = display.newText(loginScreen,"Password", 0,0,font,18) labelPassword:setReferencePoint(display.CenterLeftReferencePoint) labelPassword.x = \_W \* 0.5 -128 labelPassword.y = 185 loginScreen:insert(labelPassword) local labelReturnStatus = display.newText(loginScreen,"", 0,0,font,14) labelReturnStatus:setReferencePoint(display.CenterLeftReferencePoint) --labelReturnStatus:setTextColor(180, 180, 180) labelReturnStatus.x = \_W \* 0.5 - 5 labelReturnStatus.y = 310 loginScreen:insert(labelReturnStatus) local frmUsername = native.newTextField(0, 0, \_W\*0.8, 30) frmUsername.inputType = "default" frmUsername.font = native.newFont(font, 18) frmUsername.hasBackground = true frmUsername.isEditable = true frmUsername.align = "left" frmUsername:setReferencePoint(display.TopCenterReferencePoint) frmUsername.x = \_W \* 0.5 frmUsername.y = 135 frmUsername.text = '' loginScreen:insert(frmUsername) function frmUsername:userInput(event)   if(event.phase == "began") then   print("Began frmUsername"..' '.. event.target.text)   event.target.text = '' elseif(event.phase == "editing") then   print("Editing frmUsername" ..' '.. event.target.text)   elseif(event.phase == "ended") then   print("Ended frmUsername" ..' '.. event.target.text)   elseif(event.phase == "submitted") then      native.setKeyboardFocus(frmUsername)   print("Submitted frmUsername"..' '.. event.target.text)   end   end   frmUsername:addEventListener("userInput",frmUsername)      local frmPassword = native.newTextField(0, 0, \_W\*0.8, 30) frmPassword.inputType = "default" frmPassword.font = native.newFont(font, 18) frmPassword.hasBackground = true frmPassword.isEditable = true frmPassword.align = "left" frmPassword:setReferencePoint(display.TopCenterReferencePoint) frmPassword.x = \_W \* 0.5 frmPassword.y = 200 frmPassword.text = '' loginScreen:insert(frmPassword) function frmPassword:userInput(event)   if(event.phase == "began") then   print("Began Password"..' '.. event.target.text)   event.target.text = '' elseif(event.phase == "editing") then   print("Editing Password"..' '.. event.target.text)   elseif(event.phase == "ended") then   print("Ended Password"..' '.. event.target.text)   elseif(event.phase == "submitted") then   print("Submitted Password"..' '.. event.target.text)   end   end   frmPassword:addEventListener("userInput",frmPassword)      local function loginCallback(event)      if(event.isError) then    print("Network Error!");   else         print("RESPONSE: " .. event.response) local data = json.decode(event.response) if data.result == 200 then   print("lo hizo")   print("Welcome back", data.firstname:gsub("^%1", string.upper))   labelReturnStatus.text = "Welcome back"..data.firstname:gsub("^%1", string.upper)    else    print("Please try again") labelReturnStatus.text = "Please try again" end     end return true; end function background:tap(event)    native.setKeyboardFocus(nil) end background:addEventListener("tap",background) local function btnOnPressHandler(event)   local userid = frmUsername.text   local password = frmPassword.text      print(userid)   print(password)      if(userid == '' or password == '') then     labelReturnStatus.text = 'A username or password is required.' return end local URL = "http://mantixd.hol.es/json.php?userid=".. mime.b64(userid) .."&password=".. mime.b64(password); print(URL) network.request(URL, "GET", loginCallback) end local function btnOnDragHandler(event) end local function btnOnReleaseHandler(event) end local btn = widget.newButton({ id = "Login Button", lefit = 30, top = 250, label = "Login", width = 256, height = 36, font = font, fontsize = 18, labelColor = {   default = {0,0,0},   over = {255,255,255} }, defaultColor = {201,107,61}, overColor = {219,146,85}, onPress = btnOnPressHandler, onDrag = btnOnDragHandler, onRelease = btnOnReleaseHandler })   loginScreen:insert(btn)

json.php

\<?php define("DB\_DSN",'u280708021\_test'); define("DB\_HOST",'mysql.hostinger.es'); define("DB\_USER",'u280708021\_manti'); define("DB\_PASS",'\*\*\*\*'); // Connecting, selecting database $link = mysql\_connect(DB\_HOST, DB\_USER, DB\_PASS) or die('Could not connect: ' . mysql\_error()); mysql\_select\_db(DB\_DSN) or die('Could not select database'); if(isset($\_GET)) { $userid = base64\_decode($\_GET["userid"]); $password = base64\_decode($\_GET["password"]); $query = 'SELECT \* FROM players WHERE userid="' . mysql\_real\_escape\_string($userid) . '"' ; $dbresult = mysql\_query($query, $link); if (!$dbresult) { //echo "query failed"; $result = array(); $result["result"] = 403; $result["message"] = mysql\_error(); echo json\_encode($result); mysql\_free\_result($dbresult); exit; } $player = mysql\_fetch\_array($dbresult, MYSQL\_ASSOC); if (strcmp($player["password"],md5($password)) == 0) { $result = array(); $result["result"] = 200; $result["message"] = "Success"; $result["userid"] = $player["userid"]; $result["firstname"] = $player["firstname"]; $result["lastname"] = $player["lastname"]; $query = sprintf("UPDATE players SET lastname='padilla' WHERE id=%s;", $player["id"]); $uresult = mysql\_query($query, $link); if ($uresult) { //code if your update failed. Doesn't really impact what we are doing. so do nothing. } echo json\_encode($result); } else { //echo "password mismatch"; $result = array(); $result["result"] = 403; $result["message"] = "Forbidden"; echo json\_encode($result); } } else { $result = array(); $result["result"] = 400; $result["message"] = "Bad Request"; echo json\_encode($result); } exit; ?\>

somebody can help me please?

Thank you 

Because your code is not indented properly, I can’t tell what “else” block that forbidden belongs to, but I suspect it’s a username/password mismatch.  Make sure you’re credentials are being handled correctly.

Rob

Hello Rob thank you for helping me i don’t understand what you mean, can you give me an example of what you mean?

thank u

It’s really simple.  Most modern languages like Lua and PHP are built on “blocks”  like a function that has a beginning and and end.  There are if - then - else statements that have code inside the blocks defined by the if-then-else code.  You can have function inside if’s if’s inside if’s and so on.  It is the industry standard to indent the code inside a block so you can easily see where each block begins and ends.   For instance in lua:

if a == 10 then     print(a) end

See how the print statement is shifted (Indented) to the right by 4 spaces?  This lets you see that the end goes with the if and the print is what’s contained with in.   The code you posted is PHP which uses curly braces to mark the beginning and end of each block.  That code has a series of nested if statements (if statements inside of other if statements).  It’s critical for your sanity and to get people to help you that you indent your code correctly.

if(isset($\_GET)) { $userid = base64\_decode($\_GET["userid"]); $password = base64\_decode($\_GET["password"]); $query = 'SELECT \* FROM players WHERE userid="' . mysql\_real\_escape\_string($userid) . '"' ; $dbresult = mysql\_query($query, $link); if (!$dbresult) { //echo "query failed"; $result = array(); $result["result"] = 403; $result["message"] = mysql\_error(); echo json\_encode($result); mysql\_free\_result($dbresult); exit; } $player = mysql\_fetch\_array($dbresult, MYSQL\_ASSOC); if (strcmp($player["password"],md5($password)) == 0) { $result = array(); $result["result"] = 200; $result["message"] = "Success"; $result["userid"] = $player["userid"]; $result["firstname"] = $player["firstname"]; $result["lastname"] = $player["lastname"]; $query = sprintf("UPDATE players SET lastname='padilla' WHERE id=%s;", $player["id"]); $uresult = mysql\_query($query, $link); if ($uresult) { //code if your update failed. Doesn't really impact what we are doing. so do nothing. } echo json\_encode($result); } else { //echo "password mismatch"; $result = array(); $result["result"] = 403; $result["message"] = "Forbidden"; echo json\_encode($result); } } else { $result = array(); $result["result"] = 400; $result["message"] = "Bad Request"; echo json\_encode($result); }

i just check your page : http://omnigeek.robmiracle.com/2012/04/15/using-corona-sdk-with-rest-api-services/

i copy the php code and adapt it to my code but i still having the same error

\<?php define("DB\_DSN",'infinityspace'); define("DB\_HOST",'localhost'); define("DB\_USER",'root'); define("DB\_PASS",'\*\*\*\*'); $link = mysql\_connect(DB\_HOST, DB\_USER, DB\_PASS) or die('Could not connect: ' . mysql\_error()); mysql\_select\_db(DB\_DSN) or die('Could not select database'); if(isset($\_GET)) { $userid = base64\_decode($\_GET["userid"]); $password = base64\_decode($\_GET["password"]); $query = 'SELECT \* FROM players WHERE userid="' . mysql\_real\_escape\_string($userid) . '"'; $dbresult = mysql\_query($query, $link); if (!$dbresult) { $result = array(); $result["result"] = 403; $result["message"] = mysql\_error(); echo json\_encode($result); mysql\_free\_result($dbresult); exit; } $player = mysql\_fetch\_array($dbresult, MYSQL\_ASSOC); if (strcmp($player["password"],md5($password)) == 0) { $result = array(); $result["result"] = 200; $result["message"] = "Success"; $result["userid"] = $player["userid"]; $result["firstname"] = $player["firstname"]; $result["lastname"] = $player["lastname"]; $query = sprintf("UPDATE players SET lastlogin=NOW() WHERE id=%s;", $player["id"]); $uresult = mysql\_query($query, $link); if ($uresult){ //code if your update failed. Doesn't really impact what we are doing. so do nothing. } echo json\_encode($result); } else { $result = array(); $result["result"] = 403; $result["message"] = "Forbidden"; echo json\_encode($result); } } else { $result = array(); $result["result"] = 400; $result["message"] = "Bad Request"; echo json\_encode($result); } exit; ?\>

i hope you can help me i don’t know what is wrong

Looks like the forums are not handling PHP code very well.

Basically the error says that your password doesn’t match what’s in the database.

This system takes your password then base64 encodes it so it’s not obvious when transmitting it.  Your PHP script then base64 decodes it back to clear text.  It then creates an MD5 hash of the password, a one way encryption.  It reads the password from the database which should already be MD5 encoded and compares the two.  If they don’t match, you will get the 403 error.

I can’t see what’s in your database.  I can’t see how you’re encoding your password from your App.

You can also get the 403 error if the userid isn’t in the database.

This is my database im using phpmyadmin on XAMPP server using localhost

and my code on the application is this:

local mime = require("mime") local json = require("json") local widget = require("widget") local font = "HelveticaNeue" or system.nativeFont local userid = nil local password = nil local URL = nil local background = display.newRect(0,0,\_W,\_H) background:setFillColor(100,100,100); local loginScreen = display.newGroup() loginScreen:insert(background) local labelHeadline = display.newText(loginScreen, " Member Login",0,0,font,34) labelHeadline:setReferencePoint(display.CenterLeftReferencePoint) labelHeadline.x = \_W \* 0.5 - 140 labelHeadline.y = 70 loginScreen:insert(labelHeadline) local labelUsername = display.newText(loginScreen,"Username", 0,0,font, 18) labelUsername:setReferencePoint(display.CenterLeftReferencePoint) labelUsername.x = \_W \* 0.5 - 128 labelUsername.y = 120 loginScreen:insert(labelUsername) local labelPassword = display.newText(loginScreen,"Password", 0,0,font,18) labelPassword:setReferencePoint(display.CenterLeftReferencePoint) labelPassword.x = \_W \* 0.5 -128 labelPassword.y = 185 loginScreen:insert(labelPassword) local labelReturnStatus = display.newText(loginScreen,"", 0,0,font,14) labelReturnStatus:setReferencePoint(display.CenterLeftReferencePoint) labelReturnStatus:setFillColor(180, 180, 180) labelReturnStatus.x = \_W \* 0.5 - 5 labelReturnStatus.y = 310 loginScreen:insert(labelReturnStatus) local frmUsername = native.newTextField(0, 0, \_W\*0.8, 30) frmUsername.inputType = "default" frmUsername.font = native.newFont(font, 18) frmUsername.hasBackground = true frmUsername.isEditable = true frmUsername.align = "left" frmUsername:setReferencePoint(display.TopCenterReferencePoint) frmUsername.x = \_W \* 0.5 frmUsername.y = 135 loginScreen:insert(frmUsername) function frmUsername:userInput(event) if(event.phase == "began") then print("Began frmUsername"..' '.. event.target.text) event.target.text = '' elseif(event.phase == "editing") then print("Editing frmUsername" ..' '.. event.target.text) elseif(event.phase == "ended") then print("Ended frmUsername" ..' '.. event.target.text) elseif(event.phase == "submitted") then native.setKeyboardFocus(frmUsername) print("Submitted frmUsername"..' '.. event.target.text) end end frmUsername:addEventListener("userInput",frmUsername) local frmPassword = native.newTextField(0, 0, \_W\*0.8, 30) frmPassword.inputType = "default" frmPassword.font = native.newFont(font, 18) frmPassword.hasBackground = true frmPassword.isEditable = true frmPassword.align = "left" frmPassword:setReferencePoint(display.TopCenterReferencePoint) frmPassword.x = \_W \* 0.5 frmPassword.y = 200 loginScreen:insert(frmPassword) function frmPassword:userInput(event) if(event.phase == "began") then print("Began Password"..' '.. event.target.text) event.target.text = '' elseif(event.phase == "editing") then print("Editing Password"..' '.. event.target.text) elseif(event.phase == "ended") then print("Ended Password"..' '.. event.target.text) elseif(event.phase == "submitted") then print("Submitted Password"..' '.. event.target.text) end end frmPassword:addEventListener("userInput",frmPassword) local function loginCallback(event) -- perform basic error handling if ( event.isError ) then print( "Network error!") else -- return a response code print ( "RESPONSE: " .. event.response ) local data = json.decode(event.response) -- display a result to the user if data.result == 200 then -- player logged in okay, display welcome message print("Welcome back",data.firstname:gsub("^%l", string.upper)) else -- bad password, or player not found. Prompt user to login again print("Please try again") end end return true end function background:tap(event) native.setKeyboardFocus(nil) end background:addEventListener("tap",background) local function btnOnPressHandler(event) local userid = frmUsername.text local password = frmPassword.text print(userid) print(password) if(userid == '' or password == '') then labelReturnStatus.text = 'A username or password is required.' return end local URL = "http://127.0.0.1/json.php?userid=".. mime.b64(userid) .."&password=".. mime.b64(password) print(URL) network.request(URL, "GET", loginCallback) end local function btnOnDragHandler(event) end local function btnOnReleaseHandler(event) end local btn = widget.newButton({ id = "Login Button", lefit = 30, top = 250, label = "Login", width = 256, height = 36, font = font, fontsize = 18, labelColor = { default = {0,0,0}, over = {255,255,255} }, defaultColor = {201,107,61}, overColor = {219,146,85}, onPress = btnOnPressHandler, onDrag = btnOnDragHandler, onRelease = btnOnReleaseHandler }) loginScreen:insert(btn)

Thank you Rob

You should still use some print and echo statements and print out the values used in the if statements and see what values you are checking.

Rob

Thank you Rob i finally found the my problem, it was in the password missmatch a problem with the md5 hash, i read that is a bad idea to use the md5 on passwords and only quit that line and it works! thank u rob for your help! you are my hero!

this is the article: http://php.net/manual/en/faq.passwords.php

There is no arguing the logic from the web site.  md5() is a simple hashing scheme that a determined hacker with plenty of CPU power can eventually guess if they can get your database.  Clearly adding a salt  and a more expensive to decrypt method is best.  However, the tutorial serves as an example and it works on older versions of PHP where is the code in that PHP document requires a fairly new PHP to use.  md5() is better than clear text passwords.  Can you do better?  Yes you can.

Rob

Because your code is not indented properly, I can’t tell what “else” block that forbidden belongs to, but I suspect it’s a username/password mismatch.  Make sure you’re credentials are being handled correctly.

Rob

Hello Rob thank you for helping me i don’t understand what you mean, can you give me an example of what you mean?

thank u

It’s really simple.  Most modern languages like Lua and PHP are built on “blocks”  like a function that has a beginning and and end.  There are if - then - else statements that have code inside the blocks defined by the if-then-else code.  You can have function inside if’s if’s inside if’s and so on.  It is the industry standard to indent the code inside a block so you can easily see where each block begins and ends.   For instance in lua:

if a == 10 then     print(a) end

See how the print statement is shifted (Indented) to the right by 4 spaces?  This lets you see that the end goes with the if and the print is what’s contained with in.   The code you posted is PHP which uses curly braces to mark the beginning and end of each block.  That code has a series of nested if statements (if statements inside of other if statements).  It’s critical for your sanity and to get people to help you that you indent your code correctly.

if(isset($\_GET)) { $userid = base64\_decode($\_GET["userid"]); $password = base64\_decode($\_GET["password"]); $query = 'SELECT \* FROM players WHERE userid="' . mysql\_real\_escape\_string($userid) . '"' ; $dbresult = mysql\_query($query, $link); if (!$dbresult) { //echo "query failed"; $result = array(); $result["result"] = 403; $result["message"] = mysql\_error(); echo json\_encode($result); mysql\_free\_result($dbresult); exit; } $player = mysql\_fetch\_array($dbresult, MYSQL\_ASSOC); if (strcmp($player["password"],md5($password)) == 0) { $result = array(); $result["result"] = 200; $result["message"] = "Success"; $result["userid"] = $player["userid"]; $result["firstname"] = $player["firstname"]; $result["lastname"] = $player["lastname"]; $query = sprintf("UPDATE players SET lastname='padilla' WHERE id=%s;", $player["id"]); $uresult = mysql\_query($query, $link); if ($uresult) { //code if your update failed. Doesn't really impact what we are doing. so do nothing. } echo json\_encode($result); } else { //echo "password mismatch"; $result = array(); $result["result"] = 403; $result["message"] = "Forbidden"; echo json\_encode($result); } } else { $result = array(); $result["result"] = 400; $result["message"] = "Bad Request"; echo json\_encode($result); }

i just check your page : http://omnigeek.robmiracle.com/2012/04/15/using-corona-sdk-with-rest-api-services/

i copy the php code and adapt it to my code but i still having the same error

\<?php define("DB\_DSN",'infinityspace'); define("DB\_HOST",'localhost'); define("DB\_USER",'root'); define("DB\_PASS",'\*\*\*\*'); $link = mysql\_connect(DB\_HOST, DB\_USER, DB\_PASS) or die('Could not connect: ' . mysql\_error()); mysql\_select\_db(DB\_DSN) or die('Could not select database'); if(isset($\_GET)) { $userid = base64\_decode($\_GET["userid"]); $password = base64\_decode($\_GET["password"]); $query = 'SELECT \* FROM players WHERE userid="' . mysql\_real\_escape\_string($userid) . '"'; $dbresult = mysql\_query($query, $link); if (!$dbresult) { $result = array(); $result["result"] = 403; $result["message"] = mysql\_error(); echo json\_encode($result); mysql\_free\_result($dbresult); exit; } $player = mysql\_fetch\_array($dbresult, MYSQL\_ASSOC); if (strcmp($player["password"],md5($password)) == 0) { $result = array(); $result["result"] = 200; $result["message"] = "Success"; $result["userid"] = $player["userid"]; $result["firstname"] = $player["firstname"]; $result["lastname"] = $player["lastname"]; $query = sprintf("UPDATE players SET lastlogin=NOW() WHERE id=%s;", $player["id"]); $uresult = mysql\_query($query, $link); if ($uresult){ //code if your update failed. Doesn't really impact what we are doing. so do nothing. } echo json\_encode($result); } else { $result = array(); $result["result"] = 403; $result["message"] = "Forbidden"; echo json\_encode($result); } } else { $result = array(); $result["result"] = 400; $result["message"] = "Bad Request"; echo json\_encode($result); } exit; ?\>

i hope you can help me i don’t know what is wrong

Looks like the forums are not handling PHP code very well.

Basically the error says that your password doesn’t match what’s in the database.

This system takes your password then base64 encodes it so it’s not obvious when transmitting it.  Your PHP script then base64 decodes it back to clear text.  It then creates an MD5 hash of the password, a one way encryption.  It reads the password from the database which should already be MD5 encoded and compares the two.  If they don’t match, you will get the 403 error.

I can’t see what’s in your database.  I can’t see how you’re encoding your password from your App.

You can also get the 403 error if the userid isn’t in the database.

This is my database im using phpmyadmin on XAMPP server using localhost

and my code on the application is this:

local mime = require("mime") local json = require("json") local widget = require("widget") local font = "HelveticaNeue" or system.nativeFont local userid = nil local password = nil local URL = nil local background = display.newRect(0,0,\_W,\_H) background:setFillColor(100,100,100); local loginScreen = display.newGroup() loginScreen:insert(background) local labelHeadline = display.newText(loginScreen, " Member Login",0,0,font,34) labelHeadline:setReferencePoint(display.CenterLeftReferencePoint) labelHeadline.x = \_W \* 0.5 - 140 labelHeadline.y = 70 loginScreen:insert(labelHeadline) local labelUsername = display.newText(loginScreen,"Username", 0,0,font, 18) labelUsername:setReferencePoint(display.CenterLeftReferencePoint) labelUsername.x = \_W \* 0.5 - 128 labelUsername.y = 120 loginScreen:insert(labelUsername) local labelPassword = display.newText(loginScreen,"Password", 0,0,font,18) labelPassword:setReferencePoint(display.CenterLeftReferencePoint) labelPassword.x = \_W \* 0.5 -128 labelPassword.y = 185 loginScreen:insert(labelPassword) local labelReturnStatus = display.newText(loginScreen,"", 0,0,font,14) labelReturnStatus:setReferencePoint(display.CenterLeftReferencePoint) labelReturnStatus:setFillColor(180, 180, 180) labelReturnStatus.x = \_W \* 0.5 - 5 labelReturnStatus.y = 310 loginScreen:insert(labelReturnStatus) local frmUsername = native.newTextField(0, 0, \_W\*0.8, 30) frmUsername.inputType = "default" frmUsername.font = native.newFont(font, 18) frmUsername.hasBackground = true frmUsername.isEditable = true frmUsername.align = "left" frmUsername:setReferencePoint(display.TopCenterReferencePoint) frmUsername.x = \_W \* 0.5 frmUsername.y = 135 loginScreen:insert(frmUsername) function frmUsername:userInput(event) if(event.phase == "began") then print("Began frmUsername"..' '.. event.target.text) event.target.text = '' elseif(event.phase == "editing") then print("Editing frmUsername" ..' '.. event.target.text) elseif(event.phase == "ended") then print("Ended frmUsername" ..' '.. event.target.text) elseif(event.phase == "submitted") then native.setKeyboardFocus(frmUsername) print("Submitted frmUsername"..' '.. event.target.text) end end frmUsername:addEventListener("userInput",frmUsername) local frmPassword = native.newTextField(0, 0, \_W\*0.8, 30) frmPassword.inputType = "default" frmPassword.font = native.newFont(font, 18) frmPassword.hasBackground = true frmPassword.isEditable = true frmPassword.align = "left" frmPassword:setReferencePoint(display.TopCenterReferencePoint) frmPassword.x = \_W \* 0.5 frmPassword.y = 200 loginScreen:insert(frmPassword) function frmPassword:userInput(event) if(event.phase == "began") then print("Began Password"..' '.. event.target.text) event.target.text = '' elseif(event.phase == "editing") then print("Editing Password"..' '.. event.target.text) elseif(event.phase == "ended") then print("Ended Password"..' '.. event.target.text) elseif(event.phase == "submitted") then print("Submitted Password"..' '.. event.target.text) end end frmPassword:addEventListener("userInput",frmPassword) local function loginCallback(event) -- perform basic error handling if ( event.isError ) then print( "Network error!") else -- return a response code print ( "RESPONSE: " .. event.response ) local data = json.decode(event.response) -- display a result to the user if data.result == 200 then -- player logged in okay, display welcome message print("Welcome back",data.firstname:gsub("^%l", string.upper)) else -- bad password, or player not found. Prompt user to login again print("Please try again") end end return true end function background:tap(event) native.setKeyboardFocus(nil) end background:addEventListener("tap",background) local function btnOnPressHandler(event) local userid = frmUsername.text local password = frmPassword.text print(userid) print(password) if(userid == '' or password == '') then labelReturnStatus.text = 'A username or password is required.' return end local URL = "http://127.0.0.1/json.php?userid=".. mime.b64(userid) .."&password=".. mime.b64(password) print(URL) network.request(URL, "GET", loginCallback) end local function btnOnDragHandler(event) end local function btnOnReleaseHandler(event) end local btn = widget.newButton({ id = "Login Button", lefit = 30, top = 250, label = "Login", width = 256, height = 36, font = font, fontsize = 18, labelColor = { default = {0,0,0}, over = {255,255,255} }, defaultColor = {201,107,61}, overColor = {219,146,85}, onPress = btnOnPressHandler, onDrag = btnOnDragHandler, onRelease = btnOnReleaseHandler }) loginScreen:insert(btn)

Thank you Rob

You should still use some print and echo statements and print out the values used in the if statements and see what values you are checking.

Rob

Thank you Rob i finally found the my problem, it was in the password missmatch a problem with the md5 hash, i read that is a bad idea to use the md5 on passwords and only quit that line and it works! thank u rob for your help! you are my hero!

this is the article: http://php.net/manual/en/faq.passwords.php

There is no arguing the logic from the web site.  md5() is a simple hashing scheme that a determined hacker with plenty of CPU power can eventually guess if they can get your database.  Clearly adding a salt  and a more expensive to decrypt method is best.  However, the tutorial serves as an example and it works on older versions of PHP where is the code in that PHP document requires a fairly new PHP to use.  md5() is better than clear text passwords.  Can you do better?  Yes you can.

Rob