I have all passwords stored in my database in md5 form.
when people log in it always says Email or Password wrong, well thats the error i added when something's wrong, I am pretty sure the email and password are right.
here is my login code:
$emailin=$_POST['emailin'];
$passwordin= md5($_POST['passwordin']);
// To protect MySQL injection
$emailin = stripslashes($emailin);
$passwordin = stripslashes($passwordin);
$emailin = mysql_real_escape_string($emailin);
$passwordin = mysql_real_escape_string($passwordin);
$sql="SELECT * FROM users WHERE email='$emailin' and password='$passwordin'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
if(mysql_num_rows($result) > 0){
$data = mysql_fetch_array($result);
$_SESSION['id'] = $data['id'];
$_SESSION['email'] = $data['email'];
header("location:profile.php");
} else {
echo "Wrong Emaail or Password";
}