Can anyone point out to me why this keeps displaying the html located inside of if ( $auth = true ){}, even if wrong username/password combinations are used? I’m sure it’s something easy. I just can’t see it.
[code]<?php
$auth = false;
$user = $_POST[‘sn’];
$pass = $_POST[‘pw’];
if (isset( $user ) && isset($pass)) {
$db = mysql_connect( ‘localhost’, ‘users’, ‘*****’ )
or die ( ‘Unable to connect to server.’ );
mysql_select_db( 'pwtbl', $db )
or die ( 'Unable to select database.' );
$sql = "SELECT * FROM pwtbl WHERE
txt_Screename = '$user' AND
pw_pass = '$pass'";
$result = mysql_query( $sql )
or die ( mysql_error() );
mysql_close();
.
$num = mysql_numrows( $result );
if ( $num != 0 ) {
$auth = true;
}
}
if ( $auth = true ) {
echo ’
A bunch of html
';
}
else {
echo ‘Authorization Required.’;
exit;
}
?> [/code]