jack7076 Posted November 7, 2016 Share Posted November 7, 2016 Hello I've written some code that dies when the msql lookup occurs and crashes when an invalid username or password is entered I want the code to continue and go to my invalid page. anyway here is the code: echo "Before Query <br>"; $query = mysql_query("SELECT * FROM user where userName = '$_POST[user]' AND pass = '$pass'") or die(mysql_error()); echo "row"; $row = mysql_fetch_array($query) or die(mysql_error()); echo "Before Login. <br>"; if(!empty($row['userName']) AND !empty($row['pass'])) { if($_POST['user'] = $row['userName'] AND $pass = $row['pass']){ $_SESSION['ID'] = $row['ID']; $_SESSION['user'] = $row['userName']; $_SESSION['rank'] = $row['rank']; header("Location: Index.php"); } else{ header("Location: INVALID.php?ref=login"); } } else { header("Location: INVALID.php?ref=login"); } Quote Link to comment https://forums.phpfreaks.com/topic/302477-mysql-dies-with-invalid-user-name-or-pass/ Share on other sites More sharing options...
Solution Jacques1 Posted November 7, 2016 Solution Share Posted November 7, 2016 Erase the code from your disk, forget what you think you know about PHP, start from scratch The Codeacademy PHP course (learning the basics of PHP) Exploits of a Mom (why security matters) (The only proper) PDO tutorial (how to communicate with a MySQL database in the 21st century) The PHP manual (lots of useful information and warnings) Quote Link to comment https://forums.phpfreaks.com/topic/302477-mysql-dies-with-invalid-user-name-or-pass/#findComment-1539005 Share on other sites More sharing options...
Jacques1 Posted November 7, 2016 Share Posted November 7, 2016 ... and I just realized this is a live site for a company. Quote Link to comment https://forums.phpfreaks.com/topic/302477-mysql-dies-with-invalid-user-name-or-pass/#findComment-1539006 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.