Posted by Mark Rees on 11/07/52 11:29

> <?php
>
> if(! isset($_POST['username'])) {
> header("Location: login.php");
> }
>
> mysql_connect(DELETED)
> mysql_select_db(DELETED)

Put semicolons on the end of the two lines above for starters

> $username = $_POST['username'];
> $username = mysql_real_escape_string($username);
> $result = mysql_query("SELECT userid, pswd FROM users WHERE username =
'$username'");
>
> if(mysql_num_rows($result) > 0) {
> $row = mysql_fetch_assoc($result);
> $userid = $row['userid'];
> $pswd = $row['pswd'];
> }
>
> $formpswd = $_POST['password'];
> $formpswd = md5($formpswd);
>
> if(mysql_num_rows($result) == 0) {
> header("Location: login.php");
> } else if($pswd == $formpswd) {
> session_unset();
> session_destroy();
> session_start();
> $_SESSION['userid'] = $userid;
> header("Location: userhome.php");
> }
>
> mysql_close();
>
> ?>

• Next in forum: Re: what's wrong with this code? i am getting a blank page when i pass my form data to it
• Prev in forum: Re: what's wrong with this code? i am getting a blank page when i pass my form data to it
• Thread view: Re: what's wrong with this code? i am getting a blank page when i pass my form data to it

[Reply to this message]