I have mySQL v.5.3 I think... I cannot figure out what is going on. Ive searched high and low and cant find an answer as to why i keep getting a syntax error.
Heres the error I keep getting.
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''users' WHERE 'username' = 'fffff'' at line 1
Here is the script
<?php
include "header.php";
if($session_name){
echo "You are already logged in!\n";
}else{
if(!$_POST['submit']){
echo "<table border=0 cellspacing=3 cellpadding=3>\n";
echo "<form name=\"login\" method=\"post\" action=\"login.php\">\n";
echo "<tr><td>Username</td><td><input type=\"text\" name=\"username\"></td></tr>\n";
echo "<tr><td>Password</td><td><input type=\"password\" name=\"password\"></td></tr>\n";
echo "<tr><td colspan=2 align=right><input type=\"submit\" name=\"submit\"value=\"login\"></td></tr>\n";
echo "</form></table>\n";
}else{
$user = $_POST['username'];
$pass = $_POST['password'];
if($user && $pass){
$sql = "SELECT * FROM 'users' WHERE 'username' = '$user'";
$res = mysql_query($sql) or die(mysql_error());
if(mysql_num_rows($res) == 0){
$epass = md5($pass);
$sql2 = "SELECT * FROM 'users' WHERE 'username' = '$user' AND 'password' = '$epass'";
$res2 = mysql_query($sql2) or die(mysql_error());
if(mysql_num_rows($res2) == 0){
//success
$row = mysql_fetch_assoc($res2);
$_SESSION['uid'] = $row['id'];
echo "You have successfully logged in as <b>$user</b>, please click any link to continue!\n";
}else {
echo "username and password combination are incorrect!\n";
}
}else {
echo "The username you supplied does not exist in out database!\n";
}
}else {
echo "You did not supply all the valid feilds\n";
}
}
}
include "footer.php";
?>
Heres were I think my problem is
if($user && $pass){
$sql = "SELECT * FROM 'users' WHERE 'username' = '$user'";
$res = mysql_query($sql) or die(mysql_error());
if(mysql_num_rows($res) == 0){
$epass = md5($pass);
$sql2 = "SELECT * FROM 'users' WHERE 'username' = '$user' AND 'password' = '$epass'";
I need some help on this one. Thanks in advanced