AHendersonWebDe
03-27-2008, 02:00 PM
Dear Expert
Im trying to create a session where the user's username and password are stored.
im trying to login yet i receive my message "could not log u in"
Can u review my code for error? thanks
<?php
session_start();
if (isset($_POST['userid']) && isset($_POST['password']))
{
// if the user has just tried to log in
$userid = $_POST['userid'];
$password = $_POST['password'];
//changes the location of the @ symbol
$db = @mysql_connect('localhost', 'username', 'pw');
//select the DB here
mysql_select_db('database', $db);
if (mysql_error())
{
echo 'Error: Could not connect to database. Please try again later.';
exit;
}
$query = 'select * from authorised_users '
."where name='$userid' "
." and password=sha1('$password')";
// $result = $db_conn->query($query);
//changed this to mysql_query
$result = mysql_query($query);
if ($result)
{
// if they are in the database register the user id
$_SESSION['valid_user'] = $userid;
}
//$db_conn->close();
// mysql_close()
}
?>
<html>
<body>
<h1>Home page</h1>
<?
if (isset($_SESSION['valid_user']))
{
echo 'You are logged in as: '.$_SESSION['valid_user'].' <br />';
echo '<a href="logout.php">Log out</a><br />';
}
else
{
if (isset($userid))
{
// if they've tried and failed to log in
echo 'Could not log you in.<br />';
}
else
{
// they have not tried to log in yet or have logged out
echo 'You are not logged in.<br />';
}
// provide form to log in
echo '<form method="post" action="authmain.php">';
echo '<table>';
echo '<tr><td>Userid:</td>';
echo '<td><input type="text" name="userid"></td></tr>';
echo '<tr><td>Password:</td>';
echo '<td><input type="password" name="password"></td></tr>';
echo '<tr><td colspan="2" align="center">';
echo '<input type="submit" value="Log in"></td></tr>';
echo '</table></form>';
}
?>
<br />
<a href="members_only.php">Members section</a>
</body>
</html>
Im trying to create a session where the user's username and password are stored.
im trying to login yet i receive my message "could not log u in"
Can u review my code for error? thanks
<?php
session_start();
if (isset($_POST['userid']) && isset($_POST['password']))
{
// if the user has just tried to log in
$userid = $_POST['userid'];
$password = $_POST['password'];
//changes the location of the @ symbol
$db = @mysql_connect('localhost', 'username', 'pw');
//select the DB here
mysql_select_db('database', $db);
if (mysql_error())
{
echo 'Error: Could not connect to database. Please try again later.';
exit;
}
$query = 'select * from authorised_users '
."where name='$userid' "
." and password=sha1('$password')";
// $result = $db_conn->query($query);
//changed this to mysql_query
$result = mysql_query($query);
if ($result)
{
// if they are in the database register the user id
$_SESSION['valid_user'] = $userid;
}
//$db_conn->close();
// mysql_close()
}
?>
<html>
<body>
<h1>Home page</h1>
<?
if (isset($_SESSION['valid_user']))
{
echo 'You are logged in as: '.$_SESSION['valid_user'].' <br />';
echo '<a href="logout.php">Log out</a><br />';
}
else
{
if (isset($userid))
{
// if they've tried and failed to log in
echo 'Could not log you in.<br />';
}
else
{
// they have not tried to log in yet or have logged out
echo 'You are not logged in.<br />';
}
// provide form to log in
echo '<form method="post" action="authmain.php">';
echo '<table>';
echo '<tr><td>Userid:</td>';
echo '<td><input type="text" name="userid"></td></tr>';
echo '<tr><td>Password:</td>';
echo '<td><input type="password" name="password"></td></tr>';
echo '<tr><td colspan="2" align="center">';
echo '<input type="submit" value="Log in"></td></tr>';
echo '</table></form>';
}
?>
<br />
<a href="members_only.php">Members section</a>
</body>
</html>