January 2nd, 2013, 11:52 AM
Always same result... Login failure
Hope someone can help me....
First of all sorry for my bad english!
I'm trying to write an php code for a user login.
When I run the code i always get the same result:"Login failure".
Even if thes "user" and "password" that i tiped in exists or not.
I used xampp 3.1.0, databasename: login, tablename: login.
Think about it for days but can't find any solution, please can someone help me? what i do wrong?
Here is the code:
<form action='login.php?login=yes' method=POST>
Username:<input type=text name='user' /><br />
Password: <input type=password name='pass' /> <br />
<input type=submit value='Go!' />
$con=mysql_connect('localhost','root','root') or die("Cant connect host");
mysql_select_db('login') or die("Cant connect database");
$get=mysql_query("SELECT count(id) FROM login WHERE (user='$user' AND pass='$pass')") or die ("Error on mysql_querry");
if($result!=1) echo "Login failure!";
echo "Login sucess!";
January 4th, 2013, 10:23 AM
You have some syntax problems in your code. Please use code tags to format it in your post so everyone can read it more easily.
The error I see is this
The single quotes tell PHP to interpret those variables as strings. You are querying for rows where user has a value of "$user" and password has a value of "$pass". Try removing the single quotes.
Finally, this seems like it should be moved to the PHP board since it's a coding error.
"Those who can make you believe absurdities can make you commit atrocities."
January 4th, 2013, 11:10 AM
actually, those single quotes are for mysql, not for php, but yes, they delimit strings
Originally Posted by Jyncka
if you remove them, you will have an sql statement that says
and at that point, mysql interprets fred and sesame as column names, resulting in an error
WHERE (user=fred AND pass=sesame)
the only time the quotes are not required is when the columns are numeric and the values are numbers