Guys please help.. It always says "Sorry, cannot log you in. Wrong login information". Thank u..

<?php
        session_start();
        include "dbConfig.php";

        if ($_GET["op"] == "login")
  {
  if (!$_POST["StudentID"] || !$_POST["password"])
        {
        die("You need to provide a username and password.");
        }
  $q = "SELECT * FROM `student` "
        ."WHERE `StudentID`='".$_POST["StudentID"]."' "
        ."AND `password`=password('".$_POST["password"]."') "
        ."LIMIT 1";
  $r = mysql_query($q);
  if ( $obj = @mysql_fetch_object($r) )
        {
        // Login good, create session variables
        $_SESSION["FullName"] = $obj->FullName;
        $_SESSION["valid_user"] = $_POST["StudentID"];
       //$_SESSION["valid_time"] = time();
        Header("Location: Main.php");
        }
  else
        {   
        die("Sorry, could not log you in. Wrong login information.");
        }
  }
        else
  {
  echo "<form action=\"?op=login\" method=\"POST\">";
  echo "Username: <input name=\"StudentID\" size=\"15\"><br />";
  echo "Password: <input type=\"password\" name=\"password\" size=\"8\"><br />";
  echo "<input type=\"submit\" value=\"Login\">";
  echo "</form>";
  }
 ?>

Apparently, your query does not return any results. Are you sure you entered the right combination, and you inserted the password correctly in the first place?

yes sir..I inserted the password correctly..

Echo the generated query and run it in phpMyAdmin, does it return a result?

There is still an error sir..

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"
        ."WHERE `username`='".$_POST["username"]."' "
        ."AND `passwor' at line 1 

Sir, I edited the query..I used this

SELECT * FROM `register` 
        WHERE `username`='".$_POST["username"]."' 
        AND `password`='".$_POST["password"]."' 
        LIMIT 1

But now the error is "Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\jan\Index.php:6) in C:\xampp\htdocs\jan\Index.php on line ***"

In my queries I never use username='"'.$value.'"' I always go

username='$username'

try that, works for me!

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.