what´s the best choice!?

A

Anonymous

Guest
hello.
First i´m sory for my english i´m portuguese and for ask for a repeat (i think) subject.
I have a website and i need to make a login system for users can view information about they :)
The login is in http://www.jaf-studio.net/beta/ , and i have a mysql database whit a username and password of users.
what´s the best form to make this login to make acess in a restricted area!?
i wrote this code but have a lot of errors :D

Code: 
<?php #login.php
$ligacao=mysql_connect("localhost","jaf_Admin","") or die ("Problemas na ligação ao MYSQL");
mysql_select_db ("jaf_JAFStudio",$ligacao) or die ("Ocorreu um erro a ligar a selecioanr a base de dados");
$sql='Select * from clientes where $username==username && $password==password';
$total = mysql_num_rows($sql);
if ($total==1)
?>

incomplete!
someone help !??!?
sory for the english.
tks a lot. :help:
 
first you need to get the values of $username and $password from the form

$user = $_POST["username"];
$pass = $_POST["password"];

connect to database
$sql = your SELECT statement

$result = mysql_query($sql);
if (mysql_fetch_row($result)){ //this means the record with the matching username and password wass found
//grant access
header("Location: http://" . $_SERVER['HTTP_HOST']
. dirname($_SERVER['PHP_SELF'])
. "/" . "thepageyouwantgrantedaccess.php");
}

you are going to need sessions to keep track of who has logged in, but this is the will authenticate people
 
to restrict the login ...
best is to use a cookie
with the path parameter as "/beta/"
that would set the cookie only for that path of your domain.
 
as not all the browsers are configured to take cookies you may even use sessions...those will be delated after a browsers has been closed..
 
Ok! i understant, but i have an error ! :(

The interpretor return´s "Warning: mysql_fetch_row(): supplied argument is not a valid MySQL result resource in /home/jaf/public_html/beta/login.php on line 10"
this can be tested in same path! http://www.jaf-studio.net/beta/

Code: 
<?php #login.php

$username = $_POST["username"]; 
$password = $_POST["password"];

$ligacao=mysql_connect("localhost","jaf_Admin","") or die ("Problemas na ligação ao MYSQL");
mysql_select_db ("jaf_JAFStudio",$ligacao) or die ("Ocorreu um erro a ligar a selecioanr a base de dados");
$sql='Select * from clientes where $username==username && $password==password';
$result = mysql_query($sql);
if (mysql_fetch_row($result)){ 

header("Location: http://" . $_SERVER['HTTP_HOST']
. dirname($_SERVER['PHP_SELF'])
. "/" . "clientes.php");
} 
?>

i think the sql is wrong ! right?

i´m thinking and what i can do for if the login is incorret apers "bad login" a return

sory for my english again ! :?
Tks a lot
 
Yes, the error is because your query isn't returning any rows. You should always check to make sure your query has returned rows before you try to fetch the rows. Anyway, here's how your query ought to look:

Code: 
SELECT columns FROM clientes WHERE username = $username AND password = $password;

MySQL does not use the double-equals (==) for equality, it uses a single equals (=). Also, though it doesn't really matter, conventionally the field name before the value in WHERE clauses, e.g. "WHERE username = $username" rather than "WHERE $username = username". And lastly, you can use either "AND" or "&&" for logical AND, but personally I prefer "AND".
 
You must log in or register to reply here.
Back
Top