ok pyro, i am trying to adapt your old login script to use a MySQL database. heres the code i have so far: <?PHP

mysql_connect("srry", "srry", "srry") or die("Could not connect: " . mysql_error());
mysql_select_db("srry");

$result = mysql_query("SELECT `name`, `pass` FROM `Users`");
$row = mysql_fetch_array($result, MYSQL_BOTH);
$usernames = "'" . $row["name"] . "', ";
$passwords = "'" . $row["pass"] . "', ";

mysql_close();

$x = 1;
$user = array($usernames);
$pass = array($passwords);

for ($i=0; $i < count($user); $i++) {
if ($x == 1) {
if ($_POST['username'] == $user[$i]) {
if ($_POST['password'] == $pass[$i]) {
session_start();
$_SESSION['verified'] = true;
header ("Location:http://xaxei.subsilvernet.com/helloworld.php");
}
else {
header ("Location:http://xaxei.subsilvernet.com");
}
$x .= 2;
}
}
}
if ($x == 1) {
echo "<BODY bgColor=#24637C><font color=#dddee6><center>Incorrect Password</center></font>";
}
?>
I just can't seem to get it to work. the usernames and passwords are VARCHAR inside the database. not md5'd. think you could tell me why it wont work?

EDIT: I think the problem has something to do with how it is fetching the array.. =/

I'd use a while loop:

while ($row = mysql_fetch_array($results)) {
# do some checking
}
Also, the result type of MYSQL_BOTH is implicitly set, and does not need to be set manually.

o. well i got that out of the php documentation and it didnt say anything about having to set it or not so i set it to be safe. (mayby i missed it if it was there).

i'll try it with a while loop, but stay online incase it doesnt work! please? lol.

ok, i keep getting a parse error on line 8... im trying to make it show the array right by having the "name", in there instead of username1username2name3name4

<?PHP

mysql_connect("srry", "srry", "srry") or die("Could not connect: " . mysql_error());
mysql_select_db("srry");

$result = mysql_query("SELECT `name`, `pass` FROM `Users`");
while ($row = mysql_fetch_array($results)) {
$usernames = ("'%s',", $row["name"]);
$passwords = "\"" . $row["pass"] . "\", ";
}

$x = 0;
$user = array($usernames);
$pass = array($passwords);

for ($i=0; $i < count($user); $i++) {
if ($x == 0) {
if ($_POST['username'] == $user[$i]) {
if ($_POST['password'] == $pass[$i]) {
session_start();
$_SESSION['verified'] = true;
header ("Location:http://xaxei.subsilvernet.com/helloworld.php");
}
else {
header ("Location:http://xaxei.subsilvernet.com");
}
}
}
}
?>

worked my way through that error. now i have another that i know i cant work through cause i have no experience with it.

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/subsilve/public_html/xaxei/passwordreader.php on line 7

<?PHP

mysql_connect("localhost", "subsilve_xaxei", "xaxexiziakayic") or die("Could not connect: " . mysql_error());
mysql_select_db("subsilve_xaxei");

$result = mysql_query("SELECT `name`, `pass` FROM `Users`");
while ($row = mysql_fetch_array($results, MYSQL_BOTH)) {
$user = array("'%s'", $row['name']);
$pass = array("'%s'", $row['pass']);
}

$x = 0;

for ($i=0; $i < count($user); $i++) {
if ($x == 0) {
if ($_POST['username'] == $user[$i]) {
if ($_POST['password'] == $pass[$i]) {
session_start();
$_SESSION['verified'] = true;
header ("Location:http://xaxei.subsilvernet.com/helloworld.php");
}
else {
header ("Location:http://xaxei.subsilvernet.com");
}
}
}
}
?> Know what that means pyro? cause i have no clue what the error is, let alone how to fix it. :(

EDIT: changed $results to $result and fixed it, but now when i try to login with a valid username and password, it fails. no errors given, ergo i must be setting up the array wrong. know what the problem is pyro?

I whipped something up - you can find it here: http://forums.webdeveloper.com/showthread.php?s=&postid=125897#post125897

ok, i've confirmed it. the array is wrong. heres my code: <?PHP

mysql_connect("srry", "srry", "srry") or die("Could not connect: " . mysql_error());
mysql_select_db("srry");

$result = mysql_query("SELECT `name`, `pass` FROM `Users`");
while ($row = mysql_fetch_array($result)) {
$user = "'" . $row["name"] . "', ";
$pass = $row["pass"];
}

$x = 0;

for ($i=0; $i < count($user); $i++) {
if ($x == 0) {
if ($_POST['username'] == $user[$i]) {
if ($_POST['password'] == $pass[$i]) {
session_start();
$_SESSION['verified'] = true;
header ("Location:http://xaxei.subsilvernet.com/helloworld.php");
}
else {
header ("Location:http://xaxei.subsilvernet.com");
}
}
}
}

echo $user . "<br />";
echo $pass;
?>

and on my page it its echo's:

'yybb',
yybb

which is NOT what is in my database.. *cries* see what im doing wrong?