0

http://pastebin.com/6xbfquFz

It answers with:

ID is: .
Resulting is: 1
Redirection failed. Please redirect yourself to main website.

Redirection isn't a problem. I disabled auto-redirect so that I can see error at work.

Edited by RikTelner

2
Contributors
1
Reply
14
Views
2 Years
Discussion Span
Last Post by veedeoo
0

Can you please tell me why you need to send two mysql queries during login credentials validation?

For security reason, what these pages tell the user, when they arrived upon redirect?

header ("Location: index.php?look=login&err=nun");
header ("Location: index.php?look=login&err=npw");

these are wrong data types. Supposedly, you want 0 and 1 as an integer or numeric data type.

if ($resulting == "0")

## and
elseif ($resulting == "1")

proofs that the above will always return false if you are referring to the mysql_num_rows response.

<?php

    $x = "0";
    $y = "1";

    var_dump(is_int($x));

    echo '<br/>';

    var_dump(is_int($y));

the above will return

bool(false)
bool(false) 

which is nowhere close to either presumed returned values of either

$resulting = mysql_num_rows(mysql_query("SELECT * FROM members WHERE loginname='$post_username' and password='$post_password'"));

or

 $user_datagain = mysql_fetch_array(mysql_query("SELECT * FROM members WHERE username='$post_username' and password='$post_password'"));

Both of the queries above will return an integer that's for sure. You can read more about data-types in mysql here.

I strongly suggest that you should reconsider re-writing your script's logic construct.

Edited by veedeoo: more info added

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.