was trying to make login. wanted to make the query to get details off sql safer and used sprintf but it does not work.
the code is as follow:
<?php session_start(); include('db.php'); if(isset($_POST['submit'])) : // Username and password sent from signup form //stripping $username = strip_tags($_POST['username']); $password = sha1(strip_tags($_POST['password'])); // Making query safer $query = sprintf("SELECT ID FROM members WHERE username = '%s' AND user_password = '%s' LIMIT 1;", mysql_real_escape_string($username), mysql_real_escape_string($password)); $result = mysql_query($query); if(1 != mysql_num_rows($result)) : // MySQL returned zero rows (or there's something wrong with the query) echo "Login failed"; else : // We found the row that we were looking for $row = mysql_fetch_assoc($result); // Register the user ID for further use $_SESSION['member_ID'] = $row['ID']; header('Location: members-only.php'); endif; endif; ?>
I entered the login details i stored in mysql but get 'Login failed' no matter wat i enter in the login form.
Any help would be appreciated.