Posted: Sun Jun 18, 2006 2:51 pm
This isn't cheap enough for you?4Boredom wrote:anyone know where I can go for cheap tech support for this? I can pay just not like 100 an hour like some will charge hehe im a college kid
Ok, look. I haven't read through the entire thread, but can you verify:
- You've read at least this Tutorial at MySQL.com and have some basic understanding of how MySQL works.
- In conjunction with the above, you have a valid MySQL account and can connect with it through the 'mysql' command line utility (or phpMyAdmin)
- You have setup a database table named `users`.
- You have modified the 'db.php' script to use your MySQL username, password and database, and that the host (server) that MySQL is running on is set as $dbhost ('localhost' if it's on the same machine)
- You have changed the SQL statement as Everah suggests.
- You've read at least part of the PHP manual section on MySQL.
Also, please use the PHP formatting tags when posting PHP code!!!
I'm assuming these scripts were either public domain or written for you since you're having so much trouble getting them together. Not to knock anybody, but they are a bit amateurish and will definitely leave you open to some security issues if left as-is. For example, the script uses stripslashes() to remove any slashes in the incoming data, and then never escapes the data when inserting to the database. Also, it would appear as though your login script will let anybody in at this point. I'm assuming the same lack of validation and escaping data.