Member Avatar for CzechRock3

Im writing a website, but when one goes to login it is not detecting the username/password

the code i used follows(I just started learning yesterday... so im kinda lost as to why its not working).

<?php
	session_start();
	
	$errorMessage = '';
	if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) {
	   	$host="localhost"; 
		$username="falconnest_forumuser"; 
		$password="qazasdedc"; 
		$db_name="falconnest_forum"; 
		$tbl_name="tbl_auth_user";
		
		mysql_connect("$host", "$username", "$password")or die("cannot connect");
		mysql_select_db("$db_name")or die("cannot select DB");
	
	   	$userId = $_POST['txtUserId'];
	   	$password = $_POST['txtPassword'];
	
	   	$sql = "SELECT user_id FROM $tbl_name WHERE user_id = '$userId' AND user_password = PASSWORD('$password')";
	
	   	$result = mysql_query($sql) or die('Query failed. ' . mysql_error());
	
		if (mysql_num_rows($result) == 1) {
			  	$_SESSION['db_is_logged_in'] = true;
			  
			  	header('Location: /forum/');
			  	exit;
		} else {
			  	$errorMessage = 'Sorry, wrong user id / password';
		}
	}
	mysql_close();
?>
  • 2 Contributors
  • 2 Replies
  • 154 Views
  • 1 Day Discussion Span
  • Latest Post Latest Post by CzechRock3
Member Avatar for Designer_101

give this a try:

<?php
session_start();


$errorMessage = '';
if (isset($_POST) && isset($_POST)) {
$host="localhost";
$username="falconnest_forumuser";
$password="qazasdedc";
$db_name="falconnest_forum";
$tbl_name="tbl_auth_user";


mysql_connect($host, $username, $password)or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");


$userId = $_POST;
$password = $_POST;


$sql = "SELECT user_id FROM $tbl_name WHERE user_id = '$userId' AND user_password = '$password'";


$result = mysql_query($sql) or die('Query failed. ' . mysql_error());


if (mysql_num_rows($result) == 1) {
$_SESSION = true;


echo "you are logged in!";
exit;
} else {
$errorMessage = 'Sorry, wrong user id / password';
$_SESSION = false;
};
else {
echo "Please log in";
}


?>

remember "session_start()" should be before any content and i dont think headers will word unless its before anything desplayed on the browser.
Hope this helps

Edited by happygeek because: fixed formatting
Member Avatar for CzechRock3

Yah it worked changing PASSWORD('$password')"; to '$password'";

Thank you so much I spent three days on it :P

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.