methulah Posted February 9, 2007 Share Posted February 9, 2007 $username=$_POST['username']; $unpassword=$_POST['password']; $password=md5($unpassword); dbConnect('delibera_BST'); $sql="SELECT * FROM `users` WHERE username = '$username' AND PASSWORD = '$password'"; $result=mysql_query($sql) or die("NO CAN DO!"); $num = mysql_num_rows($result) or die("NO COUNT!"); if ($num == 1){ This brings up the die("NO COUNT!"); message. Any ideas? Quote Link to comment Share on other sites More sharing options...
artacus Posted February 9, 2007 Share Posted February 9, 2007 Try instead: die(mysql_error()) which will tell you that you have to use ` with PASSWORD because its a reserved word... well it won't tell you that in so many words. Quote Link to comment Share on other sites More sharing options...
methulah Posted February 9, 2007 Author Share Posted February 9, 2007 I've now changed it to: AND `password` = '$password' and changed the die($message) to die(mysql_error()); and now it just brings up a blank screen, whereas it ought to redirect me if one row is returned, or bring up an error message if none. Cheers for your help. Quote Link to comment Share on other sites More sharing options...
Jessica Posted February 9, 2007 Share Posted February 9, 2007 Post the new code. A blank screen likely means you have an error. Turn on error_reporting. Quote Link to comment Share on other sites More sharing options...
micmania1 Posted February 9, 2007 Share Posted February 9, 2007 If the previous step doesn't work try changing it to "or die($sql);" Then see if theres an error with he query. Quote Link to comment Share on other sites More sharing options...
sayedsohail Posted February 9, 2007 Share Posted February 9, 2007 In my opinion, your password is not stored in md5 format, if you are using phpmyadmin than edit the record and select the function column to md5, this way it will convert your stored password value to md5 format. Any also try adding this into your code and see what it does. if ($num == 1) { echo "No records found";} goodluck Quote Link to comment Share on other sites More sharing options...
camdagr81 Posted February 9, 2007 Share Posted February 9, 2007 you may want to enclose the username field as well: $sql="SELECT * FROM `users` WHERE `username`= '$username' AND `password`= '$password' LIMIT 1"; then check : $error = mysql_error(); if ($error) { return $error; } else { $rows = mysql_num_rows($result); if ($rows > 0) { //your command } } Quote Link to comment Share on other sites More sharing options...
artacus Posted February 9, 2007 Share Posted February 9, 2007 Don't do this: $num = mysql_num_rows($result) or die("NO COUNT!"); do this: if($num = mysql_num_rows($result)) { ...redirect } else { die('No records found'); } Quote Link to comment Share on other sites More sharing options...
methulah Posted February 10, 2007 Author Share Posted February 10, 2007 I feel a right fool here, turns out that along with a few password/md5 issues, the real problem was that my column in the database was varchar(12) and the full md5 hash didn't fit. Thanks everyone for your help. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.