<?php // Include the database connection file. include("connection.php"); // username and password sent from form $username=$_POST['myusername']; $password=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $username = stripslashes($username); $password = stripslashes($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $sql=$query = "select * from users where f_name = ".$username ." AND p_wrd = ".$password." "; $result=mysql_query($sql); //Count results $rowNo = mysql_num_rows($result); if ($rowNo =1){ // Register $myusername, $mypassword session_register("myusername"); session_register("mypassword"); } else { echo "Wrong Username or Password"; } ?> This was working before, I am not sure why it is not working anymore?
Also, I'd recommend to add a @ sign in front of mysql_num_rows to avoid errors in case the table is empty or returned zero results: $rowNo = @mysql_num_rows($result); PHP:
also you may want to trim the white space from the passwords: Just a tip. also this is wrong: just: would dso the jobby Graham
Replace $result=mysql_query($sql); Code (markup): With $result=mysql_query($sql); if($result === false) { die(mysql_error()); } Code (markup): Then try it and it should display an error What is that error ?