Login

[cerin]

This login code just returns "User not found" and I can't figure out why. It returns it before $_POST is set.

[code]<?php
if (isset($_POST)) {
    //connect to your db
    include 'config.php';
    mysql_select_db($usersdb);
    
    //get and escape your two user inputs
    $username = mysql_real_escape_string($_POST['username']);
    $password = mysql_real_escape_string($_POST['password']);
    
    //rather than trying to retrieve the password, then check to see if they match in php,
    //use the following query and let SQL do that work for you.
    $pquery = "SELECT userid FROM userinfo WHERE userid = '$username' AND password = '$password'";
    $result = mysql_query($pquery) or die("Could not query: " . mysql_error());
    
    //if one row was returned, then the username/password combo was found
    if (mysql_num_rows($result) == 1) {
        echo "User Authenticated";
    } else if (mysql_num_rows($result) == 0) { //if no rows are returned, then the user was not in the db
        echo "User not found";
    } else {  //you may have more than one entry for the same person...which is bad.
        echo "Error occurred during verification";
    }
    
    //header("nextpage.php");
    exit;
}
?>
<form method="Post" action="<?php $_SERVER['PHP_SELF']; ?>">
<p> Username: <input type='text' name='username' />
</p>
<p>Password: <input type='text' name='password' /><br />
<input type='submit' name="submit" value="Submit"/>
</p>
</form>[/code]

[sgb162]

I believe you need to change

[code]if (isset($_POST)) ..[/code]

to
[code]if ($_POST['username']) ..[/code]

or something similar.

[chriscloyd]

no this needs to be like
[code]
<?
if (isset($_POST['username'])) {
//code here
} else {
//code here
}
?>
[/code]