why doesn't my code work?

JiX

I've been trying to get my code work for a while now and I'm getting quite frustrated. I'm trying to make a login page that checks the logger's ids from mysql database. here's the code of the login form:

<html>

<body>

<form action="login.php" method="POST">
Your e-mail: <input type=text name="e_mail">
<br>
Your password: <input type=password name="password">
<br>
<input type="submit" value="Login" name="login">
</form>

</body>
</html>

and here's the code of the 'login.php':

<html>

<body>

<?php

if (empty($POST['e_mail']) || empty($POST['password']))
{
echo "Error!!!";
}
else
{
$user=$POST['e_mail'];
$pass=$POST['password'];

$db = mysql_connect("localhost");
mysql_select_db("affiliatedb", $db);
$result = mysql_query("SELECT * FROM affiliates WHERE email = '$user' AND password = '$pass'", $db);

if ($result > 0)
{
echo "do something...";
}
else
{
echo "error: wrong e-mail/password";
}

mysql_close();
}

</body>
</html>

but every time I try to run the program, the $result is greater than 0 no matter what I write in the login form.

the database variables 'email' and 'password' are varchar...

So what is wrong, is it me or what?

Thanks for your time

hkucsis

try this

if (mysql_num_rows($result) > 0)

khaldryck

that's because even if your query doesn't retrieve anything, it succeeded and so the $result is not empty
what you need to do is either :

if(mysql_num_rows($result)>0) { do something ]
else {echo "error"; }

this will jsut tell you there is someone with that email and password, but you can't do anything else until you fetch the result
if you need it do this instead :

if($arr=mysql_fetch_array($result)) {
do something ... 
$id=$arr["id"]; // this will get the id of the user to put in a session for exemple
} else { 
echo "error";
}

i often use the second option.

JiX

hey, thanks alot both of you, that worked 🙂

lol I feel like a real dumbass, o well, I just started php yesterday 🙂

but thanks anyway for your help 😃