Hi all, it's been a while.
I'm trying to figure out how to write a simple user login system and I've got it for the most part, my only problem is I can't figure out how to construct my sql statement to allow logins from every user in the db.
From what I have so far, only the very first user is able to login, all the rest of the users get a username/password failure. I think my problem is I need to iterate through the whole database or something along those lines but I haven't much of a clue how I could do that.
Here's my code:
$query = "SELECT * FROM users";
$result = @($query);
while ($row = mysql_fetch_assoc($result)){
$USER = $row[userName];
$PASS = $row[password];
//Username Stored for logging
define("USER", "$USER");
// Password Stored
define("PASS", "$PASS");
}
// Normal user section - Not logged ------
if(isset($REQUEST['username']) && isset($REQUEST['password']))
{
// Section for logging process -----------
$user = trim($REQUEST['username']);
$pass = trim($REQUEST['password']);
if($user == USER && $pass = PASS)
{
// Successful login ------------------
// Setting Session
$_SESSION['user'] = USER;
// Redirecting to the logged page.
header("Location: index.php?content=admin");
}
else
{
// Wrong username or Password error
echo "Wrong username or password please try again";
}
}
}
Thanks
