I've written lines of code on my 'logincheck.php' page that will first check if valid data has been entered on the login page. If valid username and password are entered, the user is redirected to a page 'welcome.php' or else warnings are shown to the user, such as "Username does not exist", "Please Enter Password".
Everything works fine except if a valid username and an invalid password have been entered. My code issues a warning for the following cases: if nothing is entered in either field, if an invalid username is entered, if an invalid username and invalid password are entered, if valid username and no password is entered. But if i input a valid username and an invalid password, nothing happens - i see a blank page...
Code: Select all
$username=mysql_real_escape_string($_POST['username']);
$password=mysql_real_escape_string($_POST['password']);
$query = "SELECT username, password, first_name, last_name FROM users WHERE username='$username'";
$result = @mysql_query ($query);
$row = mysql_fetch_array ($result);
if(strlen($username) > 0){
if ($row) {
$username = stripslashes($username);
}
else
{$msg=$msg."Please Enter Valid Username<BR>";}
}
else{
$msg=$msg."Please Enter Username<BR>";
$status= "NOTOK";
}
if(strlen($password) > 0){
if ($password == $row[1]) {
$passworddec = stripslashes($password);
}
else
{$msg=$msg."Please Enter Valid Password<BR>";}
}
else{
$msg=$msg."Please Enter Password<BR>";
$status= "NOTOK";
}