HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Programming/Scripts (http://www.howtoforge.com/forums/forumdisplay.php?f=7)
-   -   need help with my query script. any help greatly appreciated (http://www.howtoforge.com/forums/showthread.php?t=54984)

beaney 18th November 2011 09:30

need help with my query script. any help greatly appreciated
 
Im having trouble getting my login to work on my site.
it keeps telling me query failed, but when i echo out the username and password it matches the one on the server so i dont understand why its not working. heres a link to my site http://trieste.sdsu.edu/~trst016/proj2/proj2.html
Im a new programmer by the way very noob.

PHP Code:

$db mysqli_connect($server$user$password$database);
        
       
            
$salt "45Gxkj9583lPMdxoekfg"
        
$user $_POST['username'];
        
$pass crypt($_POST['password'], $salt);
            
        echo 
"<h2>welcome you are now logged in ".$user." ".$pass."</h2><br />\n";
        
$sql "SELECT username, password FROM faculty WHERE username = $user AND password = $pass";
        
        
$result mysqli_query($sql,$db) or die('Query failed: ' mysql_error($db));
        
        if (
mysql_num_rows($result) == 1)
        {
            
//successful login
            
echo "<h2>Welcome  You are now logged in.</h2>\n";
        }
        else
        {
            
// not successful
            
$page file_get_contents("err_login.html");
                    echo 
$page;
                    exit;
        }
        
            
            
            
//session_start();
            //$_SESSION['valid'] = 1;
            //$_SESSION['user'] = $username; 


Blackbit 19th January 2012 09:04

$sql = "SELECT username, password FROM faculty WHERE username = $user AND password = $pass";

If you don't put the variables in the SQL-Statements into quotes, they are used as column names. It should be something like this:

$sql = "SELECT username, password FROM faculty WHERE username = \"$user\" AND password = \"$pass\"";


All times are GMT +2. The time now is 06:45.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.