Log In function

Newbie Member
3Jul2011,17:26   #1
NycNessyness's Avatar
Hello everyone! I'm using psql and php to create an auction like site. I've never done a portion where I had to verify someone's name and needed assistance with how to have this successfully execute. Below is what I have below but it mentions that it is not a valid resource, when I enter in the username. I'm probably doing this incorrectly but I've been at this all night and still can't get it to successfully execute. The table that I have is a User table with four variables. User Id as int, Username as Varchar, Userpass as Varchar and Name of the user as Varchar. All I'm trying to validate for is the Userpass and Username and I'm not sure on what I could be doing wrong as I've tried numerous scenarios posted by others. Thanks in advance!

HTML Code:
<?php

//when submit button is selected it validates data
 if ($_POST['submit']) 
 {
     $dbh = pg_connect("host=999.9.9 dbname=dbname user=user password=password");
     
     if (!$dbh) 
     {
         die("Error in connection: " . pg_last_error());
     }
    
     // escape strings in input data

     $myuserName = pg_escape_string($_POST['myuserName']);
     $myuserPass = pg_escape_string($_POST['myuserPass']);
     
     
    
     // execute query
     $sql = "SELECT * FROM User WHERE Username = '$myuserName' and password ='$myuserPass'";
     
  
        //verifies if an error will occur during selection
        
      $result = pg_query($dbh, $sql);
       if (!$result) 
       {
             die("Error in SQL query: " . pg_last_error());
       }       
     
     $count=mysql_num_rows($result);
     
     if($count==1)
     {
         session_register("myuserName");
         session_register("myuserPass");
         header("location:login_success.php");
         }
         else {echo "Wrong Username or Password";}
         }
     
?>
Go4Expert Member
3Sep2011,15:08   #2
Webdeveloper's Avatar
Hi,

The code & the logic looks fine, what is the error you get.

On login_success.php or any other script that shows data which is only for logged in members the very first thing that you will have to check is existence of the session variables. If these exist then proceed else redirect the user to the login form.

Hope this helps.

Cheer,

~Maneet