All: Sorry..... I forgot to write what's wrong....stupid me... Mike:1) I'm not sure how to indent the code... 2) I'm using Dreamweaver, but not to write the code for me. I'm not that lazy :). And that's not the way for me to learn. It's just rather annoying that all the tutorials I have tried seems to fail. How can I learn when I'm apparently given the wrong information. I am searching php.net <http://php.net> for the right code, but it can be rather overwhelming at some points.... Chris: No, it did not work before I made these changes. The way it should work: --------------------------------------- Register.php ------------------------- Sends the information from the form(guilduser_name and guilduser_pass) to the DB, encrypting the password with md5 encryption. This works as intended. No need for any security since am the only one with access to this. ---------------------------------------- Code for Register.php: ---------------------------------------- <html> <head> <title>HOoSRegisterpage for new membersHOoS</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <link href="stylesheets/holyorder.css" rel="stylesheet" type="text/css"> </head> <body bgcolor="#000000"> <?php include ("connections/HOoStest.php"); if (isset($_POST["MM_insert"]) && $_POST["MM_insert"] == "reg") { $sql_reg = sprintf("INSERT INTO guildlogin (guilduser_name, guilduser_pass) VALUES ('%s', '%s')", $_POST['guilduser_name'], md5($_POST['guilduser_pass'])); $reg = mysql_query($sql_reg) or die(mysql_error()); } ?> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="200" align="center"><img src="guildimages/tabard.jpg" alt="pic1"></td> <td align="center"> <!--Mainlogo--> <img src="guildimages/main_logo.jpg" alt="logo"></td> <td width="200" align="center"><img src="guildimages/tabard.jpg" alt="pic1"></td> </tr> <tr> <td colspan="3" align="center"> <table> <form action="<?php $_SERVER['PHP_SELF']; ?>" method="post"> <tr> <td align="center" valign="middle" class="maintext"> New user:<input name="guilduser_name"> </td> </tr> <tr> <td align="center" valign="middle" class="maintext"> Password:<input name="guilduser_pass" type="password"><br> <input type="hidden" name="MM_insert" value="reg"> </td> </tr> <tr> <td align="center" valign="middle" class="maintext"> <input name="submit" type="image" src="guildimages/register_btn.jpg" value="update"> </td> </tr> </form> </table> </td> </tr> </table> </body> </html> ----------------------------------- Guildlogin.php ----------------------------------- This should create a session variable for the authentication, but it fails at some point. I have checked the sessiondata on my testserver, and that shows blank. So it's clear for me that I don't get the information saved in the variable $_SESSION. I don't get any sql errors, so I don't think that is the problem. But then again....it is my first script, and I could offcourse be wrong. I'm not sure where I should put the echo $sql; to check the query.Since the Guildlogin.php sends me directly to the error page at the end of execution. The script sends me to the loginerror.php even if the username and the password is correct. The point here is that this happens every time I press the button "login" in the form, regardless of the input in the form. -------------------- Code for Guildlogin.php: ---------------------- <?php include ("connections/HOoStest.php"); session_start(); if (@$_GET['guildaction'] == "login"); { $sql = "SELECT guilduser_name FROM guildlogin WHERE guilduser_name='$_POST[guilduser_name]'"; $result = mysql_query($sql) or die("Couldn't execute query."); $num = mysql_num_rows($result); if ($num ==1) //loginname found { $sql = "SELECT guilduser_name FROM guildlogin WHERE guilduser_name='$_POST[guilduser_name]' AND guilduser_pass=password('$_POST[guilduser_pass]')"; $result2 = mysql_query($sql) or die("Couldn't execute query 2."); $num2 = mysql_num_rows($result2); if ($num2 > 0) //password is correct { $_SESSION['auth']="yes"; $logname=$_POST['guilduser_name']; $_SESSION['logname'] = $logname; header("Location: HolyOrder1.php"); exit(); } else //password is not correct { unset($guildaction); $message="Login not correct"; header("Location: Guildloginerror.php"); } } elseif ($num == 0) // Wrong name. Name not in db { unset($guildaction); $message="Login failed"; header("Location: Guildloginerror.php"); } } ?> ------------------------------------------- The form: ------------------------------------------- I don't feel it's nessesary to explain this... ------------------------------------------- Code for loginform: ------------------------------------------- <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" " http://www.w3.org/TR/html4/loose.dtd";> <html> <head> <title>HOoSloginpage for membersHOoS</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <link href="stylesheets/holyorder.css" rel="stylesheet" type="text/css"> </head> <body bgcolor="#000000"> <table width="100%" border="0" cellspacing="0" cellpadding="0" class="maintext"> <tr> <td width="200" align="center"><img src="guildimages/tabard.jpg" alt="pic1"></td> <td align="center"> <!--Mainlogo--> <img src="guildimages/main_logo.jpg" alt="logo"></td> <td width="200" align="center"><img src="guildimages/tabard.jpg" alt="pic1"></td> </tr> <tr> <td colspan="3" align="center"> <table> <form action="Guildlogin1.php?guildaction=login" method="post"> <tr> <td align="center" valign="middle" class="maintext"> Login as:<input type=text name="guilduser_name"> </td> </tr> <tr> <td align="center" valign="middle" class="maintext"> Password:<input type="password" name="guilduser_pass"><br> </td> </tr> <tr> <td align="center" valign="middle" class="maintext"> <input name="log" type="image" src="guildimages/login_btn.jpg" value="Enter"></td> </tr> </form> </table> </td> </tr> </table> </body> </html> ----------------------------------------------- End ----------------------------------------------- I hope this was a better explanation than the last one...hehe... I guess I was busy pulling out my hair... -TW-
