Terion Miller wrote:
> Well I changed it because it's not a post since its not coming from a form
> is this closer?
>
> if (!empty($UserName)) {
>
Why are you doing this? Only to see if > 0 rows are returned? You can
use the results you know.
> $sql = "SELECT `AdminID`,`UserName` FROM `admin` WHERE
> `UserName`='$UserName' and `Password`='$Password'";
> $result = mysql_query ($sql);
> $row = mysql_fetch_object ($result);
Do you maybe mean $row['AdminID']? Well you're using objects now so
$row->AdminID?
> $AdminId = $_SESSION['AdminID'];
>
What in the hell are you doing here? If it's set then set it again to
equal itself?
> if(isset($_SESSION['AdminID']))
> $_SESSION['AdminID'] = $_SESSION['AdminID'];
> else
> $_SESSION['AdminID'] = $AdminID;
>
> If (mysql_num_rows($result) > 0) {
> $_SESSION['AdminLogin'] = true;
> $_SESSION['user']=$UserName;
> $_SESSION['AdminID']=$AdminID;
>
> header ('Location: Main.php');
> exit;
> } else {
You either need to get a good PHP book or pay much closer attention to
what you're doing. Many more problems, but those seem to cause your
issue. This is not complete but seems to be the structure you need:
session_start();
include("inc/dbconn_open.php");
if (!empty($_POST['UserName']) && !empty($_POST['Password'])) {
$UserName = $_POST['UserName'];
$Password = $_POST['Password'];
$sql = "SELECT `AdminID`,`UserName` FROM `admin` WHERE
`UserName`='$UserName' and `Password`='$Password'";
$result = mysql_query ($sql);
$row = mysql_fetch_object ($result);
If (mysql_num_rows($result) > 0) {
$_SESSION['AdminLogin'] = true;
$_SESSION['user'] = $UserName;
$_SESSION['AdminID'] = $row->AdminID;
header ('Location: Main.php');
exit;
} else {
--
Thanks!
-Shawn
http://www.spidean.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
