What ever I type in the loginboxes, it accepts it as a successful login I simply cannot resolve this error... Am am very new to php, but hopefully I'll get this to work.
<?php
session_start();
include_once "inc/connect.php";
if($_POST['login']){
include_once("inc/connect.php");
$username = strip_tags($_POST['username']);
$password = strip_tags($_POST['password']);
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysqli_real_escape_string($username);
$password = mysqli_real_escape_string($password);
$password = md5($password);
$sql = "SELECT * FROM users WHERE username='$username' LIMIT 1";
$query = mysqli_query($db, $sql);
$row = mysqli_fetch_array($query);
$id = $row['id'];
$db_password = $row['password'];
if($password == $db_password) {
$_SESSION['username'] = $username;
$_SESSION['id'] = $id;
header("Location: board.php");
} else {
echo "you didn't enter the corret detail";
}
}
?>
Aucun commentaire:
Enregistrer un commentaire