(Obfuscated DB login credentials -- MOD)
<?php
$host="localhost"; // Host name
$username="*******"; // Mysql username
$password="*******"; // Mysql password
$db_name="*******"; // Database name
$tbl_name="user_info"; // Table name
// Connect to server and select databse.
mysql_connect("localhost","eaglecr8_donovan","eaglecrest")or die("cannot connect");
mysql_select_db("eaglecr8_eaglecrestjobpost")or die("cannot select DB");
// username and password sent from form
$username=$_POST['username'];
$password=$_POST['password'];
// To protect MySQL injection (more detail about MySQL injection)
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$sql="SELECT * FROM user_info WHERE username='$username' and password='$password'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "loginsuccess.php"
session_register("username");
session_register("password");
header("location:loginsuccess.php");
}
else {
echo "Wrong Username or Password";
}
?>
Not sure what's wrong it's returning Wrong User name or Password
