FRIHOSTFORUMSFAQTOSBLOGSDIRECTORY
You are invited to Log in or Register a Frihost Account!

problem with login script

   Frihost Forum Index -> Scripting -> Php and MySQL
 


riyadh
i wrote a lign script for my site but it doesn't seem to work.even if i type in the correct username and password, i get a message saying tht what i typed in was wrong.

Code:

<?php
// database connection details
$mysql_host = "localhost"; # The mysql host, can usually be left as localhost.
$mysql_user = ""; # The username we will use to connect to mysql
$mysql_pass = ""; # The password that the above username relates to
$db = ""; # The name of the database the above user has privledges on

//connect to the database
$conn = mysql_connect($mysql_host, $mysql_user, $mysql_pass);
if(!$conn)
{
    exit("<strong>Error!</strong> Could not <u>connect</u> to the database!");
}

$db_conn = mysql_select_db($db, $conn);
if(!$db_conn)
{
    exit("<strong>Error!</strong> Could not <u>select</u> the database!");
}
$sql = mysql_query("SELECT * FROM students WHERE username='".addslashes($_POST['user'])."'") or die ("Username was incorrect. MySQL said".mysql_error());
$result = mysql_fetch_array($sql); // puts the database information into an array

if($result['password'] == sha1($_POST['pass'])) { // if the passwords match
session_start(); // start the session
header("Cache-control: private");
$_SESSION["sessioname"] = $_POST['user'];
header("location: index.php");
}else{
echo "Incorrect login details please try again.";
}
?>
pollux1er
Better try to get first the value of the POST before try them. The code is clear and you have a simple syntax.

Code:

<?php
// get datas from the last page
$username = $_POST['user'];
$pasword = $POST['pass'];
// database connection details
$mysql_host = "localhost"; # The mysql host, can usually be left as localhost.
$mysql_user = ""; # The username we will use to connect to mysql
$mysql_pass = ""; # The password that the above username relates to
$db = ""; # The name of the database the above user has privledges on

//connect to the database
$conn = mysql_connect($mysql_host, $mysql_user, $mysql_pass);
if(!$conn)
{
    exit("<strong>Error!</strong> Could not <u>connect</u> to the database!");
}

$db_conn = mysql_select_db($db, $conn);
if(!$db_conn)
{
    exit("<strong>Error!</strong> Could not <u>select</u> the database!");
}
$sql = mysql_query("SELECT * FROM students WHERE username='$username' ") or die ("Username was incorrect. MySQL said".mysql_error());
$result = mysql_fetch_array($sql); // puts the database information into an array

if($result['password'] == sha1($password)) { // if the passwords match
session_start(); // start the session
header("Cache-control: private");
$_SESSION["sessioname"] = $username;
header("location: index.php");
}else{
echo "Incorrect login details please try again.";
}
?>
pollux1er
And if ther is a mistake, post it as it is written please.
Reply to topic    Frihost Forum Index -> Scripting -> Php and MySQL

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2007 Frihost, forums powered by phpBB.