Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // http://answers.yahoo.com/question/index?qid=20130602133558AAn5syI
- session_start();
- $server ="localhost";
- $username ="root";
- $password ="spenck23";
- $database ="user_accounts";
- $connect = mysqli_connect($server, $username, $password, $database) or die("cannot connect");
- function __post($name){
- $var = ((isset($_POST[$name]))? trim($_POST[$name]) : '');
- return mysqli_real_escape_string( stripslashes( $var ) );
- }
- $username = __post('username');
- $password = __post('password');
- // Missing Closing Quotes (") on the statement below.
- // Only return one column, saves resources.
- // Matching the username and password in MySQL, frees you from doing the checks in PHP.
- // LIMIT 1, stop searching once a match is found. No need to return multiple rows.
- $result = mysqli_query($connect,"SELECT username FROM users WHERE username='$username' && password='$password' LIMIT 1");
- if( !$result ){
- // Query Failed/Errored Display error message
- echo '<h3>MySQL Query Error</h3>';
- echo '<p>' . mysqli_error( $connect ) . '</p>';
- exit;
- }else if( mysqli_num_rows( $result) === 1){ // One row returned = one match found
- // session_register() is depracated, stop using it.
- $_SESSION['username'] = $username;
- // Although no need to keep the password
- $_SESSION['password'] = $password;
- // header('location: login_success.php');
- // Why are you sending the user somewhere when there
- // is still data to display.
- echo '<p>Hello ' . $username . ', you have been logged in successfully.</p>';
- }else{
- echo '<h3>Login Error</h3>';
- echo '<p>Username/Password combo is incorrect.</p>';
- exit;
- }
- // Tip: When PHP tells you the error is on one line, typically it is a line directly above that line
- // or within a couple. I would suggest using a text editor with code highlighting. It will save you
- // time looking for certain errors. ( http://notepad-plus-plus.org )
- $result = mysqli_query($connect,"SELECT * FROM notes");
- // Again Check if query was successfull.
- if( !$result ){
- // Query Failed/Errored Display error message
- echo '<h3>MySQL Query Error</h3>';
- echo '<p>' . mysqli_error( $connect ) . '</p>';
- exit;
- }else if( mysqli_num_rows( $result) === 0){ // Query Was successfull, but no notes to display
- echo '<h3>Query Successfull</h3>';
- echo '<p>There are currently no Notes in the database.</p>';
- }else{ // Query Successful and at least one row of notes was returned.
- echo '<h3>Notes</h3>';
- while($row = mysqli_fetch_array($result)){
- echo $row['username'];
- echo "<br>";
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement