0
<?php

		$db=mysql_connect('localhost','root','') or die('Cannot connect to MySQL!');			
		@mysql_select_db('dbriomra')or die('Cannot connect to database');
		
		
		// Retrieve username and password from database according to user's input
		
		$login = mysql_query("SELECT * FROM login WHERE (username = '" . mysql_real_escape_string($_POST['compid']) . "') and (password = '" . mysql_real_escape_string($_POST['pword']) . "')");

		// Check username and password match
		if (mysql_num_rows($login) == 1) {
        // Set username session variable
        $_SESSION['username'] = $_POST['compid'];
        // Jump to secured page
        header('Location: employee.php'); // kung anong file.php mag ffall ung user pag valid ung log in procedures nya.
}
else {
       
        // Jump to secured page
        //header('Location: index.php'); //homepage mo pag invalid
}

?>

i want to put a restriction, like, invalid username and password, but i don't know how, im new in php. thank you :)

3
Contributors
3
Replies
4
Views
5 Years
Discussion Span
Last Post by shielaolid
0

That's goes in your 'else' part.
You can send back to index.php with a querystring like:

index.php?login=fail

or something similar. The index page picks up the $_GET value if set.

0

As ardav said you can use the $_GET method...
If you do not want to use this method, use the other method.
In this method, you will have to place the above code on the login page and use the request type method i.e.

if($_SERVER['REQUEST_METHOD'] == 'POST')
{

}

...

Try this...

<?php
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
		$db=mysql_connect('localhost','root','') or die('Cannot connect to MySQL!');
		@mysql_select_db('dbriomra')or die('Cannot connect to database');
 
 
		// Retrieve username and password from database according to user's input
 
		$login = mysql_query("SELECT * FROM login WHERE (username = '" . mysql_real_escape_string($_POST['compid']) . "') and (password = '" . mysql_real_escape_string($_POST['pword']) . "')");
 
		// Check username and password match
		if (mysql_num_rows($login) == 1) {
        // Set username session variable
        $_SESSION['username'] = $_POST['compid'];
        // Jump to secured page
        header('Location: employee.php'); // kung anong file.php mag ffall ung user pag valid ung log in procedures nya.
}
else {
$message = "Invalid username or password"; 
}
} else {
$message = "";
}
echo "$message";
?>
This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.