Jon W
01-23-2008, 05:12 PM
I can't seem to get this PHP Login Script to work right. Its not doing what its suppose to be doing. When I type in a Username that is in the Database, it comes up and says: 'Invalid Username or Password'. I can't make sense of it and I don't have enough knowledge yet to know what I'm doing wrong. If someone could help me out that would be great. Thanks guys!
Jon W
<?php
if(isset($_POST['login'])) {
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string(md5($_POST['password']));
include('db.php');
$query = mysql_query("SELECT user_id, username, password, active FROM users WHERE username = '$username' AND password = '$password'") or die('Database Error: ' . mysql_error());
$row = mysql_fetch_assoc($query);
$check = mysql_num_rows($query);
if($check == 1) {
if($row['active'] == 1) {
session_register($username);
session_register($password);
header("Location: http://example.com/index.php?user_id=" . $row['user_id'] . "");
} else {
$error = "Please Activate your account before logging in.";
} } else {
$error = "Invalid Username or Password";
} }
?>
Jon W
<?php
if(isset($_POST['login'])) {
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string(md5($_POST['password']));
include('db.php');
$query = mysql_query("SELECT user_id, username, password, active FROM users WHERE username = '$username' AND password = '$password'") or die('Database Error: ' . mysql_error());
$row = mysql_fetch_assoc($query);
$check = mysql_num_rows($query);
if($check == 1) {
if($row['active'] == 1) {
session_register($username);
session_register($password);
header("Location: http://example.com/index.php?user_id=" . $row['user_id'] . "");
} else {
$error = "Please Activate your account before logging in.";
} } else {
$error = "Invalid Username or Password";
} }
?>