Hi,
I've spent forever trying to figure out what's wrong with this little bit of code. I suspect it is dying at
$result = mysql_query($link, $sql_result)or die(mysql_error($link));
but I can't see why.
Sorry to ask such an elementary question--but i'm stuck.
Bob
<?php
//check for required fields from the form
if ((!isset($POST["username"])) || (!isset($POST["password"]))) {
header("Location: userlogin.html");
exit;
}
//connect to server and select database (removed for obvious reasons)
$link = mysql_connect(etc);
//create and issue the query
$sql_result = "SELECT last, first FROM Dad_Profile WHERE
username = '".$POST["username"]."' AND
password = PASSWORD('".$POST["password"]."')";
$result = mysql_query($link, $sql_result)or die(mysql_error($link));
//get the number of rows in the result set; should be 1 if a match
if (mysql_num_rows($result) == 1) {
//if authorized, get the values of f_name l_name
while ($info = mysql_fetch_array($result)) {
$f_name = stripslashes($info['first']);
$l_name = stripslashes($info['last']);
}
//set authorization cookie
setcookie("auth", "1", 0, "/", "mywebsite.com", 0);
//create display string
$display_block = "
<p>".$f_name." ".$l_name." is authorized!</p>
<p>Authorized Users' Menu:</p>
<ul>
<li><a href=\"nextpage.php\">next page</a></li>
</ul>";
} else {
//redirect back to login form if not authorized
header("Location: userlogin.html");
exit;
}
echo "<br/> end of script";
?>
<html>
<head>
<title>User Login</title>
</head>
<body>
<?php echo "$display_block"; ?>
</body>
</html>
