Code: Select all
if (isset($_POST['[b]username[/b]']) && isset($_POST['[b]userpass[/b]'])){
$link = mysql_connect('mysql_host', 'mysql_user', 'mysql_password');
$uname = strip_tags($_POST['[b]username[/b]'];
$upass = strip_tags($_POST['[b]userpass[/b]'];
if(!is_resource($link)) {
echo "Failed to connect to the server\n";
}
else {
$query = sprintf("[b]query goes here, remembering to end it with -- and enclose php vars in { }[/b]",
mysql_real_escape_string($uname, $link),
mysql_real_escape_string($upass, $link));
mysql_query($query, $link);
if (mysql_affected_rows($link) > 0) {
echo "[b]do all the login stuff here now[/b]";
}
else {
echo "[b]the user has input incorrect details[/b]";
}
}
}
else {
echo "[b]user hasn't filled in all the inputs[/b]";
}## EDIT: Just added an extra ) on line 13, forgot to close the sprintf function! ##