forumnz Posted September 22, 2007 Share Posted September 22, 2007 Oh dear. Running into problems today... How is this wrong? if(count($_POST)>0) { $username=$_POST["username"]; $password=$_POST["password"]; $password=md5($password); $sql="SELECT * FROM members WHERE username=\"$username\" AND password=\"$password\""; $rs=mysql_query($sql); //execute the query if(mysql_num_rows($rs)==1) { echo "Well done!"; } else{ //invalid username of password //redirect to login page header("Location: login.php"); } } Thanks, Sam. Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted September 22, 2007 Share Posted September 22, 2007 what is the errors you get? Quote Link to comment Share on other sites More sharing options...
forumnz Posted September 22, 2007 Author Share Posted September 22, 2007 It doesnt log me in. I just go back to the login.php page. I think it might be to do with the MD5? Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted September 22, 2007 Share Posted September 22, 2007 it doesnt log you in because you are telling it else redirect to login.php if successful. try <?php }else{ if(mysql_num_rows($rs)==0) { //invalid username of password //redirect to login page header("Location: login.php"); } ?> Quote Link to comment Share on other sites More sharing options...
forumnz Posted September 22, 2007 Author Share Posted September 22, 2007 Huh? OK I changed it, but now if I try to login with any random user and pass, it lets me? Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted September 22, 2007 Share Posted September 22, 2007 that is because you need to check for the username and password in the database http://www.phpeasystep.com/workshopview.php?id=6 this is what you need. Quote Link to comment Share on other sites More sharing options...
forumnz Posted September 22, 2007 Author Share Posted September 22, 2007 Ahh! This is hard. Ok I'll start from scratch. Do you know of any good web tutorials? Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted September 22, 2007 Share Posted September 22, 2007 the one i posted above? Quote Link to comment Share on other sites More sharing options...
forumnz Posted September 22, 2007 Author Share Posted September 22, 2007 Ok then. Right, what should I do then. This is the current code below. I get error : Parse error: syntax error, unexpected $end in /usr/local/www/vhosts/bidbuddy.co.nz/httpdocs/login2.php on line 37 if(count($_POST)>0) { $username=$_POST["username"]; $password=$_POST["password"]; $password=md5($password); $sql="SELECT * FROM members WHERE username=\"$username\" AND password=\"$password\""; $rs=mysql_query($sql); //execute the query if(mysql_num_rows($rs)==1) { echo "Well done!"; }else{ if(mysql_num_rows($rs)==0) { //invalid username of password //redirect to login page header("Location: login.php"); } Thanks. Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted September 22, 2007 Share Posted September 22, 2007 were missing a closing bracket tell me what you get now: <?php if(count($_POST)>0) { $username=$_POST["username"]; $password=$_POST["password"]; $password=md5($password); $sql="SELECT * FROM members WHERE username=\"$username\" AND password=\"$password\""; $rs=mysql_query($sql); //execute the query if(mysql_num_rows($rs)==1) { echo "Well done!"; }else{ if(mysql_num_rows($rs)==0) { //invalid username of password //redirect to login page header("Location: login.php"); } } ?> Quote Link to comment Share on other sites More sharing options...
forumnz Posted September 22, 2007 Author Share Posted September 22, 2007 I get the same error. Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted September 22, 2007 Share Posted September 22, 2007 <?php if(count($_POST)>0) { $username=$_POST["username"]; $password=$_POST["password"]; $password=md5($password); $sql="SELECT * FROM members WHERE username=\"$username\" AND password=\"$password\""; $rs=mysql_query($sql); //execute the query if(mysql_num_rows($rs)==1) { echo "Well done!"; }else{ if(mysql_num_rows($rs)==0) { //invalid username of password //redirect to login page header("Location: login.php"); } } } ?> Quote Link to comment Share on other sites More sharing options...
forumnz Posted September 22, 2007 Author Share Posted September 22, 2007 Ok no error this time but it goes back to login.php help? Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted September 22, 2007 Share Posted September 22, 2007 is the user and pass in the database? because if not it will redirect. Quote Link to comment Share on other sites More sharing options...
forumnz Posted September 22, 2007 Author Share Posted September 22, 2007 Hi yes it is. Username and password are both there and the password is MD5... Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted September 22, 2007 Share Posted September 22, 2007 dont think this will help but try puting souble quotes around the numbers like =="0" Quote Link to comment Share on other sites More sharing options...
forumnz Posted September 22, 2007 Author Share Posted September 22, 2007 Hang on..... got it!! Now i just need it to set a cookie. I will try that myself. Should I use cookies or sessions? Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted September 22, 2007 Share Posted September 22, 2007 LOL i was about to say you should set a session before anything Quote Link to comment Share on other sites More sharing options...
LemonInflux Posted September 22, 2007 Share Posted September 22, 2007 I would say sessions. Less people think sessions contain viruses. Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted September 22, 2007 Share Posted September 22, 2007 sessions are more secure and cant be hijacked as easily Quote Link to comment Share on other sites More sharing options...
forumnz Posted September 22, 2007 Author Share Posted September 22, 2007 I dolnt really know about sessions. Can they last for a certain amount of time, hold uid, etc? Sam. Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted September 22, 2007 Share Posted September 22, 2007 use session_register and session_destroy and yes they can hold about anything just like cookies Quote Link to comment Share on other sites More sharing options...
forumnz Posted September 22, 2007 Author Share Posted September 22, 2007 So I should register a session instead of it echoing "Well done!"? Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted September 22, 2007 Share Posted September 22, 2007 google PHP login tutorials with sessions this might help more. Quote Link to comment Share on other sites More sharing options...
rarebit Posted September 22, 2007 Share Posted September 22, 2007 http://www.tizag.com/phpT/phpsessions.php Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.