login page does not work

Forum Moderators: coopster

Message Too Old, No Replies

6:29 am on Aug 21, 2008 (gmt 0)

I have created this login page, when I login, nothing happens.
can anyone tell me what is the problem?

<html>
<head>
<title>Login</title>
<head>
<body>

<?PHP
//Connect to database

mysql_connect("localhost", "admin", "admin") or die(mysql_error());
mysql_select_db("ueros_db") or die(mysql_error());

session_start();
$username = $_POST[‘username’];
$password = md5($_POST[‘password’]);

$query = "SELECT * FROM users WHERE (username='$username' AND password='$password')";

$result = mysql_query($query);

if (mysql_num_rows($result) != 1) {
$error = "Bad Login";
include "login.html";

} else {
$_SESSION['username'] = "$username";
print("<h3>Welcome $username !</h3>");
include "members.php";
}

</body>
</html>

6:58 am on Aug 21, 2008 (gmt 0)

Can you please try with the bracket removed from $query, i.e.
$query = "SELECT * FROM users WHERE username='$username' AND password='$password'";

7:11 am on Aug 21, 2008 (gmt 0)

echo the $query variable, copy paste the browser output in mysql console window and check if the query really works there.

7:11 am on Aug 21, 2008 (gmt 0)

$username = $_POST[‘username’];
$password = md5($_POST[‘password’]);

You need to use single quotes in the arrays. Looks like you have something else. Should be:

$username = $_POST['username'];
$password = md5($_POST['password']);

7:46 am on Aug 21, 2008 (gmt 0)

yes, I did change the quotes.

when i echo the query, I get : Resource id #3

7:50 am on Aug 21, 2008 (gmt 0)

it works now... but the part which gives error if username and password dont match, does not work.
any suggestions how should I make it?