04-25-2006, 01:20 PM
im trying to get sessions to work for my login page
so far ive come up with the following query:

$user_name = $_POST["user_name"];
$password = $_POST["password"];

$query = "SELECT * FROM customers WHERE $user_name='$_POST[user_name]' AND $password='$_POST[password]'";
$result = mysql_query($query, $connection) or die(mysql_error());
$row = mysql_fetch_array($result, MYSQL_ASSOC);
//if ($u_user_id == $row['user_name'] AND $u_password == $row['password']){

if($result=="1") {
$_SESSION[$user_name]=$_POST[user_name] && $_SESSION[$password]=$_POST[password]; echo "Hello $_SESSION[$user_name], you're logged in";

else { echo "Thou art imposter!";

but it dont even let me log anyone in at the moment.
my login page works fine wen i wasnt trying to include sessions but now ive changed it to include sessions it doesnt work
i get the error:

Unknown column 'pv22' in 'where clause'

pv22 should be the password that should be accepted

04-25-2006, 01:28 PM
Are you sure you want to do this

$user_name = $_POST["user_name"];
$password = $_POST["password"];

$query = "SELECT * FROM customers WHERE $user_name='$_POST[user_name]' AND $password='$_POST[password]'";

becuase all that will do is return everything from customers because $user_name has been set to $user_name

so basically if the user name is set to MRMAN and password to 12341234. this is what the mysql statment will look like

$query = "SELECT * FROM customers WHERE MRMAN='MRMAM' AND 12341234='12341234'";

i think you might want to do this

$user_name = $_POST["user_name"];
$password = $_POST["password"];

$query = "SELECT * FROM customers WHERE user_name='$user_name' AND password='$password'";

04-25-2006, 03:32 PM
lol ok thanks but it still wont let me login with correct details

04-25-2006, 03:39 PM
try this

if(mysql_num_rows($result)=="1") {
$_SESSION[user_name]=$_POST[user_name] && $_SESSION[password]=$_POST[password];
echo "Hello $_SESSION[user_name], you're logged in";

else { echo "Thou art imposter!"; }

04-25-2006, 03:47 PM
ur a genius!! thank you so much!
it works!!

