----Query was empty---
at
---$sql="SELECT * FROM users WHERE username='$username' AND password='$password'";
$result=@mysql_query($sql) or die(mysql_error()); ---
<html>
<body>
<form action="login.php" method="post">
<div>
<table width="100%">
<tr>
<td><img src="Logofinalcopy.gif"></td>
</tr>
<tr>
<td bgcolor="aqua"><h2>Login</h2></td>
</tr></table>
<table align="right" style="width:40%">
<br>
<tr>
<td>username:</td>
<td><input type="text" name="username"></td>
</tr>
<tr>
<td>password:</td>
<td><input type="password" name="password"></td>
</tr>
<tr>
<td align="CENTER" COLSPAN="4">
<input TYPE="SUBMIT" name="submit" value="Login">
<input TYPE="reset" name="submit" value="clear"></td>
</tr>
</table>
</div>
</form>
</body>
</html>
<?php
if(isset($_POST['submit']))
{
$con = @mysql_connect("10.70.1.50","invensis","invensis");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
$con_db=@mysql_select_db("database_myproject",$con);
if (!$con)
{
die('Could not connect DB: ' . mysql_error());
}
$username=$_POST['username'];
$password=$_POST['password'];
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$flag="OK";
$msg="";
if(strlen($username) < 1)
{
$msg=$msg."Please enter the username<br>";
$flag="NOTOK";
}
if(strlen($password) < 1)
{
$msg=$msg."Please enter the password<br>";
$flag="NOTOK";
}
if($flag <>"OK")
{
echo "<strong style='color:#FF3333'>"."<left >Please enter Username or Password </left>"."</strong>";
}
else
{
$sql="SELECT * FROM users WHERE username='$username' AND password='$password'";
$result=@mysql_query($sql) or die(mysql_error());
$count= mysql_num_rows($result);
echo "$count";
if($count==1)
{
$sql = mysql_query("SELECT role FROM users WHERE username='$username' AND password='$password'");
while($info = @mysql_fetch_array($sql))
{
if($info['role']=='Super Admin')
{
@header('location: [url]http://localhost/Project/Superadmin.php');[/url]
}
else if($info['role']=='Admin')
{
@header('location: [url]http://localhost/Project/Admin.php');[/url]
}
else if($info['role']=='User')
{
@header("location: http://localhost/Project/User.php");
}
}
}
else
{
echo "<strong style='color:#FF3333'>Incorrect User Name OR Password</strong>";
}
}
}
?>
niths -1 Posting Whiz in Training
phpuser 1 Junior Poster in Training
scmsimplybest 0 Newbie Poster
phpuser 1 Junior Poster in Training
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.