Page 1 of 1

Login Page - PHP/MySql

Posted: Tue Feb 12, 2008 3:20 pm
by new2thenet
I'm a newbie, and trying to learn the basics of MySql and PHP by creating a simple login page. The code below doesn't error out, but doesn't redirect either. Just returns to this page. Any suggestions/information on -why- this is happening would be helpful for the learning process. Thanks in advance.

Code: Select all

 
if (!empty($_POST['login'])
{
  
mysql_connect('DB_PATH', 'DB_USER', 'DB_PASSW') or die(mysql_error());
mysql_select_db('DB_NAME') or die(mysql_error());
 
mysql_query('SELECT * FROM Login WHERE Username = '$_POST['username']' and Password = '$_POST['password']')or die(mysql_error());
   header("Location: hello.php");
}
 
 
 

Code: Select all

<form action="" method="POST">
Username: <input type="text" name="username"><br>
Password: <input type="password" name="password"><br>
<input type="submit" name="login" value="login">
</form>
[HTML]

Re: Login Page - PHP/MySql

Posted: Tue Feb 12, 2008 3:27 pm
by Benjamin
You've got nested single quotes. I'm surprised your not getting a syntax error. Have a look at the manual regarding string syntax.

http://us.php.net/manual/en/language.basic-syntax.php

Re: Login Page - PHP/MySql

Posted: Tue Feb 12, 2008 3:44 pm
by Zoxive

Code: Select all

// Top of PAGE
error_reporting(E_ALL);
ini_set('display_errors',true);

Code: Select all

mysql_query("SELECT * FROM Login WHERE Username = '{$_POST['username']}' and Password = '{$_POST['password']}' ")or die(mysql_error());

Re: Login Page - PHP/MySql

Posted: Wed Feb 13, 2008 10:00 am
by new2thenet
Thanks, I can see how the Select quotes were amiss. I've change the code per Zoxive to report errors and correct the syntax, but it still just returns to the page, no error, no redirect. :banghead:

Any other suggestions?

Re: Login Page - PHP/MySql

Posted: Wed Feb 13, 2008 10:08 am
by Zoxive

Code: Select all

var_dump($_POST);
I'm guessing $_POST['login'] is empty or not even set.