abdulv
asked on
User Login Script
I am trying to create a login script using three fields. I have tried the following code, but I keep getting "Login failure..".
I have two user record in my database and I am sure it keep grabbing the last one. Does anyone have any ideas where I am going wrong?
Also, if anyone could give me some ideas on making this script a little secure for commercial purposes.
I have two user record in my database and I am sure it keep grabbing the last one. Does anyone have any ideas where I am going wrong?
Also, if anyone could give me some ideas on making this script a little secure for commercial purposes.
<?php
@include("includes/connect.php");
if ($_POST['submit'])
{
$account= $_POST[account];
$username = $_POST[username];
$password = $_POST[pass];
if ($account && $username && $password)
{
$query = mysql_query("SELECT * FROM users WHERE account='$account'");
while ($getrows = mysql_fetch_assoc($query))
{
$dbaccount = $getrows['account'];
$dbusername = $getrows['user_login'];
$dbpassword = $getrows['password'];
}
if (($account == $dbaccount) && ($username == $dbusername) && ($password == $dbpassword))
{
echo "Login Successful";
}
else
{
echo $dbaccount;
echo $dbusername;
echo $dbpassword;
echo "Login failure..";
}
}
else
{
die("Please ensure all field are completed for login");
}
}
?>
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.