PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Hi, I am trying to perform a login check and redirect the form to index.php if the username and password are correct. Also the login page check if the fields are entered or not.
The issue is that the login check is performing but not redirecting to index.php. Also I'm not getting any error after performing the login check. Let me know if I'm making any errors in below code. Include file only contains the database details.
if(empty($errors))
{
$username=trim($_POST['username']);
$password =trim($_POST['pass']);
$query= "SELECT * FROM users WHERE username='{$username}' AND hashed_password='{$password}' ";
$result=mysql_query($query);
$result_set=mysql_fetch_array($result);
if(mysql_num_rows($result_set) == 1)
{
header('location: index.php');
exit;
}
A few things. First, you're not sanitizing your data before passing into a query. This is just asking for trouble. That aside, you seem to be taking the plaintext password from your form and passing it into a query that's expecting a hashed password, which would explain why you aren't getting any results. Finally, don't SELECT * ever. Since all you're interested in here is the number of rows returned, why not SELECT COUNT(*)?