PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Basically I am trying to create a php website that is connected to a server and a mysql database. I am using the programming xampp to do this.
I have made a log in form and added functions so that if the user enters the incorrect password or incorrect username the website does not allow access. However it works correctly when I enter the incorrect user name the site stops access, although when trying to put the correct username and password it is coming up with the same error message.
Not sure why as it should allow me to log in correctly,any help would be greatly appreciated !
<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
if ($username&&$password)
{
$connect = mysql_connect("localhost", "root", "") or die ("could not connect");
mysql_select_db("phplogin") or die("Could not find db");
$query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrows = mysql_num_rows($query);
if ($numrows!=0)
{
while ($row = mysql_fetch_assoc($query)); //Personally I would use mysql_fetch_array
{
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
//check to see if they match
if ($username==$dbusername&&$password==$dbpassword)
{
echo"correct click here to enter the member page";
}
else
echo "Incorrect password";
}
else
die("That user does not exist");
}
else
die("Please enter username and a password");
?>
Instead of using "while" I would just define $row
I also think you kinda messed up with the $query.. Not 100% on that though. Try this.
$query = mysql_query("SELECT * FROM users WHERE username='".$username."'");
$numrows = mysql_num_rows($query);
if ($numrows > 0)
{
$row = mysql_fetch_array($query));
$dbusername = $row['username'];
$dbpassword = $row['password'];
//check to see if they match
if ($username==$dbusername&&$password==$dbpassword)
{
echo"correct click here to enter the member page";
}
else
echo "Incorrect password";
}