0

Hello, i have a login page for home i have created a database and connected my database to it. My code is:

LOGIN.PHP

<!DOCTYPE html>

<html lang='en'>
<head>
    <meta charset="UTF-8" /> 
    <title>
        HTML Document Structure
    </title>
    <link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>

<div id="wrapper">

    <form name="login-form" class="login-form" action="check_user.php" method="post">

        <div class="header">
        <h1>Login Form</h1>
        <span>Fill out the form below to login to my super awesome imaginary control panel.</span>
        </div>

        <div class="content">
        <input name="username" type="text" class="input username" placeholder="Username" />
        <div class="user-icon"></div>
        <input name="password" type="password" class="input password" placeholder="Password" />
        <div class="pass-icon"></div>     
        </div>

        <div class="footer">
        <input type="submit" name="submit" value="Login" class="button" />
        <input type="submit" name="submit" value="Register" class="register" />
        </div>

    </form>

</div>
<div class="gradient"></div>


</body>
</html>

CHECK_USER.php

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login Credentials</title>
</head>

<body>
<?php
session_start();
$connection = mysql_connect('localhost','root','');
if(!$connection){
    die("Database Connection Failed". mysql_error());
    }
$select_db = mysql_select_db('hamdard_attendance');
if(!$select_db){
    die("Database Connection Failed" . mysql_error());
    }

if(isset($_POST['username']) && isset($_POST['password'])){
$username = $_POST['username'];
$password = $_POST['password'];

$query_one = "SELECT * FROM 'users' WHERE 'username' = $username AND 'password' = $password";
$result = mysql_query($query_one) or die(mysql_error());
$count = mysql_num_rows($result);

if ($count == 1){
$_SESSION['username'] = $username;
}else{
echo "Invalid Login Credentials.";
}
}
if (isset($_SESSION['username'])){
$username = $_SESSION['username'];
echo "Hai " . $username . "
";
echo "This is the Members Area";
}


?>
</body>
</html>

I am having the following error.

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''users' WHERE 'username' = jerry AND 'password' = 12345' at line 1

Can someone please help me out regarding this?

3
Contributors
3
Replies
23
Views
3 Years
Discussion Span
Last Post by engrjd91
-1

Try this:

$query_one = "SELECT * FROM 'users' WHERE 'username' = '".$username."' AND 'password' = '".$password."'";

Edited by pritaeas: Added markdown.

1

@lps: The single quotes around the table and column names are wrong. Either remove them or use backticks.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.