login module

[escassie^^]

hello! im freakin out.. need to finished my login page. my code is so simple with error trapping but its not working. i guess my if-else statement is incorrect. could you help me with the codes?

 

reqt:

1.) check if the fields where filled in

2.) check if the username entered is in the database

3.) check if the password typed is incorrect

4.) SESSIONS - to register the username in the entire session.

 

thanks!

[corbin]

Can we see what code you do have?

[escassie^^]

Can we see what code you do have?

 

 

<?php

require("db_connect.php");

 

if (isset($_POST['submit'])) { // if form has been submitted

 

$user = addslashes($_POST['username']);

$pass = md5($_POST['password']);

 

// makes sure they filled it in

if($user == "" | $pass == "") {

$alert = "Incomplete fields.";

}

// checks it against the database

$check = mysql_query("SELECT * FROM user WHERE username = '".$user."' AND pass = '".$pass."'");

 

//Gives error if user doesn't exist

$check2 = mysql_num_rows($check);

if ($check2 == 0) {

$alert = "Username not in the database.";

}

 

$info = mysql_fetch_array( $check );

 

$p = stripslashes($pass);

$info['pass'] = stripslashes($info['pass']);

 

if ($pass != $info['pass'])

{

$alert = "Incorrect Password.";

} else {

 

// if login is ok then we add a cookie

session_start();

session_register('username');

 

 

//then redirect them to the member area

header("Location: profile.php");

 

}

}

 

 

 

?>

 

 

-> the problem with this is i already trimmed down everything that complicates my code. now it all outputs the alert message "Incorrect Password".