I'm working on a login script in php; this is the script:
Code: Select all
<html>
<head>
</head>
<body>
<?php
$uname=$_POST["username"];
$tpass=sha1($_POST["password"]);
$connection = mysql_connect ("localhost", "root");
if (!$connection)
{
die ('Could not connect: ' . mysql_error());
}
mysql_select_db("cms", $connection);
$select = "SELECT * FROM users
WHERE name='$uname' and password='$tpass')";
mysql_query($select);
if($select = 0)
{
print "Not logged in :(";
}
else
{
print "Logged in!";
}
?>
</body>
</html>$tpass is the encrypted version of the password entered upon login which has to be confronted with the one stored in database. What I want it to do is to search in the database until a record in which name=$uname and password=$tpass and if that is true print "Logged in" otherwise print "not logged in" however it always prints logged in... any ideas?