Hello all. Trying to have a login/admin area on my site, here's the code for the login page that I have:
<?php
session_start();
// dBase file
include "conf.php";
if ($_GET["op"] == "login")
{
if (!$_POST["username"] || !$_POST["password"])
{
die("You need to supply a username and password.");
}
// Create query
$q = "SELECT * FROM `dbUsers` "
."WHERE `username`='".$_POST["username"]."' "
."AND `password`=PASSWORD('".$_POST["password"]."') "
."LIMIT 1";
// Run query
$r = mysql_query($q);
if ( $obj = @mysql_fetch_object($r) )
{
// Login O.K., create session variables
$_SESSION["valid_id"] = $obj->id;
$_SESSION["valid_user"] = $_POST["username"];
$_SESSION["valid_time"] = time();
// Redirect to member page
Header("Location: admin.php");
}
else
{
// Login not successful
die("Sorry, could not log you in. Wrong login information.");
}
}
else
{
echo "<form action=\"?op=login\" method=\"POST\">";
echo "Username: <input name=\"username\" size=\"15\"><br />";
echo "Password: <input name=\"password\" size=\"8\"><br />";
echo "<input type=\"submit\" value=\"Login\">";
echo "</form>";
}
?>
But when I try to login this is what happens:
Right Login and Right Password
It displays, "Sorry, could not log you in. Wrong login information." This is wrong, I am 100% I entered the correct password and username, actually tried it several times.
Right Login and Wrong Password
It displays, "Sorry, could not log you in. Wrong login information." like it should.
No Login or Password
It displays, "You need to supply a username and password.." like it should.
What did I do wrong?
