I'm working on creating a login page. I have the following code thus far:
Code: Select all
<?php
require_once('Connections/conn_my_db.php');
// *** Validate request to login to this site.
session_start();
function authenticateUser($frm_username,$frm_password)
{
$hostname = 'localhost';
$username ='myname';
$password ='mypwd123';
$dbName = 'my_db';
MYSQL_CONNECT($hostname, $username, $password) OR DIE("Unable to connect");
@MYSQL_SELECT_DB("$dbName") OR DIE("Unable to select database");
//Test the username and password parameters
if (!isset($frm_username)||!isset($frm_password))
return false;
//Get the two character salt from the username collected
$salt = substr($frm_username,0,2);
//Encrypt the password
$crypted_password=crypt($frm_password,$salt);
//Formulate SQL and find user
$query="SELECT password FROM users WHERE username='$frm_username' AND password='$crypted_password'";
//execute the query
$result = @mysql_query($query) or DIE(mysql_error());
echo ($result);
$count = mysql_num_rows($result);
echo ($count);
//exactly one row - then we have found the user
if ($count==1)
{
header("Location:login.php");
}
else
{
header("Location:orders.php");
}
}
?>Code: Select all
<?php
authenticateUser($frm_username,$frm_password);
?>Any help would be greatly appreciated.