<?php
session_start();

$username = $_POST['username'];
$password = $_POST['password'];

Notice: Use of undefined constant username - assumed 'username' 

if (username&&password)

<?php
session_start();

$username = $_POST['username'];
$password = $_POST['password'];

if (username&&password)
{

$link =  mysqli_connect("localhost","root","","phplogin") or die("Error " . 

mysqli_error($link)); 


mysql_select_db("phplogin" , $link);

$result = mysql_query("SELECT * FROM username" , $link);
$num_rows = mysql_num_rows($result);


}
?>

Line 7: change it to (add the $ sign):

if ($username && $password)

Hopefully you use prepared statements or do some sanitizing of input variables before using them in queries/urls/html/mail/script.

Thanks that helped but now i have just 1 more issue

Parse error: syntax error, unexpected '}' in C:\wamp\www\rdn\login.php on line 19

Member Avatar for diafol

ANother thing:

mysql_select_db("phplogin" , $link);

You seem to be creating a connection via mysqli but then you ref via deprecated mysql_* functions. It's all jumbled up.

Also the query

SELECT * FROM username 

looks suspicious. Usually it looks like:

"SELECT * FROM users WHERE username='" . mysqli_real_escape_string($username) . "' AND password='" . yourHashFunction($password) . "'";

Regarding the parse error you are getting, first correct the code as per diafol's post and then if you still get the error post the whole script.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.