qqim

the problems seem to be in: a)session_register and related functions which appear to be deprecated b)in session register what is the 'user' supposed to be? c)$password seems to refer to the access to the database (mypassword) and to the visitor's password! d) the other php file has the same deprecated problems and same 'user'

Well, I think we are getting somewhere. I came to the conclusion that you get the message about wrong userbane ab dpassword if they are actually wrong, but get a white page if they are correct. In that case, it looks as if it is working and the problem might be with the login_success.php Are you stll there? qim

This is the part that's been worrying me all day, if I am not changing around the filed names. $sql="SELECT * FROM $tbl_name WHERE user='$user' and password='$password'";$result=mysql_query($sql);

I tried to see again if it worked with the code you asked me to change and this time it went all the way and returned. However, somehow it is not recognizing that the user and password are the same. is it possible to firce the sript to echo the result of

Does this make any diffrence, having just one dot before the forward slash? <form method="post" action="./Pinto/login.php">

I ran the print... but got a "Website cannot display the page". Did you mean placing it here, like this?

I changed and got a white page when I tried. earlier with the old code I used to get the echoes messag about wrong username and password. Tried to put the old code back on but, now I still get white page I've put an echo with your code and it worked up to there, I guess:

Hi I'm going to do that in a mom, but let me add that I placed echos at various places in the code anf they printed out on screen $sql="SELECT * FROM $tbl_name WHERE user='$user' and password='$password'"; $result=mysql_query($sql); echo "So far"; // Mysql_num_row is counting table row $count=mysql_num_rows($result); echo "so good";

...and this is the relevant code in the index.html which is in the root directory at the server The fields in the database table are called 'user' and 'password'

You saved a dying man.... Thanks! I believe some code is a bit out of fashion, but right now all I want is to get it going. Later, I will look at ways of doing changes and making it safer. I expect you will need part of the code in the form, and information on the database. login.php HTML document text <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html> <head> <title> New Document </title> <meta name="Generator" content="EditPlus"> <meta name="Author" content=""> <meta name="Keywords" content=""> <meta name="Description" content=""> </head> <body> <?php$host="localhost"; // Host name $username="pintotou_camilo"; // Mysql username $password="*******"; // Mysql password $db_name="pintotou_agents"; // Database name $tbl_name="Agents"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB");// username and password sent from form $user=$_POST['username']; $password=$_POST['password']; // To protect MySQL injection (more detail about MySQL injection) //$username = stripslashes($username); //$password = stripslashes($password); //$username = mysql_real_escape_string($username); //$password = mysql_real_escape_string($password);$sql="SELECT * FROM $tbl_name WHERE user='$user' and password='$password'"; $result=mysql_query($sql);// Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $user and $password, table row must be 1 rowif($count==1){// Register $username, $password and redirect to file "login_success.php"session_register("user");session_register("password"); header("/Pinto/login_success.php"); } else { echo "Wrong Username or Password, or you have not registered yet.<br> Please, go back and either reenter your login details, or press the register button"; } ?> </body></html>

Hi I'm not sure if I am in right place... I used some online code, adapted it to my site and it does not work!! I think it is a small problem, perhaps of the php file not getting the correct data from the form. Could somebody help me, as I am very new to this business? If affirmative I will paste the relevant code here