[SOLVED] Trying to verify username and password

[affordit]

Hello all

New at this and it's driving me nuts.

What I have is a table that contains id,username, and password. I have managed to get the form that inserts the data into the table but can't seem to get the code right to verify that the username and password are in fact there and then redirect the user to the correct page.

 

I have a database named k_falls and the table named login that contains id username (unique field) and password.

 

Here is what I am trying to use to verify and redirect the user.

 

<?

include("k_falls_dbinfo2.inc.php");

mysql_connect(mysql,$username,$password);

@mysql_select_db($database) or die( "Unable to select database");

$query="SELECT * FROM login WHERE bname='$bname' AND psword='$psword'";

$result=mysql_query($query);

$num=mysql_numrows($result);

mysql_close();

 

if (bname==$bname)

{

echo "<b><center>$bname</center></b><br><br>";

}

else

{

Header("Location: register.php");

}

?>

 

Can someone please help

[revraz]

First thing, remove @ in front of your query(s), when you're new you want to see errors

Second, you dont set your variables for

 

$query="SELECT * FROM login WHERE bname='$bname' AND psword='$psword'";

 

What does $bname and $psword equal?

 

Third, what do you want from this line?

 

if (bname==$bname)

 

[affordit]

Sorry about that

bname is the username

psword is the password

 

This is what someone else told me to try

if (bname==$bname)

 

[revraz]

I understand what you are using them for, but you don't tell the code what they mean.

 

You need to do something like:

 

$bname = "Fred";

$psword = "mypassword";

 

Sorry about that

bname is the username

psword is the password

 

This is what someone else told me to try

if (bname==$bname)

 

[revraz]

See if this helps you understand a little better

 

http://www.roscripts.com/PHP_login_script-143.html

[cooldude832]

very basic login script

 

Adjust the post name fields the fields taken from mysql and the header redirect and its all set.

 

<?php
//Open SQL connection
$username = mysql_real_escape_string(trim($_POST['Username']));
$password = mysql_real_escape_string(trim($_POST['password']));
$fields = array(
"UserId",
"Username",
"LastLogin"
);
$fields = implode($fields);
$q = "Select ".$fields." from `".$user_table."` Where Username = '".$username."', and Password = '".$password."'";
$r = mysql_query($q) or die(mysql_error()."<br /><br />".$q);
if(mysql_num_rows($r) >0){
//Valid User
while($row = mysql_fetch_assoc($r)){
foreach($row as $key=> $value){
$_SESSION['UserData'][$key] = $value;
}
}
die(header("location: topsecretpage.php"));
}
else{
//Invalid Login
echo "Invalid Login.";
}
?>

[affordit]

Bname and psword are set in a form on a previous page my problem is I am not sure how to verify that bname and psword are present in the login table if they are they need to go one place if not they need to go to the register page or back to login page.

 

Thanks for your help

[revraz]

Then you are not using them because you have no $_POST arrays in your code.

 

Bname and psword are set in a form on a previous page my problem is I am not sure how to verify that bname and psword are present in the login table if they are they need to go one place if not they need to go to the register page or back to login page.

 

Thanks for your help

[affordit]

Thanks cooldude832

 

I am not surprised it was that easy I have been banging my head against the wall for two days.

 

Thanks all

Have a great day