login help
Posted: Sat May 20, 2006 11:16 am
Hi im trying to write a script which lets users log in. It validates users against a database of users, I want to be able to take variables posted from a form, search for something like:
The way I anticipate it working is searching for the user in the table of the username they enter, then getting the password to mathc and checking it against the one they entered. It doesnt seem to work though, it says stuff about error in SQL syntax, I believe the problem is here.
Hope someone can help, Thanks in advance, Tom
Code: Select all
$user = $_POST['login_username'];
$query = "select * from users where user = $user";
$result = mysql_query($query) or die(mysql_error());
$row = mysql_fetch_array($result) or die(mysql_error());
if($_POST['login_username'] == $row['user'] && $_POST['login_password'] == $row['pass'])
{
//login correct
echo "Thanks ".$row['usr']." for logging in";
$_SESSION['logged_in'] = "YES";
} elseif($_POST['login_password']) {
//login incorrect
echo 'Incorrect login '.$_POST['login_username'];
}Hope someone can help, Thanks in advance, Tom