----Query was empty---
at
---$sql="SELECT * FROM users WHERE username='$username' AND password='$password'";
$result=@mysql_query($sql) or die(mysql_error()); ---
<html>
<body>
<form action="login.php" method="post">
<div>
<table width="100%">
<tr>
<td><img src="Logofinalcopy.gif"></td>
</tr>
<tr>
<td bgcolor="aqua"><h2>Login</h2></td>
</tr></table>
<table align="right" style="width:40%">
<br>
<tr>
<td>username:</td>
<td><input type="text" name="username"></td>
</tr>
<tr>
<td>password:</td>
<td><input type="password" name="password"></td>
</tr>
<tr>
<td align="CENTER" COLSPAN="4">
<input TYPE="SUBMIT" name="submit" value="Login">
<input TYPE="reset" name="submit" value="clear"></td>
</tr>
</table>
</div>
</form>
</body>
</html>
<?php
if(isset($_POST['submit']))
{
$con = @mysql_connect("10.70.1.50","invensis","invensis");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
$con_db=@mysql_select_db("database_myproject",$con);
if (!$con)
{
die('Could not connect DB: ' . mysql_error());
}
$username=$_POST['username'];
$password=$_POST['password'];
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$flag="OK";
$msg="";
if(strlen($username) < 1)
{
$msg=$msg."Please enter the username<br>";
$flag="NOTOK";
}
if(strlen($password) < 1)
{
$msg=$msg."Please enter the password<br>";
$flag="NOTOK";
}
if($flag <>"OK")
{
echo "<strong style='color:#FF3333'>"."<left >Please enter Username or Password </left>"."</strong>";
}
else
{
$sql="SELECT * FROM users WHERE username='$username' AND password='$password'";
$result=@mysql_query($sql) or die(mysql_error());
$count= mysql_num_rows($result);
echo "$count";
if($count==1)
{
$sql = mysql_query("SELECT role FROM users WHERE username='$username' AND password='$password'");
while($info = @mysql_fetch_array($sql))
{
if($info['role']=='Super Admin')
{
@header('location: [url]http://localhost/Project/Superadmin.php');[/url]
}
else if($info['role']=='Admin')
{
@header('location: [url]http://localhost/Project/Admin.php');[/url]
}
else if($info['role']=='User')
{
@header("location: http://localhost/Project/User.php");
}
}
}
else
{
echo "<strong style='color:#FF3333'>Incorrect User Name OR Password</strong>";
}
}
}
?>
niths
-1
Posting Whiz in Training
Recommended Answers
Jump to Posthi
Your query will come like
"$sql="SELECT * FROM users WHERE username='".$username."' AND password='".$password."'";
Please try with this one and let me know if still any problem comes
All 3 Replies
phpuser
1
Junior Poster in Training
hi
Your query will come like
"$sql="SELECT * FROM users WHERE username='".$username."' AND password='".$password."'";
Please try with this one and let me know if still any problem comes
scmsimplybest
0
Newbie Poster
Hiiee
Use This Query
$sql="SELECT * FROM users WHERE username="'.$username.'" AND password="'.$password.'" ";InStead Of This
$sql="SELECT * FROM users WHERE username='$username' AND password='$password'";Check & Let Me Know If U Find Anything Else.
Do It For All Queries In Ur File. That Will Work.
Thanks.
ScmSimplyBest
phpuser
1
Junior Poster in Training
Do one thing ,
echo you $sql variable in your script then write die(); so when you run code you will see that query only.
Now take that query and run it in PHPMYADMIN and check is it right or your get result from same ??
may be you can get some idea wheres the problem is ?
Best luck..
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.