help please once again... my login page was working just fine when one morning it just stopped to function. now i have tried to fix it, buy changing some of the logic and also recreating the database.
now the point i have reached is that when the user enters his correct user name and correct password , the user is allowed access, but if the user gives a totally wrong username and password the access is denied. the problem now comes. when the user enters the correct user name but the wrong password he still is granted access. now i cant fix this problem.
by being granted access i mean the word hello is displayed, and by not allowed i mean the word no is displayed.
this happens when i replace
include 'config.php';
$connect=mysql_connect($hostname, $username, $password);
with
$connect=mysql_connect(hostnamevalue, usernamevalue, passwordvalue);but if use the former one the user does not login at all. is the problem that i have used the session names and also the config.php variables of the same names, but i changed them and tried i couldnt login at all.
<?php
session_start();
$_SESSION['username']=$_POST['user'];
$_SESSION['password']=$_POST['pass'];
$_SESSION['authuser1']=0;
include 'config.php';
$connect=mysql_connect($hostname, $username, $password);
mysql_select_db("worldofp_blog1")
or die(mysql_error());
$get="SELECT user_name, pass_word
From user
WHERE user_name = '" . $_SESSION['username'] . "'
ORDER BY user_name";
$results=mysql_query($get)
or die(mysql_error());
$get1="SELECT user_name, pass_word
From user
WHERE pass_word = '" . $_SESSION['password'] . "'
ORDER BY user_name";
$result=mysql_query($get1)
or die(mysql_error());
$row=mysql_fetch_array($results, $result);
$authuser= $row['user_name'];
$authpass= $row['pass_word'];
if($authuser and $authpass)
{
echo "hello";
$_SESSION['authuser1']==1;
}
else
{
echo "no";
$_SESSION['authuser1']==0;
}
?>