Problem with an autentification and form

[adicrst]

I want to create a form that will insert some news in a database, but to be restricted only to the owner that his username and pass are saved in the db, i made a small autentification. I have 2 files, autentificare.php and stiri.php-the fileautentificare.php has the purpouse to verify if the dates filled in the log in form are the same with the dates in the db-if the autentification is not made, the user is sent to the stiri.php page but a warning that sais he's not allowed is apearing. If the autentification is made corectly then he is sent to the stiri.php page again but a form for the news is showing on the pageWhat it doesn't work is that the news are not inserted in the database..i have 2 tables:DATE: id | user | pass| codSTIRI: id | titlu | continut | data here are the filesautentificare.php

<?php $con = mysql_connect("localhost","root","");if (!$con)  {	  die ("Conectare esuata!".mysql_error());  }mysql_select_db("pink_maindb",$con);$cod_generat = rand(0,9999);	  mysql_query("UPDATE date SET cod='$cod_generat' WHERE id='1' ");?><html><body>	<form action="stiri.php" method="post">		User: <input type="text" name="user"><br>		Pass: <input type="password" name="pass"><br>		Cod: <input type="text" name="cod" size="5" maxlength="4"> <?php echo "<b> $cod_generat </b><< Introduceti codul afisat !"; ?><br><br>		<input type="submit" value="trimite">	</form></body></html>

and stiri.php

<?php $con = mysql_connect("localhost","root","");if (!$con)  {	  die ("Conectare esuata!".mysql_error());  }mysql_select_db("pink_maindb",$con);$select = mysql_query("SELECT user,pass,cod FROM date where ID=1"); while ($row=mysql_fetch_array($select))  {	  $usere = $row['user']; //usere este userul existent in db	$passe = $row['pass']; //passe este parola existenta in db	$code = $row['cod']; //code este codul existent in db  }if (($usere == $_POST['user']) && ($passe == $_POST['pass']) && ($code == $_POST['cod']))  {	  echo "<Bine ai venit <b>".$_POST['user']."</b>";	echo "Completati urmatorul formular pentru a afisa o stire noua pe site<br><br>		   <form action='' method='post'>		   Titlu: <input type='text' name='titlu'><br>		   Continut: <textarea rows='15' cols='40' name='continut'></textarea><br> 		   <input type='submit' value='trimite'>		   		   </form>";	$data = date("Y-m-d");	   	mysql_query("INSERT INTO stiri(titlu,continut,data) VALUES('$_POST[titlu]','$_POST[continut]','$data')");  }else  echo "Datele furnizate nu sunt corecte !";  ?><a href="autentificare.php">BACK</a>

this part doesn't work because there isn't anything inserted in the db,beside the DATE

if (($usere == $_POST['user']) && ($passe == $_POST['pass']) && ($code == $_POST['cod']))  {	  echo "<Bine ai venit <b>".$_POST['user']."</b>";	echo "Completati urmatorul formular pentru a afisa o stire noua pe site<br><br>		   <form action='trimis.php' method='post'>		   Titlu: <input type='text' name='titlu'><br>		   Continut: <textarea rows='15' cols='40' name='continut'></textarea><br> 		   <input type='submit' value='trimite'>		   		   </form>";	$data = date("Y-m-d");	   	mysql_query("INSERT INTO stiri(titlu,continut,data) VALUES('$_POST[titlu]','$_POST[continut]','$data')");  }

how can i corect it ?

[justsomeguy]

Where do you insert into the date table? Wouldn't it be easier to use the session to store the random code?http://www.php.net/manual/en/ref.session.php

[adicrst]

i don't insert into the date table, because the data will be inserted manually. It's only the owner of the site that has a username and a password.

[justsomeguy]

I'm confused what the problem is, which part are you having problems with?

[adicrst]

it's ok , i managed to figure it out. The problem was in the IF statement, bc i wanted something to b inserted allready in the database right after the form would show up. So i made another IF statement for the database inserting