Matar Posted January 6, 2007 Share Posted January 6, 2007 hi all i make a login script but i have a problemwhen i login with my user and password the script show me invalid login but my login info is corret !!!!this is the code ****<?phpif(!isset($user)||!isset($pass)){echo "error1";}elseif(empty($user)||empty($pass)){echo "error2";}else{$user = ($_POST['user']);$pass = ($_POST['pass']);$con = mysql_connect("localhost");mysql_select_db("log", $con);$sql = mysql_query("select * from info where username = '$user' AND password = '$pass'",$con);$row = mysql_num_rows($sql);if($row > 0){ while($row = mysql_fetch_array($sql)){ session_start(); session_register('user'); echo "welecom $user <br />";} } else{ echo "Incorrect Login";}}?> Link to comment Share on other sites More sharing options...
Executer Posted January 6, 2007 Share Posted January 6, 2007 You are not using mysql_connect function correctly!And 1 more question: Why'd you put $_POST in (..), only if you were using any kind of security it should go like:htmlspecialchars($_POST['username']);You don't need the (..) in there. Link to comment Share on other sites More sharing options...
Matar Posted January 6, 2007 Author Share Posted January 6, 2007 hi this script is simple example ... i don't care about mysql_connect parmeterbecause i work on local host The problem is when i using where cluse when i edit select statement to "select * from info " it is work , but when i using where the script work as empty table although i fill it with users data . Link to comment Share on other sites More sharing options...
Executer Posted January 6, 2007 Share Posted January 6, 2007 but you must to work with mysql_connect(); correctly: mysql_connect("localhost", "root", ""); Link to comment Share on other sites More sharing options...
Little Goat Posted January 6, 2007 Share Posted January 6, 2007 you must supply a username and password to connect to the MySQL server. You should have been asked for these when you set up the server.and $user = ($_POST['user']); should be $user = $_POST['user']; without the parentheses.and one more thing. do you even have your login info in the DB? make sure you do. Link to comment Share on other sites More sharing options...
Executer Posted January 6, 2007 Share Posted January 6, 2007 He uses localhost, I guess his username is 'root' and he doesn't have any password. Link to comment Share on other sites More sharing options...
Little Goat Posted January 6, 2007 Share Posted January 6, 2007 yeah, that is the default. If you change it during the installation, you need to put that in. Link to comment Share on other sites More sharing options...
Matar Posted January 7, 2007 Author Share Posted January 7, 2007 hi all thank you for replay i make all thing you said and the problem is still the code ***<?phpif(!isset($user)||!isset($pass)){echo "error1";}elseif(empty($user)||empty($pass)){echo "error2";}else{$user = $_POST['user'];$pass = $_POST['pass'];$con = mysql_connect("localhost","root","");mysql_select_db("log", $con);$sql = mysql_query("select * from info where username = '$user' AND password = '$pass'",$con);$row = mysql_num_rows($sql);if($row > 0){ while($row = mysql_fetch_array($sql)){ session_start(); session_register('user'); echo "welecom $user <br />";} } else{ echo "Incorrect Login";}}?>****can any one copy and paste this script and try it db name is logtable name is info the field in the database username char(20)password char(20) ******i was try this code without "where" and its work like this select * from info but when is user select * from info where user = '$user' and password = '$pass' not work **** thank u all matar Link to comment Share on other sites More sharing options...
mandaksk Posted January 7, 2007 Share Posted January 7, 2007 You are checking the $user and $pass without assigning any values to them in condition 1, and 2. Put these lines before and outside the conditions.<?php$user = $_POST['user'];$pass = $_POST['pass'];if(!isset($user)||!isset($pass)){echo "error1";.....?> Link to comment Share on other sites More sharing options...
justsomeguy Posted January 8, 2007 Share Posted January 8, 2007 Add these lines at the top:ini_set("display_errors", 1);error_reporting(E_ALL);And change this:$con = mysql_connect("localhost","root","");mysql_select_db("log", $con);$sql = mysql_query("select * from info where username = '$user' AND password = '$pass'",$con);to this:$con = mysql_connect("localhost","root","") or echo mysql_error();mysql_select_db("log", $con) or echo mysql_error();$sql = mysql_query("select * from info where username = '$user' AND password = '$pass'",$con) or echo mysql_error(); Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now