Hi all.I have just set up a basic database ( SQL/PHP ) locally.One page contains registration of the user and this is parsed correctly i.e. the username and his password appears in database but when I execute login page it shows "incorrect username / login" after submission when both are correct.Here's a bit of the script that shows the login structure.ANy comments would be appreciated.Thanks.
-----------------------------------------------------------
<?php
session_start();
mysql_connect("localhost", "root", "myPassword");
mysql_select_db("mydb");
function user_login ($username, $password)
{
//take the username and prevent SQL injections
$username = mysql_real_escape_string($username);
//begin the query
$sql = mysql_query("SELECT * FROM usersystem WHERE username = 'username' AND password = 'password' LIMIT 1");
//check to see how many rows were returned
$rows = mysql_num_rows($sql);
if ($rows<=0)
{
echo "Incorrect username/password";
}
else
{
//have them logged in
$_SESSION['surname'] = $username;
}
}
?>
-----------------------------------------------------------
<?php
session_start();
mysql_connect("localhost", "root", "myPassword");
mysql_select_db("mydb");
function user_login ($username, $password)
{
//take the username and prevent SQL injections
$username = mysql_real_escape_string($username);
//begin the query
$sql = mysql_query("SELECT * FROM usersystem WHERE username = 'username' AND password = 'password' LIMIT 1");
//check to see how many rows were returned
$rows = mysql_num_rows($sql);
if ($rows<=0)
{
echo "Incorrect username/password";
}
else
{
//have them logged in
$_SESSION['surname'] = $username;
}
}
?>
