Clever Geek Handbook

Nodejs account using mysql and html

I got this simple code from a tutorial for a sample login form to determine if the user and password are in my database for user registration or not. this code can detect email if exists, but not password.
what is wrong here?

var express = require('express');
var app = express();
var  server = require('http').createServer(app);
bodyParser = require('body-parser');
var mysql = require('mysql');
var connection = mysql.createConnection({
      host: 'localhost',
      database: 'chmult',
      user: 'root',
      password: '',
    });
users = [];
connections = [];


app.get('/', function(req, res){
    res.sendFile(__dirname + '/');

});



app.use(bodyParser.urlencoded({
    extended: true
}));

/**bodyParser.json(options)
 * Parses the text as JSON and exposes the resulting object on req.body.
 */
app.use(bodyParser.json());
connection.connect();


app.post('/', function(req, res){




var username= req.body.user.username;
var password = req.body.user.password;
connection.query('SELECT * FROM tesko WHERE username = ?',[username], function (error, results, fields) {
if (error) {
  // console.log("error ocurred",error);
  res.send({
    "code":400,
    "failed":"error ocurred"
  })
}else{
  // console.log('The solution is: ', results);
  if(results.length >0){
    if([0].password == password){
      res.send({
        "code":200,
        "success":"login sucessfull"
          });
    }
    else{
      res.send({
        "code":204,
        "success":"Email and password does not match"
          });
    }
  }
  else{
    res.send({
      "code":204,
      "success":"Email does not exits"
        });
  }
}
});




});




app.listen(3231);
console.log('Example app listening at port:3231');

my html forms

<form method="post" action="">
    <input type="text" name="user[username]">
    <input type="text" name="user[password]">

    <input type="submit" value="Submit">
</form>
</html>

Column names in my table (username, password). Both are varchar and I tried using a different table with md5. The password could not be found.

+3


source to share


1 answer


this bit of code looks suspicious:

if(results.length >0){
  if([0].password == password){
  res.send({
    "code":200,
    "success":"login sucessfull"
      });
}


in particular [0].password

I expect it to be undefined.

[0] is an array literal here, not an index into the array. You probably want the results of [0] .password, judging by the line before it.

+1


source






More articles:


All Articles