This script I made won't show any threads from my thread table (there's one) and it rejects every correct username and password I give it. What is the problem?
<?
$connect = mysql_connect("localhost", "levxnet_icd", "aerostar") or die("Could not connect to server");
mysql_select_db("levxnet_accounts", $connect);
include('functions.inc');
//Count the number of threads and pages
$countrows = mysql_query("SELECT * FROM topics WHERE forum='$forum'", $connect);
$numtopics = mysql_num_rows($countrows);
$numpages = ($numtopics / 20)-($numtopics % 20);
if($numpages < 1)
{
$numpages = 1;
}
$numlast = $numtopics % 20;
if($numlast == 0)
{
$numpages = 1;
}
//Which topics to display
if($page != 1 && numtopics > 20)
{
$last = (20 $page) - 20;
$first = 20 $page;
}
if($page == 1 && numtopics > 20)
{
$last = 1;
$first = (20 * $page) - $numlast;
}
if(numtopics <=20)
{
$last = 1;
$first = $numtopics;
}
?>
<CENTER>
<TABLE>
<?
//List the topics
if($addpost == "no" || !$addpost)
{
for($count=$first; count>=$last; $count--)
{
echo "<TR>";
$whatever=mysql_query("SELECT FROM posts WHERE thread='$thread[title]'", $connect);
$numposts=mysql_num_rows($whatever);
$sql3=mysql_query("SELECT FROM topics WHERE number='$count'", $connect);
$thread=mysql_fetch_row($sql3);
$whatever=mysql_query("SELECT * FROM posts WHERE thread='$thread[title]'", $connect);
$numposts=mysql_num_rows($whatever);
echo "<TD WIDTH='30%'><A HREF='http://forum.levx.net/postview.php?thread=".$thread[title]."&page=1&addpost=no&forum=".$forum.">".$thread[title]."</A></TD><TD WIDTH='15%'>".$thread[user]."</TD><TD WIDTH='5%'>".$numposts."</TD><TD WIDTH='50%'>".dconvert($thread[date])."</TD>";
}
//Form Input HTML
echo "<BR><BR>";
echo "<FORM METHOD='POST' ACTION=".$PHP_SELF.">";
echo "<INPUT TYPE='HIDDEN' NAME='addpost' VALUE='yes'>";
echo "<INPUT TYPE='HIDDEN' NAME='forum' VALUE='".$forum."'>";
echo "Username : <INPUT TYPE='TEXT' NAME='username'><BR>";
echo "Password : <INPUT TYPE='PASSWORD' NAME='password'><BR>";
echo "<BR>Topic : <INPUT TYPE='TEXT' NAME='topic'><BR><BR>";
echo "Place message here : <BR><TEXTAREA NAME='text' ROWS=6 COLS=60></text><BR>";
echo "<INPUT TYPE='SUBMIT' VALUE='send'><BR>";
echo "</FORM><CENTER>";
for($count=$numpages; $count>=1; $count--)
{
echo "<A HREF='http://forum.levx.net/topicview.php?forum=".$forum."&page=".$count."&addpost=no'>".$count."</A> ";
}
echo "<BR><A HREF='http://forum.levx.net/index.php'>LX Forums</A><BR>";
}
if($addpost == "yes")
{
$member = mysql_query("SELECT * FROM users WHERE username='$username'", $connect);
$allow = mysql_fetch_row($member);
if($password == $allow[password] && $username == $allow[username])
{
$newpost = $numtopics + 1;
$forum = mysql_query("SELECT forum FROM topics WHERE title='$thread'", $connect);
echo "<H1>Thanks for posting, ".$username."!<BR><BR>Returning to forum,...</H1>";
echo "<FORM METHOD='LINK' ACTION='".$PHP_SELF."'><INPUT TYPE='HIDDEN' NAME='forum' VALUE='".$forum."'>";
echo "<INPUT TYPE='SUBMIT' VALUE='Back'></FORM>";
mysql_query("INSERT INTO topics VALUES ($newpost, '$topic', '$username', 'datetime()', '$forum')", $connect);
mysql_query("INSERT INTO posts VALUES ('$username', '$topic', '$text', 'datetime()', $newpost)", $connect);
}
if($password != $allow[password] || $username != $allow[username])
{
echo "<H1>Oh, you dirty little hacker! WRONG PASSWORD/USERNAME!!! (it was probably just a typo =P )";
echo "<BR><FORM METHOD='LINK' ACTION='http://forum.levx.net/topicview.php?forum=".$forum."&page=".$numpages."'><INPUT TYPE='SUBMIT' VALUE='Back'></FORM><BR>";
echo "<BR><BR>Result/username=".$allow[username]."<BR>Result/password=".$allow[password]."<BR>Entered Username=".$username."<BR>Entered password=".$password;
}
}
?>
