0

I am trying to make a simple php and sql login form, but it is not working

Can anyone help me to fix my code?

<form  method="post" action="form.php">
    Username <input type="text" name="username"><br>
    Password <input type="password" name="password">
    <br>
    <input type="submit" name="submit" value="submit">
</form>


<?php
if (isset($_POST['submit'])) {

    $username = $_POST['username'];
    $password = $_POST['password'];
    $con = mysql_connect("localhost", "root", "");
    mysql_select_db($con, "formcolumn");
    $sql = mysql_query("select * from data1_table where username='$username' and password='$password' ");
    $row = mysql_fetch_array($sql);
    $uname = $row['username'];
    $pass = $row['password'];
    if ($username == $uname && $password == $pass) {
        header("Location: main.php");
    } else {
        echo "invalid username and password ";
    }
}
?>
Improve this question
8
  • 1
    what error are you getting ? Commented Dec 27, 2013 at 13:02
  • Your script is vulnerable to SQL injections. You should learn how to prevent them. Commented Dec 27, 2013 at 13:03
  • 3
    "it is not not working" is not an acceptable error description. Commented Dec 27, 2013 at 13:03
  • where do you get error and what error do you get please explain Commented Dec 27, 2013 at 13:03
  • Once you've fixed the problem please consider that there's no point in checking username and password equal the values that you used to select the row. Commented Dec 27, 2013 at 13:03

2 Answers 2

Reset to default
1

Replace mysql_select_db($con, "formcolumn"); with mysql_select_db("formcolumn",$con); where formcolumn is your Database name

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

thanks bro still getting 1 warning Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\php\zz\m\form.php on line 19
0

Interchange the positions of your parameters in your mysql_select_db function bass the name of your database first then pass the connection. You must remember this is a predefined function and it is defined to accept parameters in a certain order therefore it expects that the first parameter passed to the function is going to be the database name.

You should have 

mysql_select_db("formcolumn",$con);

also why not try something along the lines of this:

$sql = "select * from data1_table where username='$username' and password='$password'";
$result = mysql_query($sql,$con);
$row= mysql_fetch_assoc($result);
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.