I'm new to this forum, and PHP in general. So, hello to everyone!
I'm having a problem verifying whether or not my authentication script works. I'm not new to programming...just PHP.
Here it is..
<?php
//check if user is already logged in
if(isset($_session['username']))
{
//init database information
$db_server = "";
$db_user = "";
$db_password = "";
$db_name = "";
//connect to the database
$connection = mysql_connect($db_server, $db_user, $db_password);
if(!$connection)
{
die('Failed to connect: ' . mysql_error());
}
mysql_select_db($db_name, $connection);
//verify login information
$username = $_POST['username'];
$password = $_POST['password'];
$query = mysql_query("SELECT * FROM users WHERE username='$username'");
if($query)
{
$array = mysql_fetch_array($query);
if($_POST['password'] = $array['password'])
{
$_session['username'] = $array['username'];
$_session['email'] = $array['email'];
$_session['user_level'] = $array['user_level'];
$_session['ip'] = $array['ip'];
$_session['date_registered'] = $array['date_registered'];
echo $_session['username'];
}
else
{
echo 'Bad Login Information!';
}
}
else
{
die('Failed to login: ' . mysql_error());
}
}
?>
<form action="auth.php" method="post">
<input name="username" type="text" size="20" maxlength="16">
<input name="password" type="text" size="20" maxlength="20">
<input name="submit" type="submit" value="Submit">
</form>