I am attempting to get a simple account sign-in setup and functioning; However, when running my 'signIn' function I seem to keep hitting 'Unsuccessful login'.
I used the var_dump function trying to locate the problem, and saw that var_dump($row['username']); die;
was returning NULL. I feel that the problem might be originating from my mysql_query
or mysql_fetch_array
.
Any help is greatly appreciated.
<?php
$host = 'localhost';
$database = 'database_name';
$username = 'username';
$password = 'password';
// Create connection
$conn = mysql_connect($host, $username, $password);
// Check connection
if ($conn->connect_error) {
die('Connection failed: ' . $conn->connect_error);
}
echo 'Connected successfully. ';
mysql_select_db($database) or die('Unable to select database. ');
$signIn = $_POST['signIn'];
function signIn() {
// Start session
session_start();
// Variables
$ID = $_POST['username'];
$Password = $_POST['password'];
if (!empty($ID)) {
$query = mysql_query('SELECT * FROM `signin` WHERE username = "$ID" AND password = "$Password"');
$row = mysql_fetch_array($query, MYSQL_ASSOC);
// Troubleshooting
var_dump($row['username']); die;
if (!empty($row['username']) AND !empty($row['password'])) {
$_SESSION['username'] = $row['password'];
echo "Successful login. ";
} else {
echo "Unsuccessful login. ";
}
}
}
if(isset($signIn)) {
signIn();
}
?>
Below is a screenshot of the current database table structure.
The problem is variable interpolation:
mysql_query('SELECT * FROM `signin` WHERE username = "$ID" AND password = "$Password"');
single quotes will not expand $ID and $Password to their values in the query, you need to use double quotes:
mysql_query("SELECT * FROM `signin` WHERE username = '$ID' AND password = '$Password'");