09-30-2007, 12:03 PM
PHP Code:
<?php
//Database Information
$dbhost = "localhost";
$dbname = "loftyd_register";
$dbuser = "loftyd_loftyd";
$dbpass = "*********";
//Connect to database
mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());
session_start();
$username = $_POST['Username'];
$password = md5($_POST['Password']);
$query = "select * from Users where Username='$username' and Password='$password'";
$result = mysql_query($query) or die(mysql_error());
if (mysql_num_rows($result) == 1)
{
echo 'Wrong Username and/or Password';
include 'login.html';
} else {
$_SESSION['username'] = '$username';
include 'characterprofile.php';
}
?>
That is code for authenticating users. However, if you type anything {eg: Username: Fredd_Bloggs Password: Freddy} it will go straight to the welcome screen. The data that you type to log in does not match with the information on the database. This would obviously say
PHP Code:
echo 'Wrong Username and/or Password';
But doesn't and goes straight to characterprofile.php
Is there anyone who can modify this so it works.
{PS: I'm having a go at making a web-based RPG. I'm doing the login atm. Your name will appear underneath the login page. }