Php authorization

Question

<?php if(isset($_POST['nick']) && isset($_POST['pass'])) { $nick = $_POST['nick']; $password = $_POST['pass']; $nick = stripslashes($nick); $nick = htmlspecialchars($nick); $password = stripslashes($password); $password = htmlspecialchars($password); $nick = trim($nick); $password = trim($password); $password = md5($password); if($nick == ""){ echo "<div class='err'>Введите ник</div>"; }elseif($password == ""){ echo "<div class='err'>Введите пароль</div>"; }else{ $result = mysql_query("SELECT * FROM user WHERE nick='$nick' AND password='$password'",$db); if (empty($myrow['password'])) { echo "<div class='err'>Введённый вами ник или пароль неверный</div>"; } else { if ($myrow['password'] == $password) { $_SESSION['nick'] = $myrow['nick']; echo "Вы успешно вошли на сайт! <a href='index.php'>Главная страница</a>"; exit(); } else { echo "<div class='err'>Введённый вами ник или пароль неверный</div>"; } } } } ?> <div id="auth"> <form action="<?=$_SERVER['PHP_SELF'];?>" method="post"> <b>Ник:</b> <br><input class="text_input" type="text" name="nick"><br> <b>Пароль:</b> <br><input class="text_input" type="password" name="pass"><br> <input class="auth_submit" type="submit" name="submit" value="Играть"> </form> </div> <p class="reg"><a href="reg.php" title="Регистрация">» Регистрация</a></p> <div class="footer">&copy; <?=date("Y");?></div> <p></body> </html></p>

What is wrong here ???

Yes, it is clear that the query goes to the database, but it does not parse it because
there is no this line in the code, but then he uses it in every possible way, and that’s the mistake - the unfinished code!
Yes, I didn’t read this chaos))) and the author’s opinion is that he doesn’t work :)

M03G M03G 109 one ten · Accepted Answer · 2013-03-28T13:08:24

It seems to me that you are missing the string $ myrow = mysql_fetch_array ($ result);

  <?php if(isset($_POST['nick']) && isset($_POST['pass'])) { $nick = $_POST['nick']; $password = $_POST['pass']; $nick = stripslashes($nick); $nick = htmlspecialchars($nick); $password = stripslashes($password); $password = htmlspecialchars($password); $nick = trim($nick); $password = trim($password); $password = md5($password); if($nick == ""){ echo "<div class='err'>Введите ник</div>"; }elseif($password == ""){ echo "<div class='err'>Введите пароль</div>"; }else{ $result = mysql_query("SELECT * FROM user WHERE nick='$nick' AND password='$password'",$db); $myrow = mysql_fetch_array($result); if (empty($myrow['password'])) { echo "<div class='err'>Введённый вами ник или пароль неверный</div>"; } else { if ($myrow['password'] == $password) { $_SESSION['nick'] = $myrow['nick']; echo "Вы успешно вошли на сайт! <a href='index.php'>Главная страница</a>"; exit(); } else { echo "<div class='err'>Введённый вами ник или пароль неверный</div>"; } } } } ?>

Php authorization

1 answer 1

More articles: