Quote Originally Posted by TheBigB View Post
I'm not sure what behavior 'die()' has after setting a header, but I'd prefer to use 'exit()'.
die() and exit() are equivalent. it doesn't matter which is used.

Quote Originally Posted by TheBigB View Post
If you are unsure what the username and password are use "root" and "" as I mentioned in the other post.
it's bad practice to install MySQL with a blank root password; to suggest that it's "normal" for this to happen is a little silly.

Quote Originally Posted by TheBigB View Post
The '=' operator in SQL is solely for numerical comparison. When comparing with strings you want to use the 'LIKE' operator.
this is completely wrong. the equal-to operator ("=") checks if something is equal to something else (case sensitive). the like operator ("LIKE") checks if something is similar to something else based on an expression (case insensitive, and allows for wildcards). it's wrong to suggest that the equals operator should only be used for numerals.


Quote Originally Posted by TheBigB View Post
Also you can't encapsulate an associative array value. So you cant call $_SESSION[user_name] inside a string. Instead you can assign them to individual variables which you already did.
So basically we can do the following:
Code:
"SELECT count(user_id) from users WHERE
pass LIKE '$dbpass' AND user_name LIKE '$dbuser'"
this is also wrong. his string works perfectly fine as is; there is no reason to change it at all other than preference.

------

Blue1974:

your username and password for the database are not going to be set in your sessions. the sessions hold the username and password for the current user. $dbuser and $dbpass should be set to something other than your session variables. when you installed MySQL, you should have been able to set up an administrator account and password -- this is the username and password you would use to connect to your local MySQL server.

does the config_mylogin.php file not include your database's connection information? if not, what is in that file? generally, you should have a file that connects to the database that you simply include so that you don't need to have the connection information in every single file. even if this isn't the case, I'd still be interested in seeing what that file holds.

if your connection to the database is the issue (and config_mylogin.php contains that stuff), then this is the code you should be modifying for now. don't bother duplicating that code and putting it into this other file.