hello guys my login script woun't login.. Though all the Forms as been Validated with Javascript by the designer.. i'm to use PHP/MySQL to create the backend but my script woun't login don't know keep get.. this error !
Parse error: parse error, unexpected ';' in /home/sibfonl/public_html/login.php on line 14

here is my login script.

PHP Code:

<?php
session_start();
include ("dbconn.php");

if(!$submit){

$username = $_POST["username"];
$password = $_POST["password"];

$sql = mysql_query("SELECT * FROM users WHERE 'username' = 

'$username' AND 'password' = '$password'") or die(mysql_error());

while($row = mysql_fetch_array($sql);
header("location: members.php");
} else {
echo "Sorry you can't be login either your username or password is 

incorrect
include "newaccount-2.htm";
exit();
?>

Please can some help me figure that out.
Thanks in Advanced
Thanks in Advance

Your while loop isn't right. You shouldnt have a semi-colon at the end it should have a '{' and then a closing one at the end.

PHP Code:

while($row = mysql_fetch_array($sql) {
header("location: members.php"); 

...

} 


Stoot

Also, how are you gonna check to see if they are logged in? Anyone could access the members page from that code, and also, the security for passwords... Is it just the password stored there or is it md5 hashed?

Yeah it's an md5

And the sessions?

PHP Code:

if($submit){

$username = $_POST["username"];
$password = $_POST["password"];
$pass1 = md5($password);
$sql = mysql_query("SELECT * FROM users WHERE 'username' =

'$username' AND 'password' = '$pass1'") or die(mysql_error()); 


Sessions I have done this:

PHP Code:

session_start();
$_SESSION['loggedinuser'] = $username;
setcookie("id", "$id", time()+36000); 


Hello guys, i must thank you all for helping me out.. but i'm still having problem don't know wat is wrong can take a look at this now ?? idon't know wat is wrong

i got this error !
Parse error: parse error, unexpected T_STRING in /home/sibfonl/public_html/login.php on line 3

PHP Code:

<? php

session_start(); 
$_SESSION['loggedinuser'] = $username; 
setcookie("id", "$id", time()+36000); 

if($submit){ 

$username = $_POST["username"]; 
$password = $_POST["password"]; 
$pass1 = md5($password); 
$sql = mysql_query("SELECT * FROM users WHERE 'username' = 

'$username' AND 'password' = '$password'") or die(mysql_error()); 

while($row = mysql_fetch_array($sql)){ 
header("location: members.php"); 
} else { 
echo "Sorry you can't be login either your username or password is 

incorrect 
include "newaccount-2.htm"; 
exit(); 
?>

Heres my script:

PHP Code:

<? 
include("functions.php");
db_connect();

$pass = $_POST['pass'];
$username = $_POST['user'];
$averify = $_POST['admin'];
$md5pw = md5($pass);

$query="SELECT * FROM users WHERE username='$username' AND md5pw='$md5pw'";
$result=mysql_query($query) or die("Unable to carry out task because ".mysql_error());

$row = mysql_fetch_array($result);

$id = $row['id'];


if(mysql_num_rows($result)==0) {
echo ("The database contains no record of your user or your password is incorrect."); 
} else {


session_start();
$_SESSION['loggedinuser'] = $username;
setcookie("id", "$id", time()+36000);

mysql_close();    


?>

<html>
<META HTTP-EQUIV="Refresh" CONTENT="0;URL=./?p=">
</html>

<?

echo("Logging you in as: $user");
}
?>

Ths is linked by login.php. login.php has a form linking to that, username and password, once these have been entered check_login checks it and if it is correct it sets a session and if not .. well, it doesnt log you in!

Thanks I'm gonna try ur code out... and gv u feed back

If your installation of PHP has register_globals turned off (default for php 5 and recommended of other PHP versions) then I doubt you're going to get anything from checking the submit var like this:

PHP Code:

if($submit){ 
do this
} else {
do this instead
} 


You need to be calling the submit var like this:

PHP Code:

if ( isset($_POST['submit']) ){ 
do this
} else {
do this instead
} 


Hope that helps some!