Okay so as you will probably be able to tell but, I am pretty new to MySQL and PHP and I have ran into a problem.. In my connect.php, which connects to the server, I don't know if my password and username along with the port are right. Now the reason it says port 8080 is because one of my other web development programs was using port 80 so I went in to the Apache files and changed to port, so now when I log into phpMyAdmin I have to type localhost:8080. I don't know if that has to do with mysql_connect, also I checked on phpMyAdmin and it says my username is root and my password is empty. Does the empty password mess with MySQL_connect()? Thanks, here's the code:
connect.php:
<?php
//This file allows me to easily connect to my database
mysql_connect("localhost:8080", "root", "");//connects to database, params are ("servername", "username", "password");
mysql_select_db("membersystem");//selects the table from db
?>
login.php:
<?php
error_reporting (E_ALL ^ E_NOTICE);//saves us from getting undefined index error
session_start();//makes it a sesion based system
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login</title>
</head>
<body>
<!--the action='./login.php' tells the page where its gonna send the info, and the method='post' makes it so it dosent show the users personal info -->
<?php
$form = "<form action='./login.php' method='post'>
<table>
<tr>
<td>Username</td>
<td><input type='text' name='user'/></td>
</tr>
<tr>
<td>Password</td>
<td><input type='password' name='password'/></td>
</tr>
<tr>
<td></td>
<td><input type='submit' name='loginbtn' value='Login'/></td>
</tr>
</table>
</form>";
if($_POST['loginbtn']){//if loginbtn pressed
$user = $_POST['user'];//gets the username from text field from the form above
$password = $_POST['password'];//gets the password from text field from the form above
if($user){//checks if the username field from the form has been filled out
if($password){//checks if the password field from the form has been filled out
require("connect.php");//connects to db through connect.php
$password = md5(md5("gshgrYY665f".$password."gr76TH967G"));//encrypts the password
//echo "$password"; echos the hash for password (5f8b1a8d8f2471a2c7c17e0058873447 )
$query = mysql_query("SELECT * FROM users WHERE username='$user' ");//checks if the username is found in database
$numrows = mysql_num_rows($query);
if($numrows == 1){
$row = mysql_fetch_assoc($query);//gets the query associated with the php
$dbid = $row['id'];//gets the id from db
$dbuser = $row['username'];//gets the username from db
$dbpass = $row['password'];//gets the password from db
$dbactive= $row['active'];//gets the active value from db
if($password == $dbpass){
if($dbactive == 1){
//sets session info
$_SESSION['userid'] = $dbid;
$_SESSION['username'] = $dbuser;
echo "you have been logged in as <b>$dbuser</b>. <a href='./member.php'>Click here</a> to go to member page";
}
else
echo "You must activate your account to login. $form";
}
else
echo "You didnt enter the right pass. $form";
}
else
echo "The username you entered was not found. $form";
mysql_close();//closes connection
}
else
echo "You must enter your password. $form";
}
else
echo "You must enter your username. $form";
}
else
echo $form;
?>
</body>
</html>
