<?php
$u=$_POST['user'];
$p=$_POST['pass'];
mysql_connect("localhost","ssg","8X3TsM39PMFW9VCC") or die(mysql_error());
mysql_select_db("voting");
$result=mysql_query("SELECT * FROM voters WHERE username='$u' AND password='$p'");
while($row = mysql_fetch_array($result))
{
$u2=$row['username'];
$p2=$row['password'];
$id=$row['id'];
$fname=$row['fname'];
$lname=$row['lname'];
$yrsec=$row['yr_sec'];
}
//CHECK IF VOTER EXIST
if($u==$u2 && $p==$p2){
echo "HELLO, ".$fname;
echo "
";
//CHECK IF VOTER HAS ALREADY VOTED
$result2=mysql_query("SELECT * FROM consolidator WHERE voters_id='$id'");
while($row = mysql_fetch_array($result2))
{
$voters_id=$row['voters_id'];
}
if($voters_id==$id){
echo "YOU CAN ONLY VOTE ONCE.
";
echo "";
}
else{
echo "FOR PRESIDENT
";
echo "";
$result2=mysql_query("SELECT * FROM candidates WHERE position='president'");
while($row = mysql_fetch_array($result2))
{
$can_id=$row['id'];
$fname=$row['fname'];
$lname=$row['lname'];
$yrsec=$row['yr_sec'];
$pos=$row['position'];
echo "".$fname." ".$lname." ".$yrsec."
";
}
echo "";
echo "";
echo "";
echo "";
echo "FOR VICE-PRESIDENT
";
echo "";
$result2=mysql_query("SELECT * FROM candidates WHERE position='vpres'");
while($row = mysql_fetch_array($result2))
{
$can_id=$row['id'];
$fname=$row['fname'];
$lname=$row['lname'];
$yrsec=$row['yr_sec'];
$pos=$row['position'];
echo "".$fname." ".$lname." ".$yrsec."
";
}
echo "";
echo "";
echo "";
echo "";
}
}
else
echo "INVALID USERNAME AND PASSWORD";
?>
Please remove your username and password from your code as it is against this board’s rules and can seriously compromise your server’s security. Add *'s to your code in place of your credentials. Also I have went the extra mile to display your code in the php snippet and also reformatted the code so it’s easier on the eyes.
[php]
<?php $u=$_POST['user']; $p=$_POST['pass']; mysql_connect("localhost","*****","*****") or die(mysql_error()); mysql_select_db("voting"); $result=mysql_query("SELECT * FROM voters WHERE username='$u' AND password='$p'"); while($row = mysql_fetch_array($result)) { $u2=$row['username']; $p2=$row['password']; $id=$row['id']; $fname=$row['fname']; $lname=$row['lname']; $yrsec=$row['yr_sec']; } //CHECK IF VOTER EXIST if($u==$u2 && $p==$p2) { echo "HELLO, ".$fname; echo ""; //CHECK IF VOTER HAS ALREADY VOTED $result2=mysql_query("SELECT * FROM consolidator WHERE voters_id='$id'"); while($row = mysql_fetch_array($result2)) { $voters_id=$row['voters_id']; } if($voters_id==$id) { echo "YOU CAN ONLY VOTE ONCE.
"; echo ""; } else { echo "FOR PRESIDENT
"; echo ""; $result2=mysql_query("SELECT * FROM candidates WHERE position='president'"); while($row = mysql_fetch_array($result2)) { $can_id=$row['id']; $fname=$row['fname']; $lname=$row['lname']; $yrsec=$row['yr_sec']; $pos=$row['position']; echo "".$fname." ".$lname." ".$yrsec."
"; } echo ""; echo ""; echo ""; echo ""; echo "FOR VICE-PRESIDENT
"; echo ""; $result2=mysql_query("SELECT * FROM candidates WHERE position='vpres'"); while($row = mysql_fetch_array($result2)) { $can_id=$row['id']; $fname=$row['fname']; $lname=$row['lname']; $yrsec=$row['yr_sec']; $pos=$row['position']; echo "".$fname." ".$lname." ".$yrsec."
"; } echo ""; echo ""; echo ""; echo ""; } } else echo "INVALID USERNAME AND PASSWORD"; ?>
[/php]
What do you want your code to do that it isn’t doing?