After connecting to the sql database and everything I pu
[php]pw = $_POST[“password”]
pw2 = “Select Password from Table_name where username = ‘$un’”
if (session_id() == $_SESSION[“sid”]) {
if ($pw==$pw2) {
print “Welcome $un, you have successfully made it to form 2”;
…ect[/php]
But it doesn’t work. Any suggestions?
i’m guessing that’s not all the code, but 2 things i noticed, you’re missing the $ signs on pw and pw2 at the top and the top pw2 is going to error out because you’re missing the ; at the end. I don’t see where you executed the query for $pw2, so i included that too.
[php]
$pw = $_POST[“password”];
$pw2 = “Select Password from Table_name where username = ‘$un’”;
$qry = mysql_query($pw2); // executes the query
$r = mysql_fetch_assoc($qry); // stores the query results in an array for use below
if(mysql_num_rows($pw2) != 0) {
if (session_id() == $_SESSION[“sid”]) {
if ($pw==$r[‘password’]) { //assuming your table name for pw is password, change to match what you have
print “Welcome $un, you have successfully made it to form 2”;
}
}
…ect
} else {
echo “No records found for this user”;
}
[/php]
Also, if your pw is encypted using md5, sh1, etc, then you must first encrypted the user input before comparing, otherwise it’ll fail everytime.
Hope that helps a little.
richei, thank you.