May I know how come my code can't work. I've check a few times. It doesn't have any Error Message. Please Help, people...
<?php
if(isset($_POST["loginid"])
{
$passwordvar = $_POST["password"];
$loginidvar = $_POST["loginid"];
//connects to MSSQL
mssql_connect('172.20.129.172','sa','scs');
$sql = "SELECT name_db FROM tb_Login WHERE username = '"+$loginidvar+"' and password='"+$passwordvar+"'";
$result = mssql_db_query ("tb_Login",$sql);
$row = mssql_fetch_array($result);
$myRows = mssql_num_rows($sql);
if ($myRows == 0) {
die ('That user does not exist in our database.');
}
while($info = mssql_fetch_array( $sql ))
{
$_POST['passwordvar'] = stripslashes($_POST['passwordvar']);
$info['password'] = stripslashes($info['password']);
$_POST['passvar'] = md5($_POST['passvar']);
//give error if password is wrong
if ($_POST['passwordvar'] != $info['password']) {
die('Incorrect password, please try again.');
}
else
{
// if login is ok then we add a cookie
$_POST['loginid'] = stripslashes($_POST['loginid']);
$hour = time() + 3600;
setcookie(loginid, $_POST['loginid'], $hour);
setcookie(password, $_POST['password'], $hour);
//then redirect them to the members area
header("Location: frameset.html");
}
}
} else {
// if they are not logged in
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>