hi all:

i am trying to use this code to login to members area but everytime i try to login with a registered user it redirects to the registration page please help.

below is the code:

<?php
session_start();
$uname="root";
$pword="";
$host="localhost";
$database="spl";

$Username=$_POST['Username'];
$Password = MD5($_POST['Password']);

$_SESSION['Username']=$Username;

mysql_connect("$host", "$uname", "$pword")or die("cannot connect");
mysql_select_db("$database")or die("cannot select DB");

$checkUsername=mysql_query("select Username, Password from registration where Username='Username' and Password='Password'");

$Username_exist=mysql_num_rows ('$checkUsername');

if ($Username_exist>0)
{
    header("location:indexma.php");
}
else 
{
    echo "not registered";
    header("location:register.php");
}
?>

and also how do i destroy a session please help ASAP. thank you

Recommended Answers

The trouble could be in your query on line 16 where you should use the variables (but you probably only forgot the $ sign). The correct query would be:

$checkUsername=mysql_query("select Username, Password from registration where Username='$Username' and Password='$Password'");
Jump to Post

get rid of the ' ' around $checkUsername

There should only be 1 result if the user/pass combo exists. No one will have the same username, right? So change line 20 to:

if($Username_exists == 1) {
 header("Location: indexma.php");
 exit();//all header redirects need to kill the script or …
Jump to Post

destroying a session:

$_SESSION['PHPSESSID'] = '';
session_destroy();

as for your problem, on line 16 add:

or die(mysql_error()); and see if your sql is failing.

EDIT: changed cookie name. Spelling error :(

Jump to Post

youre sure that the user and the hashed password exist in the database?

Jump to Post

line 19, write:

echo "Username_exists"; exit();

What number is there?

Jump to Post

All 19 Replies

The trouble could be in your query on line 16 where you should use the variables (but you probably only forgot the $ sign). The correct query would be:

$checkUsername=mysql_query("select Username, Password from registration where Username='$Username' and Password='$Password'");

get rid of the ' ' around $checkUsername

There should only be 1 result if the user/pass combo exists. No one will have the same username, right? So change line 20 to:

if($Username_exists == 1) {
 header("Location: indexma.php");
 exit();//all header redirects need to kill the script or it will continue to run even after a redirect
}
else {
 //echo will not ever be seen, and it should in fact raise an error if something is output before a header change
 header("Location: register.php");
 exit();//same dealy here
}

EDIT: The above is very possible, as well. But I would encourage my changes as well.

broj1 thank you for the help but yet having the same problem :( pls help

ryantroop nop still the same

destroying a session:

$_SESSION['PHPSESSID'] = '';
session_destroy();

as for your problem, on line 16 add:

or die(mysql_error()); and see if your sql is failing.

EDIT: changed cookie name. Spelling error :(

ryantroop pls help i added that code and nothin please

youre sure that the user and the hashed password exist in the database?

line 19, write:

echo "Username_exists"; exit();

What number is there?

Let's debug the query first. Put this on line 17 and post the output:

die("select Username, Password from registration where Username='$Username' and Password='$Password'");

( ! ) Warning: mysql_num_rows() expects parameter 1 to be resource, string given in C:\wamp\www\Shivam1\login1.php on line 16
Call Stack
#   Time    Memory  Function    Location
1   0.0005  374144  {main}( )   ..\login1.php:0
2   0.0033  382864  mysql_num_rows ( )  ..\login1.php:16
select Username, Password from registration where Username='mo' and Password='30822eb8a7af334741f6867927a8c38f'

on line 18 you took out the single quotes, yes?

Maybe you post the last version of the code since so many suggestions came in.

i was in class any way no the form action is login1.php

ryantroop the code below doesnt work
echo "Username_exists"; exit();

$checkUsername=mysql_query("select Username, Password from registration where Username='$Username' and Password='$Password'");

youre code is correct i hope you just forget tu put $ ... :))

i did try the $ sign but yet no luck so thats not a problem

my mistake, I forgot $ this time...

echo "$Username_exists"; exit();

Your answer should be a 1 or a 0

Nope yet not working

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.