0

i cant see an error

<?PHP

session_start();

if (isset($_POST['Submit'])) {

	$email = $_POST['email'];
	$password = $_POST['password'];
	
	if (isset($email) && isset($password)) {

	$handle = mysql_connect("localhost","root","");
		mysql_select_db("man_of_honor");
		

		$safe_email = sql_safe($email,$handle);
		$safe_password = md5(sql_safe($password,$handle));
	
		
		$login_query = "SELECT * 
						FROM moh_members 
						WHERE email = '".$safe_email."' AND password = '".$safe_passwd."'";
							
		$result = mysql_query($login_query);
		$num_rows = mysql_num_rows($result);
		
		if ($num_rows == 1) {
			 // Login Valid
			
			$resultArr = mysql_fetch_array($result);
			$username = $resultArr['username'];
			$_SESSION['user'] = $username;
			
			mysql_query("UPDATE moh_members SET active = '1' WHERE username = '".$_SESSION['user']."'");
			
			$active = $resultArr['active'];
			$_SESSION['user'] = $active;
			
			header("location: member_area.php");
			
		} else {

			if ($num_rows > 1) {
				// Multi-Accounts
			} elseif ($num_rows == 0) {
				// No User Exists
				header("location: index.php");
				alert("No User With These Credentials Exists");
				
			}
		}
	}
}

function sql_safe($str,$lnk) {
	return mysql_real_escape_string(trim($str),$lnk);
}

function alert($str) {
	echo "<script type='text/javascript'>alert('".$str."');</script>";
}

?>
3
Contributors
3
Replies
4
Views
8 Years
Discussion Span
Last Post by superchris
0

proof read looking for what
what errors is it kicking
what is the table structure its supposed to be accessing

what are you intending to do if $num_rows > 1

0

it makes it all the way to the part where it cannot find any users with these credentials and therefore nobody gets logged in

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.