Hey,
So I have a couple of files, and I'm trying to create a login script. There is a MySQL query that accesses a database with a list of usernames and passwords. I have a feeling something is wrong with my SQL query, because it's not working correctly.
<?php
$connect = mysql_connect("localhost", "root", "root");
if(!$connect){//If user can't connect to database
die('Could not connect: ' . mysql_error()); //Throw an error
}
mysql_select_db("colin_db", $connect);
//Get given username and password from username field and password field
$givenUsername = $_POST["usernameField"];
$givenPassword = $_POST["passwordField"];
$myQuery = "SELECT * FROM ADMINS
WHERE USERNAME = $givenUsername
AND PASSWORD = $givenPassword";
$queryResult = mysql_query($myQuery);
$numRows = mysql_num_rows($queryResult);
if($numRows == 1){ //If the details are correct...
//Reload the page and login
echo "<script type = 'text/javascript'> window.location.reload() </script>";
echo "Details correct";
}
elseif($numRows == 0){ //Else if the details are not found
//Display error accordingly
echo "Details not correct!"; //This is what happens every time
}
mysql_close($connect);
?>
The database is configured correctly, but I'm not sure how to correctly create a SQL query to determine if the given username and password are correct. In case you'd like to see it, the segment from the index.php file is below.
<form action = "login.php" method = "POST">
Admin Login: <br>
Username: <input type = "text" name = "usernameField"/><br> <!-- Password field-->
Password: <input type = "password" name = "passwordField"/><br> <!-- Username field -->
<input type = "submit" value = "Login" name = "submitButton"/> <!-- Login button -->
</form>
Any ideas?
Thanks,
Jake