ak4744710 Posted April 29, 2013 Share Posted April 29, 2013 I am making a home page that allows the user to sign in to a members only page. I want to set it up to where if they click submit without typing anything it will tell them they must fill in all fields, and if they use an incorrect username or password it will tell them that as well. I am having some trouble figuring out the syntax to make this happen though. I have it to where it will tell them if they leave username and password blank that they must fill in both fields, but it will not tell them when they have entered something incorrect. It will just cycle back to the page and clear what they typed but throws the same error as if they would have not typed anything at all. I have posted my code below with out the error for typing an incorrect username and password because this is the part I am having trouble with. I have tried several different ways and in several different locations in the code. If someone could tell me the proper way to write just this part and the location to put it I would appreciate it greatly. I have been trying several variations of code such as else{ $strMsg="Your username and password do not match our records."; } and using if else statements in different locations of the code but I seem to be so close yet so far. <?php include("config.php"); if ($_POST['username']=="" || $_POST['password']==""){ $strMsg="You must enter your user name and password "; } if($_POST['submit']!=""){ $db=dbConnect(); $SQL="SELECT userID FROM tblusers WHERE username='".$_POST['uName']."'"; $rs=mysql_query($SQL); if(mysql_num_rows($rs)>0 && $rs){ $SQL="SELECT userID FROM tblusers WHERE PASSWORD=PASSWORD ('".$_POST['pWord']."') AND userID=". mysql_result($rs,0,"userID"); //echo $SQL; $rs=mysql_query($SQL); if(mysql_num_rows($rs)>0 && $rs){ header("Location:memberContent.php"); } } } ?> <!-- I am a comment --> <html> <head> <title>Sign in!</title> </head> <body> <p><a href="member_register.php">Sign Up!</a></p> <h1>Please enter your username and password!</h1> <?php echo $strMsg;?> <form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>"> Username: <input type="text" name="uName" /> <br /> Password: <input type="password" name="pWord" /> <br /> <input type="submit" name="submit" value="sign in" /> </form> </body> </html> Quote Link to comment https://forums.phpfreaks.com/topic/277429-quick-question-on-syntax-of-if-and-if-else-statement/ Share on other sites More sharing options...
Jessica Posted April 29, 2013 Share Posted April 29, 2013 You're using "uName" in some spots and "username" in others. Pick one and stick with it. Quote Link to comment https://forums.phpfreaks.com/topic/277429-quick-question-on-syntax-of-if-and-if-else-statement/#findComment-1427191 Share on other sites More sharing options...
Barand Posted April 29, 2013 Share Posted April 29, 2013 Note: The PASSWORD() function is used by the authentication system in MySQL Server, you should NOT use it in your own applications. For that purpose, use MD5() or SHA1() instead. Also see RFC-2195 for more information about handling passwords and authentication securely in your application. Quote Link to comment https://forums.phpfreaks.com/topic/277429-quick-question-on-syntax-of-if-and-if-else-statement/#findComment-1427192 Share on other sites More sharing options...
Jessica Posted April 29, 2013 Share Posted April 29, 2013 Plus the query is failing. Quote Link to comment https://forums.phpfreaks.com/topic/277429-quick-question-on-syntax-of-if-and-if-else-statement/#findComment-1427194 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.