Well. I have figured out that the login is working as it should.
The query brings back both the username and the userpass and stores them in
$_SESSION as: auth|yes|logname|Test
When I echoed the query with both user and pass, I got both back as they
should be. In this case I ran user:Test Pass:Testing
Both came back. JOY!! :)
What I did:
if (@$_GET['guildaction'] == "login");
{
$guilduser = $_POST['guilduser_name'];
$guildpass = $_POST['guilduser_pass'];
$sql = "SELECT guilduser_name FROM guildlogin
WHERE guilduser_name='$_POST[guilduser_name]'";
$result = mysql_query($sql) or die("Couldn't execute query.");
$num = mysql_num_rows($result);
if ($num == 1) //loginname found
{
$sql1 = "SELECT guilduser_name FROM guildlogin
WHERE guilduser_name='$guilduser'
AND guilduser_pass=password('$guildpass')";
$result2 = mysql_query($sql1) or die("Couldn't execute query 2.");
$num2 = mysql_num_rows($result2);
if ($num2 > 0) //password is correct
Thanks Michael! I must have written something wrong the first time I tried
it. It seems though that it was all I needed to do.
And offcourse all the others! Thanks alot! Don't think it will be the last
time I ask about this session thing though.
-TW-
