Member Avatar for Kurt_3

I'm having this kind of error tho I already fixed the old issue but still i dont know why I am getting this error. Please be reminded that I am currently newbie ug PHP and I am self studying

<?php

session_start();

$con = mysqli_connect('localhost',);

mysqli_select_db($con, 'user');;

$s = "select * from username where same = '$username' && password = '$password'";

$result = mysqli_query($con, $s);
$num = mysqli_num_rows($result);

if($num == 1)
{
    $_SESSION['username'] = $username;
    header('location:home.php');
}else
{
    header('location:login.php');
}

?>
  • 2 Contributors
  • 1 Reply
  • 16 Views
  • 6 Hours Discussion Span
  • Latest Post Latest Post by rproffitt
Member Avatar for rproffitt

This is a good failure. Why? Passwords should never be stored like this. Here's the google kicking that old design to the curb.
https://www.google.com/search?&q=never+store+passwords+in+a+database

Code and more about logins, encrypted passwords, salt and more are just a little research away. Here I won't get into that but note it's a very good thing this failed since someone will point out what a bad idea this was.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.