@Victor from my understanding, $u_id is just a variable. Correct me if i am wrong but I think I can call it anything as long as I am consistent with its use.@Peter and Kennedy I had been using that and all I got was a blank page although the address bar showed it had moved to my php file.On Wed, Apr 24, 2013 at 2:59 PM, Kennedy Kairu Kariuki <kkairu@gmail.com> wrote:
True Peter. Also the other parts where you are doing comparison and not assignment.On Wed, Apr 24, 2013 at 2:56 PM, Peter Karunyu <pkarunyu@gmail.com> wrote:
I suspect it's line 18 where you state thus:if($numrows=1){I reckon you wanted to say:if($numrows == 1){
Peter KarunyuOn Wed, Apr 24, 2013 at 2:46 PM, Victor Yegon <viktayeg@gmail.com> wrote:
How do you assign username an id??On Wed, Apr 24, 2013 at 2:40 PM, Andrew Nduati <nduatiandrew@gmail.com> wrote:
_______________________________________________Afternoon people, I urgently need someone to look at my code below and tell my why:1. The wrong credentials allow one access.2. Only the dealers page is opening even after selecting user or admin portals.Looking forward to helpful feedback thanks.THE CODE:<?php$portal=$_POST['portal'];$u_id=$_POST['uname'];$pwd=$_POST['upass'];//my sql part$host="localhost";$dbuser="root";$dbpass="";//connect to the database$conn= mysql_connect($host,$dbuser,$dbpass) or exit("Connection Error".mysql_error());mysql_select_db('cars') or exit("Database not found");//The Query$strSQL= "SELECT `u_name` from `users` where `u_name` = '.$u_id.' and `pass` = '.$pwd.' and `type` = '.$portal.'";$result=mysql_query($strSQL, $conn) or exit("sql Error:".mysql_error());//logic test$numrows=mysql_num_rows($result);//error below hereif($numrows=1){/*echo "success";echo "Name:".$u_id."</br>";*///user accessif ($portal="user"){header("Location:upload.html");}else{echo "login error";return false;}//dealer access even with wrong credentials this is openedif ($portal="dealer"){header ("Location:select.html");}//administrator accesselseif ($portal="admin"){header ("Location : login.html");}}else{echo" Login Failed";echo "</br><a href='#' onclick='window.history.back();'>Click Here</a>";}?>
skunkworks mailing list
skunkworks@lists.my.co.ke
------------
List info, subscribe/unsubscribe
http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
------------
Skunkworks Rules
http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
------------
Other services @ http://my.co.ke
--Regards,
Yegon Victor | Web Specialist/Internet Consultant |
_______________________________________________
skunkworks mailing list
skunkworks@lists.my.co.ke
------------
List info, subscribe/unsubscribe
http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
------------
Skunkworks Rules
http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
------------
Other services @ http://my.co.ke--
Regards,
-------------------
_______________________________________________
skunkworks mailing list
skunkworks@lists.my.co.ke
------------
List info, subscribe/unsubscribe
http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
------------
Skunkworks Rules
http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
------------
Other services @ http://my.co.ke
_______________________________________________
skunkworks mailing list
skunkworks@lists.my.co.ke
------------
List info, subscribe/unsubscribe
http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
------------
Skunkworks Rules
http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
------------
Other services @ http://my.co.ke