Hi,
I'm trying to create a tiny admin section for my site. What I do is have the user login using a form, and on the next page:
My first question is: After I get $loginresult, if I just check for the number of rows returned in $loginresult, and the answer is 1, then the user is validated... else he is not. Is this the proper method?PHP Code:username = $_POST["username"];
password = $_POST["password"];
$dbh=mysql_connect("localhost", "mendhakuser", "mendhakpassword") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db("mendhakdatabase");
$loginquery = "SELECT * FROM adminsection WHERE username = '$username' AND password = '$password'";
$loginresult = mysql_query($loginquery);
My second question is: How do I create a session variable and check it on every page, and how do I end it?
Thanks.




Reply With Quote