Mancent Posted October 2, 2010 Share Posted October 2, 2010 <?php ob_start(); include "connect.php"; // Define $myusername and $mypassword $username=$_POST['username']; $password=$_POST['password']; // To protect MySQL injection (more detail about MySQL injection) $username = stripslashes($username); $password = stripslashes($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $sql="SELECT * FROM accounts WHERE username='$username' and password='$password'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1) { // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("username"); session_register("password"); echo "&msgText=Entrance Granted!\n"; } else { echo "&msgText=Invalid Login!\n"; } return false; ob_end_flush(); ?> this line right here what would the URL be to work correctly $sql="SELECT * FROM accounts WHERE username='$username' and password='$password'"; if this line means this $sql="SELECT * FROM accounts WHERE username='$username'"; http://wiistream.net/flash.login.php?username=Mytest = echo "&msgText=Entrance Granted!\n"; see i dont know is it http://wiistream.net/flash.login.php?username=Mytest&password=123456 I cant seem to login with a URL code because I dont know what it is? Quote Link to comment Share on other sites More sharing options...
joel24 Posted October 2, 2010 Share Posted October 2, 2010 you're trying to collect the sent information with $_POST when they are being sent via the URL - $_GET. You should not pass usernames and passwords through the URL, post these from the login form. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.