I’m making a login page. It will save the the user’s name and encrypted password with session variables. For some reason I can’t retrieve anything in the $row variable. As you can see $num is 1, meaning that at least one row was chosen. I have tested the query directly in my phpAdmin control panel and it does turn up a valid row with good info. However, when I upload the page to my host and test it live, it doesn’t work!
code:
// attempt to log-in
$conn = @mysql_connect($DB_SERVER, $DB_USER, $DB_PASSWORD) or die("Could not connect.");
$rs = @mysql_select_db($DB_DB, $conn) or die("Could not select database.");
$sql = 'select id, banned, approved, email, password, username from members where username="'.$username.'" and password = password("'.$password.'")';
$rs = @mysql_query($sql, $conn) or die ("Could not execute query.");
$num = mysql_num_rows($rs);
$row = mysql_fetch_array($rs);
// success if match, not banned, and approved
if(($num == 1) && ($row['banned'] != 1) && ($row['approved'] == 1))
{
// make cookie
$row = mysql_fetch_array($rs);
$_SESSION['id'] = $row['username'];
$_SESSION['pw'] = $row['password'];
// debugging
echo('banned is '. $row['banned'] .'<br />');
echo('approved is '. $row['approved'] .'<br />');
echo('email is '. $row['email'] .'<br />');
echo('id is '. $_SESSION['id'] .'<br />');
echo('pw is '. $_SESSION['pw'] .'<br />');
echo('user is '. $username .'<br />');
echo('pass is '. $password .'<br />');
echo('sql is '. $sql .'<br />');
echo('num is '. $num .'<br />');
}
Output:
banned is
approved is
email is
id is
pw is
user is myName
pass is myPass
sql is select id, banned, approved, email, password, username from members where username=“myName” and password = password(“myPass”)
num is 1