Here is mycode,when user submit his data, it did not validate correct with database, but i did connect the database and everything s working. Sometimes when i enter invalid userid,password or department ,it logIn to the page…?? so please show me error …please
[php]<?php
require(“connect.php”);
$userid = $_POST[“userid”];
$passsword = $_POST[“password”];
$divsn = isset($_POST[‘div’]) ? $_POST[‘div’] : “” ;
$query = mysql_query(“SELECT * FROM adduser”);
if($userid !="" || $password != “” || $divsn !="") {
$numros=mysql_num_rows($query);
if ($numros!=0) {
while($row=mysql_fetch_assoc($query)) {
$dbuserid = $row['User Id'];
$dbpassword = $row['Password'];
$dbdivision = $row['Division'];
if($userid == $dbuserid && $password == $dbpassword && $divsn==$dbdivision) {
break;
}
}
//check username and password
if($userid==$dbuserid && $password==$dbpassword && $divsn==$dbdivision) {
session_start();
$_SESSION['user_userid']=$userid;
$_SESSION['user_password']=$password;
$_SESSION['user_division']=$divsn;
} elseif($userid!=$dbuserid && $password!= $dbpassword && $divsn!=$dbdivision) {
echo die("<br> Entered User Id,Password and Division does not exist in Database
<br><br><br>Click here<a href='admin_login.php'>Try Again</a>");
} elseif($userid==$dbuserid && $password!= $dbpassword && $divsn== $dbdivision) {
echo die("Incorrect Password ! <br><br><a href='index.php'>Try Again</a>");
} elseif($userid!=$dbuserid && $password== $dbpassword && $divsn == $dbdivision) {
echo die("Inorrect User Id ! <br><br> <a href='index.php'>Try Again</a> ");
} elseif($userid==$dbuserid && $password== $dbpassword && $divsn!=$dbdivision) {
echo die("Choose the correct Division");
}
} else {
echo die("Enter User Id,Password and Division!<br><br> a href='index.php'>Try Again</a> ");
}
}
?>[/php]