HI all,
First post on here so please be gently with me.
I am very new to this language so any help that could be offered in the most basic way with a little explanation of what each bit of code does would be amazing.
I have created a very basic registration form which puts data into my database. I am now wanting to create a log in form that uses that data to ‘log in’
I have followed some online guides and done a bit of research and have created said log in code.
When I fill in the user name and password fields, and click the log in button, the fields empty and ‘nothing’ seems to happen.
I added an [php]or die[/php] to my code and I get the following message.
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘‘user’ WHERE ‘user_name’ = ‘Adam’ and ‘password’ = ‘Hewitt’’ at line 1
I thought initially that it might have something to do with the quotes around certain bits of the code but after plenty of googling, I don’t seem to be able to fall over my answer.
The code that I have for my log in page is as follows.
[php]<?php
include(‘db_conn.php’);
session_start();
if($_SERVER[“REQUEST_METHOD”] == “POST”){
//username and password from log in form
$login_user_name = mysqli_real_escape_string($conn,$_POST[‘login_user_name’]);
$login_password = mysqli_real_escape_string($conn,$_POST[‘login_password’]);
$sql = "SELECT id FROM user WHERE 'user_name' = '$login_user_name' and 'password' = '$login_password'";
$result = mysqli_query($conn,$sql)
or die("Error: ".mysqli_error($conn));
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);
$active = $row['active'];
$count = mysqli_num_rows($result);
//if result matched username and password, table row must be 1 row
if($count == 1) {
$_SESSION['login_user'] = $login_user_name;
header ("location: loggedin.php");
}else{
$error = "Your Username or Password is Incorrect";
}
}
?>
[/php]
And this is what I have on my session page (not sure if that is relevant)
[php]<?php
include(‘db_conn.php’);
session_start();
$user_check = $_SESSION[‘login_user’];
$session_sql = mysqli_query($conn,“Select user_name from user where user_name = $user_check”);
$row = mysqli_fetch_array($session_sql,MYSQLI_ASSOC);
$login_session = $row[‘user_name’];
if(!isset($_SESSION[‘login_user’])){
header(“location: index.php”);
}
?>
[/php]
I would appreciate anyone offering suggestions as to where I may have gone wrong.
Thanks in advance
Adam