Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- if (isset($_POST['userpassword']))
- {
- include('db.php');
- //I have used the name passwordu instead of password in the database as well.
- $query = "SELECT * FROM users WHERE username = '".$_REQUEST['username']."' AND passwordu = '".md5($_REQUEST['userpassword'])."';";
- $result = mysql_query($query);
- if ($result){ //THIS IS WHERE I FEEL THE ERROR IS
- echo "Congratulations. You are now Logged in. You will be logged out when the Browser is closed.";
- $_SESSION['logval'] = TRUE; //Sets the User Logged in for the complete session.
- }
- else echo "Sorry, You Entered Wrong Info.";
- }
- if ( mysql_num_rows(mysql_query("some query")) == 1 ) { logged in }
- ... md5($_REQUEST['userpassword'])."';";
- ^---this one
- $query=<<<HERE
- SELECT count(*) as count form users where username=" " and password=" "
- HERE;
- $send=mysql_query($query);
- $row=mysql_fetch_assoc($send);
- $count=$row["count"];
- if($count=="0"){// not logged in}
- else if($count=="1"){//logged in}
- $query = "SELECT * FROM users WHERE username = '".$_REQUEST['username']."' AND passwordu = '".md5($_REQUEST['userpassword'])."';";
- $query = "SELECT * FROM users WHERE username == '".$_REQUEST['username']."' AND passwordu == '".md5($_REQUEST['userpassword'])."';";
- $result = mysql_query($query);
- $result = mysql_num_rows(mysql_query($query));
Add Comment
Please, Sign In to add comment