THe following code is failing to authenticate.
Here's the code:
session_start(); // start session.
include_once ("sql_layer.php");
include_once("functions.php");
include_once("common.php");
<!-- header tags, edit to match your own, or include template header file. -->
<html>
<head>
<title>Login</title>
<head>
<body>
if(!isset($_SESSION['email']) | !isset($_SESSION['pwd'])) {
// escape from php mode.
<form action="
=$PHP_SELF
" method="POST">
<p align="center">Members only. Please login to access this document.</p>
<table align="center" border="0">
<tr>
<th>
Username:
</th>
<th>
<input type="text" name="email">
</th>
</tr>
<tr>
<th>
Password:
</th>
<th>
<input type="password" name="pwd">
</th>
</tr>
<tr>
<th colspan="2" align="right">
<input type="submit" value="Login">
</form>
</th>
</tr>
</table>
</body>
</html>
exit();
}
// If all is well so far.
session_register("email");
session_register("pwd"); // register username and password as session variables.
// Here you would check the supplied username and password against your database to see if they exist.
// For example, a MySQL Query, your method may differ.
dbConnect ('crc');
$result = sql_query("SELECT * FROM tblusers WHERE emailaddress = '$email' and password = md5('$pwd')");
$row= sql_fetch_array($result);
$numrows = sql_num_rows($result);
if($numrows != "0" & $pwd == $row['password']) {
$valid_user = 1;
}
else {
$valid_user = 0;
}
// If the email exists and pass is correct, don't pop up the login code again.
// If info can't be found or verified....
if (!($valid_user))
{
session_unset(); // Unset session variables.
session_destroy(); // End Session we created earlier.
// escape from php mode.
<form action="<?=$PHP_SELF?>" method="POST">
<p align="center">Incorrect login information, please try again. You must login to access this document.</p>
<?php echo $POST['email']; ?>
<br>
<?php echo $POST['pwd']; ?>
<br>
<table align="center" border="0">
<tr>
<th>
Username:
</th>
<th>
<input type="text" name="email">
</th>
</tr>
<tr>
<th>
Password:
</th>
<th>
<input type="password" name="pwd">
</th>
</tr>
<tr>
<th colspan="2" align="right">
<input type="submit" value="Login">
</form>
</th>
</tr>
</table>
</body>
</html>
exit();
}
I have echoed the username, password and the query and all are correct. I am getting no errors. I ran a query using MYSQLStudio and I was got results.
Any sugesstions?
