MySQL ERROR! " . mysql_error() . ", While Executing Query: $theQuery");
//$theLastID = mysql_insert_id();
//$theEndTime = microtime();
//$theTimeQueryTook = $theEndTime - $theStartTime;
//TODO: Add query logging/display functions.
mysql_close($databaseConnection);
return $theResult;
}
if (isset($_POST['theUsername']) && isset($_POST['thePassword'])) {
$theUsername = $_POST['theUsername'];
$thePassword = $_POST['thePassword'];
$theResult = mySQLQuery("SELECT * FROM users WHERE username = '$theUsername' AND password = PASSWORD('$thePassword');");
if (mysql_num_rows($theResult) == 1) {
$theID = mysql_result($theResult, 0, "id");
$_SESSION['userLoggedIn'] = true; // the username and password match, so set the session
$_SESSION['theUsername'] = $theUsername;
$_SESSION['theUserID'] = $theID;
//Move the user along to the correct page.
if($theNextPage == "") {
header("Location: index.php");
} else {
header("Location: $theNextPage");
}
//TODO: Log the Succesful login to the database (with timestamp and username/password)
exit;
} else {
//TODO: Log the error to the database (with timestamp, username and the password that was tried, useful for detecting attempted break-ins).
$errorMessage = 'Sorry, That Username / Password Combination Is Not Valid.';
}
}
?>
TheCodeCast Super Secret Backroom: Login!