What would be the syntax of this line?

Mancent · October 2, 2010

<?php
ob_start();
include "connect.php";



// Define $myusername and $mypassword 
$username=$_POST['username']; 
$password=$_POST['password']; 

// To protect MySQL injection (more detail about MySQL injection)
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);

$sql="SELECT * FROM accounts WHERE username='$username' and password='$password'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1)
{
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("username");
session_register("password"); 
echo "&msgText=Entrance Granted!\n";
}
else
{
echo "&msgText=Invalid Login!\n";
}
return false;
ob_end_flush();
?>

this line right here what would the URL be to work correctly

$sql="SELECT * FROM accounts WHERE username='$username' and password='$password'";

if this line means this

$sql="SELECT * FROM accounts WHERE username='$username'";

http://wiistream.net/flash.login.php?username=Mytest

= echo "&msgText=Entrance Granted!\n";

see i dont know is it

http://wiistream.net/flash.login.php?username=Mytest&password=123456

I cant seem to login with a URL code because I dont know what it is?

joel24 · October 2, 2010

you're trying to collect the sent information with $_POST when they are being sent via the URL - $_GET.

You should not pass usernames and passwords through the URL, post these from the login form.

Sign In

What would be the syntax of this line?

Recommended Posts

Mancent

Link to comment

Share on other sites

joel24

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information