I could use some help here. I have a script that checks a user name and password against the MySQL DB. I have it set as a function so I included/require it on the page. Here is the script:

function login($username, $password)
// check username and password with db
  // connect to db

  $conn = db_connect();
  if (!$conn)
    return false;

// check if username
$result = ("select user_id password FROM users WHERE username='$username' AND password=md5('$password')");
if (!$result)
return false;

  if (mysql_num_rows($result)  >  0 )
     return true;
     return false;

Here is my DB script:

function db_connect()
// connect to database
$result = mysql_connect("localhost", "xxxxxx", "xxxxxx");
if (!$result)
        return false;
if (!mysql_select_db("xxxxxxxx"));
        return false;
return $result;

When I change the "return false" to "return true" in the first script (login) it authenticates, but logs any one in. Not good. Does anyone have any ideas or suggestions?

Thanks in advance,

Craig Hoffman - eClimb Media

v: (847) 644 - 8914
f: (847) 866 - 1946
w: www.eclimbmedia.com

PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to