connect problem?help

I followed phpacademy's guide for login/register and ended with

Code:

<?php

$_username=$_post['username'];
$_password=$_psot['password'];

if ($username&&$password)

{

$connect=mysql_connect("host","nmae","possiblepassword")or die ("could not connect");
mysql_select_db("users") or die("deaad");


}

else
  die("please enter a username AND password $username");
?>


(login.php)
and

Code:

<html>

      <form action='login.php' method='post'>

      username:<input type='text' name='username'><br>
      password<input type='password' name='password'><br>
      <input type='submit' value='log in'>
</form>


</html>

(index.php) but whenever i try putting in my insterted test,test.it keeps using the else function ad saying the phrase.can someone help.

Okay first off, you NEED to get rid of mysql password and username from your above post. THAT IS SERIOUS SECURITY ISSUES. People could access your database and steal all the data and sell it. Not good.

Secondly, if you use curly braces in the IF then they should be used for ELSE too.

Plus you have a spelling mistake $_psot['password']

And lastly, you should change the IF to this:
if(!empty($username) && !empty($password))

And again lastly, you should be mysql escaping all user input to prevent mysql injection.
Google it, its one of the most important things to know about when dealing with databases.

Oh and I just spotted another thing wrong with it.
Your IF will always false, because you've named the variables $_username and $_password not $username and $password...

All in all, it seems the video you watched sucked.


I'm gonna say this now actually after realising when your post was posted. You should change mysql user and password and delete the old one, unless your data will never be safe.

Code:

<?php

$username=$_post['username'];
$password=$_post['password'];

 if(!empty($username) && !empty($password))

{

$connect=mysql_connect("1","33","3")or die ("could not connect");
mysql_select_db("users") or die("deaad");


} else
  die("please enter a username AND password $username");
?>


it still keeps saying the die phrase.i changed what you said.

Code:


<?php

$username=$_POST['username'];
$password=$_POST['password'];

 if(!empty($username) && !empty($password))

{

  echo 'both password and username were entered';


}
else {
  die("please enter a username AND password $username");
}
?>


I'll also iterate again, that you make sure to look into database security and preventing SQL Injection.

that gives me an error at the "else {" line.

What? .. It shouldn't. What PHP version is installed on your server?

Try this:

Code:


    <?php

    $username=$_POST['username'];
    $password=$_POST['password'];

    if(!empty($username) && !empty($password))
    {
       echo 'both password and username were entered';
   }
    else {
      echo "please enter a username AND password $username";
     exit;
    }
    ?>


Were do i place the mysql connect

You could place it anywhere. I could recommend that you place the mysql connect information inside another .php file in a folder and make sure you have a .htaccess file in there which has the text "Deny From All". That will stop people being able to access the information in that folder i.e. the secure data to connect to the database. All you would have to do then is include the php file in the index.php or whichever file has the login screen.

Yeah having the connection in another file is the best way.
But if you want to place it in your current script, it has to go anywhere before your first MySQL query.

Now im getting mad....the host(000webhost)keeps not connecting to the database.i have everything right in the code but it is not attempting to connect.