...

View Full Version : Help with Mysql Query



Webmonkey
08-30-2006, 09:53 AM
Hi,

I am using the script below and i keep getting : No such username . . . and the info the database is there, what could be stopping me? The connect file also works fine.

Thanks

Steven


<?php

/* ADMIN LOGIN */

echo "<title>Admin Login</title>";
include('connect.php');
if ($_POST['submit']) {
$user = $_POST['username'];
$password = $_POST['password'];
$mdpass = md5($password);
$sql1 = mysql_query("SELECT * FROM admins WHERE username = $user");
$r1 = @mysql_num_rows($sql1);
if ($r1 != 1) {
echo "No such username . . .";
die();
} else {
$sql2 = mysql_query("SELECT * FROM admins WHERE password = $mdpass AND username = $user");
$r2 = @mysql_num_rows($sql2);
if ($r2 != 1) {
echo "Incorrect Password";
die();
} else {
echo "Logged In, Thankyou.";
$_SESSION['logged'] = 1;
echo "<a href=\"index.php\">Home</a>";
}
}
} else {
// Form not submit
}

?>
<head>

<style type="text/css">
.text {
font-size:12px;
font-family:Verdana, Arial, Helvetica, sans-serif;
}
</style>
</head><div class="text">
<p>Please use the form below to login to the Admin Control Panel.</p><br />
<form name="login" action="login.php" method="post">
Username: <input type="text" name="username" /><br />
Password: <input type="password" name="pass" /><br /><br />
<input type="submit" name="submit" value="Login"><input type="reset" name="reset" />
</form></div>

Webmonkey
08-30-2006, 10:10 AM
I've Fixed it using this code:, Its becuase i change if ($res!=1) to is_object($res).



<?php

/* ADMIN LOGIN */

echo "<title>Admin Login</title>";
include('connect.php');
if ($_POST['submit']) {
$user = $_POST['username'];
$password = $_POST['password'];
$mdpass = md5($password);
$sql1 = mysql_query("SELECT * FROM admins WHERE username = $user");
$res = @mysql_num_rows($sql1);
if (is_object($res)) {
echo "$res";
echo "No such username . . .";
die();
} else {
$sql2 = mysql_query("SELECT * FROM admins WHERE password = $mdpass AND username = $user");
$r2 = @mysql_num_rows($sql2);
if (is_object($r2)) {
echo "Incorrect Password";
die();
} else {
echo "Logged In, Thankyou.";
$_SESSION['logged'] = 1;
echo "<a href=\"index.php\">Home</a>";
}
}
} else {
// Form not submit
}

?>
<head>

<style type="text/css">
.text {
font-size:12px;
font-family:Verdana, Arial, Helvetica, sans-serif;
}
</style>
</head><div class="text">
<p>Please use the form below to login to the Admin Control Panel.</p><br />
<form name="login" action="login.php" method="post">
Username: <input type="text" name="username" /><br />
Password: <input type="password" name="pass" /><br /><br />
<input type="submit" name="submit" value="Login"><input type="reset" name="reset" />
</form></div>

Fumigator
08-30-2006, 02:43 PM
You can also just test for true/false as in "if (!$res) {}" (not the C way).



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum