My first piece of PHP
Thought id see if theirs any errors In it before I uploaded.
Took a while because I keep getting errors in the PHP Pad I use


<?php session_start(): ?>
<html>
<head />
<body>

<form action='index.php?login=yes' method=POST>
Username: <input type=text name='user'><br />
Password: <input type=password name='pass'><br />
<input type=submit value='Go!'>
</form>

<?php

$user=$_POST['user'];
$pass=$_POST['pass'];
$login=$_GET['login'];

if ($login=='yes'){
$con=mysql_connect('192.168.0.4','test',);
mysql_select_db("login");

$get=mysql_query("SELECT count(id) FROM login WHERE user='$user' AND pass='$pass");
$results=mysql_result($get, 0);

mysql_close($con);

if ($result!=1) echo "Login failure!";
else{
echo "Login success!";
$_SESSION['user']=$user;
};
};

?>


</body>
</html>

Looks alright on the first sight, all I notice is:



pass='$pass"


shouldn't that be



pass='$pass'"


(forgot the last ' before the " )

EDIT= that is in this line:

$get=mysql_query("SELECT count(id) FROM login WHERE user='$user' AND pass='$pass");
$results=mysql_result($get, 0);

;4203271']Looks alright on the first sight, all I notice is:



pass='$pass"
shouldn't that be



pass='$pass'"
(forgot the last ' before the " )

EDIT= that is in this line:

$get=mysql_query("SELECT count(id) FROM login WHERE user='$user' AND pass='$pass");
$results=mysql_result($get, 0);

Yeh thanks Oh well not bad for my first little thing only missed a '

Just quickly edited it all for you! :D

<?php session_start(); ?>
<html>
<head>
</head>
<body>

<form action="index.php?login=yes" method=POST>
Username: <input type=text name="user"><br />
Password: <input type=password name="pass"><br />
<input type=submit value="Go!">
</form>

<?php

$user = $_POST["user"];
$pass = $_POST["pass"];
$login = $_GET["login"];

if ($login == "yes")
{

$con = mysql_connect("192.168.0.4","test");
mysql_select_db("login");

$get = mysql_query("SELECT count(id) FROM login WHERE user='" . $user . "' AND pass='" . $pass . "'");
$results = mysql_result($get, 0);

mysql_close($con);

if ($results != 1)
{

echo "Login failure!";

}

else
{

echo "Login success!";
$_SESSION["user"] =$user;

}

}

?>


</body>
</html>I think that should work.

I edited:

<?php session_start(): ?> to
<?php session_start(); ?>
$con=mysql_connect('192.168.0.4','test',);to
$con = mysql_connect("192.168.0.4", "test");
$get=mysql_query("SELECT count(id) FROM login WHERE user='$user' AND pass='$pass");to
$get = mysql_query("SELECT count(id) FROM login WHERE user='" . $user . "' AND pass='" . $pass . "'");
if ($result!=1) echo "Login failure!";to
if ($results != 1)
{

echo "Login failure!";

}I also changed the ''s to ""s :), makes me happier.

Lol at Frog!

It all looks complicated, so I say you've done it right!

I've taken what Frog did and added some room for errors if they are returned, in other words say something fails (like connecting to the database) then it wont just give you a weird error, it will tell you something.

I've also added a "hidden" field so that if the user just happens to navigate to "index.php?login=yes" unknowingly then it wont try and log them in. Also, you forgot some quotes in your HTML form so I added them :)


<?php session_start(); ?>
<html>
<head>
</head>
<body>

<form action="index.php?login=yes" method="post">
Username: <input type="text" name="user" /><br />
Password: <input type="password" name="pass" /><br />
<input type="hidden" name="loginactually" value="yes" />
<input type="submit" value="Go!" />
</form>

<?php

$user = $_POST["user"];
$pass = $_POST["pass"];
$login = $_GET["login"];
$submitted = $_POST['loginactually'];

if ($login == "yes"&&$submitted == "yes")
{

if(mysql_connect("192.168.0.4", "test"))
{
$con = mysql_connect("192.168.0.4", "test")
$connected = "yes";
if(mysql_select_db("login"))
{
mysql_select_db("login");
$selected = "yes";
}else{
echo "Could not select database!<br/>";
echo "Message from MySQL server: ";
echo mysql_error();
}
}else{
echo "Could not connect to MySQL server.";
echo "Message from MySQL server: ";
echo mysql_error();
}

if($connected == "yes"&&$selected == "yes"){
if($get = mysql_query("SELECT count(id) FROM login WHERE user='" . $user . "' AND pass='" . $pass . "'"))
{
if($results = mysql_result($get, 0))
{
}else{
echo "Could not get result.<br/>";
echo "Message from MySQL server: "
echo mysql_error();
}
}else{
echo "Bad query.<br/>";
echo "Message from MySQL server: ";
echo mysql_error();
}

mysql_close($con);

if ($results != 1)
{

echo "Login failure!";

}

else
{

echo "Login success!";
$_SESSION["user"] = $user;

}

}

?>


</body>
</html>

:)