Below is a login script that i made. Everything works fine when the script encounters errors in the form, but when I actually do type in the correct username and password, nothing shows up. Hope somebody can point out whats wrong. I intentionally deleted the db user and pass, so don't worry about that.



<?php

//Database connection
function db_connect(){
$dbHost = "localhost";
$dbUser = "";
$dbPass = "";
$dbName = "";

$conn = mysql_pconnect($dbHost, $dbUser, $dbPass);
if(!$conn)
{
echo"No connection";
return 0;
}

if(!mysql_select_db($dbName, $conn))
{
echo"No db";
return 0;
}
return 1;
}

//checks username and password in database
function login($username, $password){

$conn = db_connect();

if(!$conn){
echo"can't connect";
return 0;
}

$query = "SELECT * from users
WHERE username = '$username'
AND user_password = md5('$password')";

$result = mysql_query($query);

if(!$result){
echo"Can't run query, try again later";
return 0;
}

if(mysql_num_rows($result)>0)
return 1;

else
return 0;
}

//Checks if form has been filled
function filled_out($form_vars){
foreach($form_vars as $key => $value){
if(!isset($key) || ($value == ''))
return 0;
}

return 1;
}

function Login_User(){
global $_SESSION;
global $username, $password, $Submit;
if(isset($_POST['Submit']))
{
$username = $_POST['username'];
$passwd = $_POST['password'];
if(!filled_out($_POST))
{
echo"You did not fill out all the fields";
LoginForm();
exit;
}

if(login($username, $passwd))
{
$_SESSION['valid_user'] = $username;
exit;
}

else
{
echo"The username and password you supplied are incorrect";
LoginForm();
exit;
}

}

else
LoginForm();
}

//Displays the form
function LoginForm(){
global $PHP_SELF;
global $username, $password;
global $action;
?>
<form method="POST" action="<? echo $PHP_SELF ?>">
<table width="252" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td colspan="2"> <div align="left"><font face='Verdana' size='1'><b>Username:</b></font></div></td>
<td colspan="2"> <div align="left">
<input name="username" type="text" value="<?php echo $username?>">
</div></td>
</tr>
<tr>
<td colspan="2"><div align="left"><font face='Verdana' size='1'><b>Password:</b></span></font></div></td>
<td colspan="2"> <div align="left">
<input name="password" type="password" id="password">
</div></td>
</tr>
<tr>
<td colspan="4"></td>
</tr>
<tr>
<td colspan="4">&nbsp;</td>
</tr>
<tr>
<td colspan="4"><div align="center">
<input name="Submit" type="Submit" value="Login">
</div></td>
</tr>
</table>
</form>
<?
}

//Program starts here

session_start();


if(isset($_SESSION['valid_user']))
{
echo"<center>Access Granted</center>";
}

else
{
Login_User();
}

?>

$query = "SELECT * from users

WHERE username = '$username'

AND user_password = md5('$password')";

I don't think you can do that... I think you'd have to do something like this



$hashedPassword = md5($password);
$query = "SELECT * FROM users WHERE username = '$username' AND user_password = '$hashedPassword'";

yes you can. I actually wanted to use the login script in a function as you can see. If I use it without a function, it works fine. The reason I want to use it in a function is cuz I want to check if a person has logged in on every page, and if not, display the Login form and ask the user to login. Still dont have a clue as to why this happens.

Man, y the heck doesn't anybody help me out. The last time when I asked about SMS messaging, all I got was a message from the same person who replied first to this message. And the same thing has happened here. Help me out guyz! Would a lil pretty please do?

It would :)
(i hope it does help..)
You use $password all over the place, but you retrieve the post var as
$passwd = $_POST['password'];
....