I’m trying to learn about $_SESSION variables and I’ve been following some tutorials I’ve found online.
I’ve created a form and I’m posting it back to the same page but the query fails. I have a table ‘users’ and I’ve added ‘bob’ to the userlogin field and ‘bob’ to the user_passwrd field. When I execute I get the error from the if/else statement that the query failed.
I don’t know what I’m doing wrong and I would really appreciate some help on this.
I don’t know if the form is not posting or where the problem might be.
Here is the code:
<?php
include ('admin_pages/sql_pages/sql_connect_L.inc.php');
$login = mysql_real_escape_string($_POST['login']);
$passwrd = mysql_real_escape_string($_POST['passwrd']);
$sql = mysql_query("SELECT * FROM users WHERE userlogin = '$login' AND user_passwrd = '$passwrd'");
$count = mysql_num_rows($sql);
if($count == 1)
{
session_start();
$_SESSION['login'] = '$login';
header('location: admin_pages/dashboard.php');
}
else
{
echo " Your query failed";
}
?>
<form method="post" action="logintest.php">
Username: <input name="login" type="text" class="login_fields" />
<br/>
Password: <input name="passwrd" type="password" class="login_fields" />
<br/>
<input name="submit" type="submit" class="long_button" id="submit" value="Login" />
</form>
I’ve tried several different things and I can’t get the desired results.
Cheers
The first step in debugging is, check your SQL string:
I noticed, you have minor issue in your code:
will result in
$_SESSION['login']having value of$loginliterally. Not the value of$login. To fix it, change your code into:Why is that? here’s the explanations.