Hi,
I have a php user authorise script.
I have 2 fields in a mysql database. user_name and user_password. Password
is encrypted with the mysql password('$password') function.
This is my PHP authorise section of the script.
$sql_authorisation = "SELECT * FROM account_details WHERE
account_name='$login_username' AND
account_password=PASSWORD('$login_password');
$sql_authorisation_result = mysql_query($sql_authorisation);
if (!$sql_authorisation_result) {
error("A Database Error Occurred while trying to authorise login details");
}
if (mysql_num_rows($sql_authorisation_result) == 0) {
session_unregister("login_username");
session_unregister("login_password");
?>
<HTML>
<HEAD>
<TITLE> Access Denied </TITLE>
</HEAD>
<BODY BGCOLOR=white>
<H1> Access Denied </H1>
<P> Your user ID and Password could not be verified. This could be an
incorrect username or password, or you are not a registered user on this
site. Try logging in again checking your details, or enter the signup
process to join us</P>
</BODY>
</HTML>
<?php
exit;
}
?>
This script does NOT work.
However if I change the sql function $sql_authorisation to
$sql_authorisation = "SELECT * FROM account_details WHERE
account_name='$login_username' );
so that is only selects the username - it works. there for there is a
problem with me selecting and comparing the password'd user_password.
Any suggestions.
Thanks,
Matt.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
