help with this code????

A

Anonymous

Guest
i am trying to make a little login facility, but i'm stuck...any 1 help???

code:
Code: 
<?

//get the variable name
$username = $_POST['name'];

//get the variable password
$password = $_POST['password'];

	
	include ("connect.php");
	
	$query = "SELECT * FROM staff WHERE `username` = 'kumark2' AND `password` = 'kapil'";
	

	$result = mysql_query($query); 
	$num = mysql_numrows($result);
	mysql_close(); 
			
	
	$i=0;
	while ($i < $num)
	{
	$user=mysql_result($result,$i,"username");
	$pass=mysql_result($result,$i,"password");
	$staff=mysql_result($result,$i,"staff");
	$surname=mysql_result($result,$i,"surname");
	
	if ($user == $username)
		{
		echo "chiller";
		}
			else
			{
			echo "boring";
			}
		$i++;

	}

?>
The POST method and the include are working fine.

The output is always boring

HELP????
 
k4pil, please use code tags next time!

I saw instantly an error in your code and i bet you didn't knew it. mysql_numrows(). It is mysql_num_rows().
I suggest you to always use an error reporting. You have PHPs error_reporting() function. Using error_reporting(E_ALL) in your code will keep you informed about every little error, this way you can keep your code clean.

Here is you code with some changes, please give it a try:
Code: 
<?php

error_reporting(E_ALL);
include('connect.php');


// submit here is the name of your form submit button
if(isset($_POST['submit'])) {
     // get the variable name
     $username = $_POST['name'];

     //get the variable password
     $password = $_POST['password'];
}

// I am using MySQL MD5, for a better protection of the users password
// So they must be stored as MD5 hash or this wont work.

// You can also use in the above line: $password = md5($_POST['password']);
// And than remove the Mysql md5 function below.

$result = mysql_query("SELECT * FROM staff WHERE username= 'kumark2' AND password=MD5('kapil')");
$num = mysql_num_rows($result);

// This is kindly unnecessary as the database connection will be finished when the script ends.
// mysql_close();

if(mysql_num_rows($result) == 0) {
    print 'Login error !';
    die();
}

$arr = mysql_fetch_array($result);
print 'Welcome back ' . $arr['surname'] . '!';
// And so on...

?>
That is the idea!
 
You must log in or register to reply here.
Back
Top