ok, the extra ) was my fault, sorry about that.
You need to put the $_POST stuff on the admin_login.php page, not the login.php page. It RETRIEVES the data, it doesn't send data... see what I mean?
So:
1) Get rid of the PHP stuff in your HTML form, unless you're planning to use a cookie to add their username to the VALUE field for username, there's no point.
2) Remove any other PHP code you added to the login.php form due to this thread.
3) On admin_login.php (the target, aka, ACTION, for your login form) make it look like this:
<?
include('connect.php');
function get_data_by_method($method_hash,$element){
foreach ($method_hash as $key => $value) {
if($key == $element){return $value; }
}
return "";
}
$user = get_data_by_method($_POST,"username");
$pass = md5(get_data_by_method($_POST,"password"));
$sql = "SELECT username,password FROM admin WHERE username='".$user."' and password='".$pass)."';";
$results = mysql_fetch_array(mysql_query($sql));
if(!isset($db_user)){$db_user = false;}
if(!isset($db_pass)){$db_pass = false;}
foreach($results as $field => $value){
if($field == "username"){$db_user = $value; }
if($field == "password"){$db_pass = $value; }
}
if(!$db_user || !$db_pass){ echo "couldnt get informtion"; }
else{
if($db_user == $user && $db_pass == $pass){
setcookie("admin",$userid,time() + 3600);
echo "Welcome Admin - You have Admin Access <a href=admin.php>click here to continue</a>";
}
else{ echo "You do not have permission to access this area, sorry <a href=login.php>click here to go back</a>"; }
}
?>
-
-
-
- <?
-
- include('connect.php');
-
-
-
- function get_data_by_method($method_hash,$element){
-
- foreach ($method_hash as $key => $value) {
-
- if($key == $element){return $value; }
-
- }
-
- return "";
-
- }
-
-
-
-
-
- $user = get_data_by_method($_POST,"username");
-
- $pass = md5(get_data_by_method($_POST,"password"));
-
-
-
-
-
- $sql = "SELECT username,password FROM admin WHERE username='".$user."' and password='".$pass)."';";
-
- $results = mysql_fetch_array(mysql_query($sql));
-
-
-
- if(!isset($db_user)){$db_user = false;}
-
- if(!isset($db_pass)){$db_pass = false;}
-
-
-
- foreach($results as $field => $value){
-
- if($field == "username"){$db_user = $value; }
-
- if($field == "password"){$db_pass = $value; }
-
- }
-
-
-
- if(!$db_user || !$db_pass){ echo "couldnt get informtion"; }
-
- else{
-
- if($db_user == $user && $db_pass == $pass){
-
- setcookie("admin",$userid,time() + 3600);
-
- echo "Welcome Admin - You have Admin Access <a href=admin.php>click here to continue</a>";
-
- }
-
- else{ echo "You do not have permission to access this area, sorry <a href=login.php>click here to go back</a>"; }
-
- }
-
- ?>
-
-
Let me know if that works
.c
*EDIT: Changed function name to work for ANY collectoin hash, not just post....