djp1988 Posted March 11, 2008 Share Posted March 11, 2008 I don't understand where the error is: mysql_connect($dbhost, $dbuser, $dbpass)or die(mysql_error());$username = $_POST[‘username’];$password = md5($_POST[‘password’]);$query = "SELECT * FROM users WHERE username = $username AND password = $password";$result = mysql_query($query);if (mysql_num_rows($result) != 1) {$error = "Bad Login"; include "login.html";} else { $_SESSION['username'] = "$username"; include “memberspage.php”;} Link to comment Share on other sites More sharing options...
Peppe L-G Posted March 11, 2008 Share Posted March 11, 2008 If you use mysql_error() you will get a message that explains the error: mysql_result($sql) or die(mysql_error());The error in your code is that you don't have ' around the values:You have: $query = "SELECT * FROM users WHERE username = $username AND password = $password"; It should be: $query = "SELECT * FROM users WHERE username = '$username' AND password = '$password'"; Note that if the values would be numbers (4, 67, 8754 etc), you wouldn't have to have the ' around. Link to comment Share on other sites More sharing options...
Synook Posted March 12, 2008 Share Posted March 12, 2008 Also, on the bottom-most line bar the }, the quotes are incorrect - they are “smart” quotes added by a word-processing system, which PHP does not understand. Change them to straight " quotes. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.