I made a simple Login Form there are some errors in the code I guess.
Everything is working fine but I'm struggling with the MySQL(mysqli) Query part.
But here is my code first:
<?php
session_start();
if(isset($_SESSION['acuser']))
{
redirectpage();
}
else
{
if($_POST)
{
if(isset($_POST['button']) && ($_POST['username']) && ($_POST['password']))
{
$db = 'datenbank';
$dbuser = 'root';
$dbpass = '';
$dbhost = 'localhost';
$connection = mysqli_connect($dbhost,$dbuser,$dbpass);
$selection = mysqli_select_db($connection,$db);
$username = mysqli_real_escape_string($connection,(htmlspecialchars($_POST['password'])));
$password = mysqli_real_escape_string($connection, (htmlspecialchars($_POST['password'])));
$password = md5($password);
if($connection)
{
if($selection)
{
$queryuser = "SELECT * FROM main WHERE Username = '$username'";
$result = mysqli_query($connection, $queryuser);
$checkuser = mysqli_num_rows($result);
if($checkuser)
{
$querypass = "SELECT * FROM main WHERE Username = '$username' AND Password ='$password'";
$resultpass = mysqli_query($connection,$querypass);
$checkpass = mysqli_num_rows($resultpass);
if($checkpass)
{
$data = mysqli_fetch_array ($resultpass);
$_SESSION["acID"] = $data["Id"];
$_SESSION["acUSERNAME"] = $data["Username"];
$_SESSION["acPASSWORD"] = $data["Password"];
$_SESSION["acEMAIL"] = $data["Email"];
}
// Some else stuff
?>
I guess there is something wrong with "mysqli_query()" and "mysqli_num_rows()"!
"Mysqli_num_rows()" can't handle the output of "mysqli_query()" somehow!
Maybe i will find an answer here