----------------------------------------- sorry my mail reader didn't indent. comments in ---------- ---------------------------------------- I'm new to this. So I used a tutorial to write this. But it shows "Login ok. Welcome" at once when the page loads. Here is the tutorial: http://www.ss32.x10hosting.com/ss32/files/PHP-logins.pdf <?php include ("DBconnection"); session_start(); $err = 0; echo $err; //just to check. Shows 0 $sql_login = sprintf("SELECT 'name', 'pass' FROM DB ----------------------------- This is going to return name pass If you take the quotation marks away, you will select the actual field values ----------------------------- WHERE 'name'='%s' AND 'pass'='%s'", @$_GET['name'],@md5($_GET['pass'])); ----------------------------- Never send user input directly into the database. Read up on sql injection to find out why ----------------------------- $login = mysql_query($sql_login) or die(mysql_error()); if (mysql_num_rows($login) == 0) { $GLOBALS['MM_username'] == @$_GET['name']; echo $err; //just to check. Shows 0 session_register("MM_username"); echo $err; //just to check. Shows 0 $err = 1; } echo $err; //just to check. Shows 1 <!-- Form --> <?php if ($err != 1) { if ($err == 2) { ?> There was an error processing your login. <?php } ?> }else{ ?> Login ok. Welcome <?php echo "<meta http-equiv=Refresh content=3;url=1stpage.php>"; ---------------------------------------- you will end up here if $err==1 Since you set $err=1; just before the if block begins, this is as expected. You might find the section on if statements in the PHP manual has some useful examples which might make things clearer: http://uk2.php.net/if The tutorial you are following is a bit ropey to be honest if this is the dtandard of the code in it. ---------------------------------------- } ?> -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
