login in code problem
Posted: Thu Feb 28, 2008 12:09 am
Hi there,
I am novice in PHP & MySQL and I'm trying to learn how to do a simple login. I'm trying to do the checking for whenever a password and a username exist or not in the database. However, there is something wrong in my code and I can't find what.
Could you please give me a hand!?
------------------------------------------------------------------------------------------------------------------------
CODE:
**** PLEASE USE THE CODE TAG *****
I am novice in PHP & MySQL and I'm trying to learn how to do a simple login. I'm trying to do the checking for whenever a password and a username exist or not in the database. However, there is something wrong in my code and I can't find what.
Could you please give me a hand!?
------------------------------------------------------------------------------------------------------------------------
CODE:
**** PLEASE USE THE CODE TAG *****
Code: Select all
<?php session_start() ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login</title>
</head>
<body>
<h2>Login</h2>
<?php
$links = "<a href='main.php'>Click here to proceed to the main page</a> <br><br>";
$links .= "<a href='logout.php'>Click here to log out.</a>";
$user = $_POST[user];
$pass = $_POST[pass];
if($user && $pass)
{
if($logged_in_user == $user)
{
echo $user . "you are already logged in.<br>";
echo $links;
exit;
}
$db =mysql_connect("localhost", "root", "1983ab") or die("Connection failed");
mysql_select_db("userlist", $db);
$result = mysql_query("select * from users where name = '" . $user . "'
and password = PASSWORD('" . $pass . "')");
if(!$result)
{
echo "Sorry, there has been a technical hitch. We cannot enter your details.";
exit;
}
if(mysql_num_rows($result) > 0)
{
$logged_in_user = $user;
$_SESSION['logged_in_user'];
echo "Welcome, " . $logged_in_user . ". <br><br>";
echo $links;
exit;
}
else
{
echo mysql_num_rows($result);
echo "Invalid login. Please, try again. <br><br>";
}
}
else if($user || $pass)
{
echo "Please fill in both fields. <br><br>";
}
?>
<form method=post action="login.php">
Your username:
<input name="user" type=text maxlength=20 size=20>
<br>
Your password:
<input name="pass" type=pasword maxlength=10 size=10>
<br>
<input type=submit value="login">
</form>
</body>
</html>