Damien White
New Member
I have this php code from my login.php\[code\]if (isset($_POST['logIn'])) { $errmsg = ""; $logname = mysqli_real_escape_string($dbc, trim($_POST['usernameIn'])); $logpassword = mysqli_real_escape_string($dbc, trim($_POST['passwordIn'])); $query = "SELECT user_id, username FROM members WHERE username = '$logname' AND password = SHA('$logpassword')"; $data = http://stackoverflow.com/questions/2520667/mysqli_query($dbc, $query); if (mysqli_num_rows($data) == 1) { $row = mysqli_fetch_array($data); setcookie('user_id', $row['user_id'], time() + (60 * 60 * 24 * 30)); //expires after 30 days setcookie('username', $row['username'], time() + (60 * 60 * 24 * 30)); $home = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php'; header('Location: ' . $home); } else { $errmsg = '<p class="errormsg">Username or password is incorrect.</p>'; }}\[/code\]And for some reason, it always ends up setting $errmsg in the else statement. I am sure that I'm entering information (username,password) that is correct and exists in the database.I insert my values (from a signup script) using this query:\[code\]$query = "INSERT INTO members (username, password, email) VALUES ('$username', SHA('$password'), '$email')";\[/code\]Anyone see the problem with this script? Thanks!