I am trying to create a login script for a part of my website. I have a database to hold the information and I want to compare the user input from my html form to information in the database.
A sample of my code is listed below. So far, only the “fail” part of my script is working and will redirect me to login again. I’m not sure if it is connecting to the database and checking the input for the correct information.
Would anyone out there know if I am doing this correctly?
Thank you in advance your time.
<?php
// Define username and password variables for returned post method from input form
$Name = $_POST[“user”];
$Pass = $_POST[“mail”];
if($Name != “” || $Pass != “”)
{
// Select database and log on
$con = mysql_connect(“mysql13.000webhost.com”, “DATABASE NAME HIDDEN”, “PASSWORD HIDDEN”);
if (!$con)
{
die('Could not connect: ’ . mysql_error());
}
mysql_select_db(“DATABASE NAME HIDDEN”, $con);
//ScrName and Email are the field names from the table that need to be verified.
$query = mysql_query(“SELECT * FROM Mix WHERE ScrName = '” . $ScrName . “’ AND Email = '” . $Email . "’ ", $con);
$num = mysql_num_rows($query);
echo $num;
if($num != 0)
{
$result = mysql_result($query, 0);
echo $result;
}
$row=mysql_fetch_array($result);
{
$SN=$row[‘ScrName’];
$EM=$row[‘Email’];
}
//I want to compare the values from the input form to the values in the table
if($Name == $SN && $Pass ==$EM)
{
header(“Location: mixsetup.html”);
}
else if($Pass!= $EM ||$Name != $SN )
{
echo(“Please Enter Correct Username and Password …”);
header(“Location: Loginfail.html”);
}
}
?>