I have the following PHP code:
<?php
include('core/conf.php');
$user=$_POST['user'];
$password=$_POST['password'];
$user = stripslashes($user);
$password = stripslashes($password);
$user = mysql_real_escape_string($user);
$password = mysql_real_escape_string($password);
$enc=md5($password);
$usr=md5($user);
$sql="SELECT * FROM $tbl_name WHERE username='$usr' and password='$enc'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if(isset($_POST['user'])){
if($count==1){
session_register("user");
session_register("password");
header("location:index.php");
}else{
$false_enc = '<b><font color="#CC0000">Incorrect details</font></b>';
$enc_type = 'text-input-wrong';
}
}else{
$false_enc = 'Need help? Contact the <a href="http://website.com/contact">Admin</a>';
$enc_type = 'text-input';
}
?>
The form being:
<form action="login.php" method="post" id="login">
<div class="field">
<label for="email">Email</label>
<input type="text" name="user" id="user" class="<?php echo $enc_type; ?>" placeholder="you@email.net" />
</div>
<div class="field">
<label for="password">Password</label>
<input type="password" name="password" id="password" class="<?php echo $enc_type; ?>" placeholder="'ooh, secret'" />
</div>
<div class="action clearfix">
<input type="submit" value="Submit" />
<div class="enc">
<?php echo $false_enc; ?>
</div>
</div>
</form>
I (as stated in the title) want to echo the user's email (username) on a different page, which has this this validation script:
session_start();
if(!session_is_registered(user)){
header("location:login.php");
}
And yes, the email is encrypted with MD_5, but I am likely to change all of that to suit this.Please help me, I tried to find this on Google but none of that actually worked for me :/
(oh, and first topic by me
yay!)
explains why the login wouldn't work on my main host.