websitestarter Posted May 11, 2013 Share Posted May 11, 2013 (edited) though i <?php session_start(); require "database.php"; $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $enc_password = md5($password); if($username&&$password) { $query = mysql_query("SELECT * FROM users WHERE username='$username'"); $numrow = mysql_num_rows($query); if($numrow!=0) { while($row = mysql_fetch_assoc($query)) { $db_username = $row['username']; $db_password = $row['password']; } if($username==$db_username&&$enc_password==$db_password) { //echo "Logged in <a href='members.php'>Click here to enter the members area</a>"; $_SESSION['username']=$db_username; header("location: members.php"); } else { header("location: index.php?error=Incorrect Password"); } } else { header("location: index.php?error=That user doesn't exist"); } } else { header("location: index.php?error=All fields are required"); } ?> btw database.php is database connect if you have the file and database.php is <?php mysql_connect("host","usernmae","password") or die ("Couldnt connect to database"); mysql_select_db("") or die ("Couldnt find database"); ?> Edited May 11, 2013 by Dominion multiple posts Quote Link to comment Share on other sites More sharing options...
websitestarter Posted May 11, 2013 Author Share Posted May 11, 2013 <?php mysql_connect("host","usernmae","password") or die ("Couldnt connect to database"); mysql_select_db("") or die ("Couldnt find database"); ?> Quote Link to comment Share on other sites More sharing options...
Guest Posted May 11, 2013 Share Posted May 11, 2013 Use urlencode for strings on the header, and use isset() to check if the user actually is set otherwise it will just through errors. MD5 is pointless, look into PHPass, or some other form of encryption. Quote Link to comment Share on other sites More sharing options...
lightning Posted May 11, 2013 Share Posted May 11, 2013 (edited) ...,,,,,,,,,,,,,,,,,,, Edited May 11, 2013 by lightning ,,, Quote Link to comment Share on other sites More sharing options...
lightning Posted May 11, 2013 Share Posted May 11, 2013 (edited) ....................... Edited May 11, 2013 by lightning ............ Quote Link to comment Share on other sites More sharing options...
Nemesiidae Posted May 27, 2013 Share Posted May 27, 2013 <?php mysql_connect("host","usernmae","password") or die ("Couldnt connect to database"); mysql_select_db("") or die ("Couldnt find database"); ?> Might want to change "usernmae" to "username". ;) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.