Just yesterday, I’ve started to dabble in MySQL and PHP to help with a project at work. I’m (somewhat) familiar with php form handlers, but I only have limited experience. With the help of google, I’ve been able to get this far, but now I need some help.
I’ve created a database with a test user it it. I’ve created index.php (login page), checklogin.php (verifies user), login_success.php (redirects upon successful login to), main_login.php (homepage after login).
The problem is that I am trying to get some variables from the database to echo on the main_login.php page (like name, when account was created, etc), but the spot where the variables should be are just blank.
I don’t quite understand how ‘sessions’ work, so maybe that’s the problem and I have something wrong.
$host=“myhostname”; // Host name
$username=“myusername”; // Mysql username
$password=“mypassword”; // Mysql password
$db_name=“mydatabase”; // Database name
$tbl_name=“mydatabasetable”; // Table name
mysql_connect("$host", “$username”, “$password”)or die(“cannot connect”);
mysql_select_db("$db_name")or die(“cannot select DB”);
// Define $myusername and $mypassword
$mid=$_POST[‘mid’]; // acts as username
$zip=$_POST[‘zip’]; // acts as password
// To protect MySQL injection (more detail about MySQL injection)
$mid = stripslashes($mid);
$zip = stripslashes($zip);
$mid = mysql_real_escape_string($mid);
$zip = mysql_real_escape_string($zip);
$sql=“SELECT * FROM $tbl_name WHERE mid=’$mid’ and zip=’$zip’”;
// Mysql_num_row is counting table row
// If result matched $mid and $zip, table row must be 1 row
// Register $mid, $zipand redirect to file “login_success.php”
echo “Wrong Username or Password”;