When i go to login using the RIGHT information it just goes through the check.php script and tells me that it is 'wrong username or password', is it the code ?
Here is the code :
<?php
// Connect to server and select databse.
$connect = mysql_connect("", "","")or die("cannot connect");
mysql_select_db("")or die("cannot select DB");
// username and password sent from form
$username = $POST['username'];
$password = $POST['password'];
// To protect MySQL injection (more detail about MySQL injection)
$username = stripslashes(username);
$password = stripslashes(password);
$username = mysql_real_escape_string(username);
$password = mysql_real_escape_string(password);
$query = mysql_query("SELECT * FROM users WHERE username='$username' and password='$password'");
// Mysql_num_row is counting table row
$numrows = mysql_num_rows($query);
// If result matched $username and $password, table row must be 1 row
if($numrows==1){
header("location:..\login session\main.php");
}
else {
echo "Wrong Username or Password";
}
?>
