dual_alliance Posted July 22, 2006 Share Posted July 22, 2006 I have the following code:[code]<?php session_start(); header("Cache-control: private"); // Get MySQL Database information include('db.php');// Make variables from the form $Username = $_POST['userName']; $Password = $_POST['passWord'];// Remove HTML (if any) $Username = strip_tags("$Username"); $Password = strip_tags("$Password");// Remove escaped characters (if any) $Username = stripslashes("$Usermame"); $Password = stripslashes("$Password");// Connect to server and select database. mysql_connect("$dbHost", "$dbUserName", "$dbPassWord")or die("Cannot connect to server!"); mysql_select_db("$dbName")or die("Cannot select Database!");// Does the user exist? $sql_user_check = 'SELECT * FROM users WHERE username="$Username"'; $result_name_check = mysql_query($sql_user_check); $usersfound = mysql_num_rows($result_name_check); // If the user doesn't exist, create error if ($usersfound < 1) { $error = "User $Username not found.";// If the user does exist, continue with processing }else{// Check if the passwords match $sql_pass_get = 'SELECT * FROM users WHERE username="$Username"'; $user_info = mysql_fetch_array(mysql_query($sql_pass_get)); $encryptpass = $user_info['password']; // If it doesn't match, note that and end if ($encryptpass != md5($PassWord)) { $error = "Invalid password. Try again.";// If it does match, let in and pass on info to session variables }else{ $_SESSION['userid'] = $user_info['userid']; $_SESSION['username'] = $user_info['username']; $_SESSION['password'] = $user_info['password']; } } if (!$_SESSION['username']) { echo "$error"; }else{ include('admin.php'); }?>[/code]On index.php (login) l enter the username l entered into the MySQL database and it says user not found... I have gone into the MySQL database using phpmyadmin and the username is there. So what is going on?Thanks,dual_alliance Link to comment https://forums.phpfreaks.com/topic/15306-user-not-found/ Share on other sites More sharing options...
Joe Haley Posted July 22, 2006 Share Posted July 22, 2006 $sql_user_check = 'SELECT * FROM users WHERE username="$Username"';$username is taken as literal, as its in single quotes on the PHP-leveltry$sql_user_check = "SELECT * FROM users WHERE username=\"$Username\""; Link to comment https://forums.phpfreaks.com/topic/15306-user-not-found/#findComment-61936 Share on other sites More sharing options...
dual_alliance Posted July 22, 2006 Author Share Posted July 22, 2006 Thanks that worked ;D Link to comment https://forums.phpfreaks.com/topic/15306-user-not-found/#findComment-61937 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.