PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
I been designing a login page, and have been trying to get the code to check if firstly the username exists and then if it does check if the inputted password matches the password in the same record as the username.
I tried my best from what i know, but im out of ideas on how to get it to work... this is what i have:
I believe you want $getUSR->Username to be $getUSERNAME->Username, and similar for $getPSW.
Also, filter user input. The script you have allows SQL injection to be easily accomplished! Don't put any direct $_GET or $_POST value straight into a SQL query.
i tried sql injection prevention using string escape function, but it screwed it up. Ill put it back in and see if any thing occurs with your added info you provided. will keep you informed.
This is what i have now, i tried putting in wrong passwords and usernames and clicked submit and it cleared the boxes and no errors like "username or password is incorrect" so thats not working. Also when i put valid username and password it doesn't redirect to the success.php page either.
How are you sending the data to the script? Post or get? The $_GET global is only used for data items passed directly in the URL (IE: mypage.php?foo=bar), $_POST is used for data items sent "hidden" via the post method.
You have both $_GET and $_POST, if you're sending them via $_GET, it should work fine. Otherwise, you need to replace the $_GET['Username'] with your previously set variable of $Username (has the value of $_POST['Username']), and likewise for the password.