I am making a home page that allows the user to sign in to a members only page. I want to set it up to where if they click submit without typing anything it will tell them they must fill in all fields, and if they use an incorrect username or password it will tell them that as well. I am having some trouble figuring out the syntax to make this happen though. I have it to where it will tell them if they leave username and password blank that they must fill in both fields, but it will not tell them when they have entered something incorrect. It will just cycle back to the page and clear what they typed but throws the same error as if they would have not typed anything at all. I have posted my code below with out the error for typing an incorrect username and password because this is the part I am having trouble with. I have tried several different ways and in several different locations in the code. If someone could tell me the proper way to write just this part and the location to put it I would appreciate it greatly. I have been trying several variations of code such as
else{
$strMsg="Your username and password do not match our records.";
}
and using if else statements in different locations of the code but I seem to be so close yet so far.
<?php
include("config.php");
if ($_POST['username']=="" || $_POST['password']==""){
$strMsg="You must enter your user name and password ";
}
if($_POST['submit']!=""){
$db=dbConnect();
$SQL="SELECT userID FROM tblusers WHERE username='".$_POST['uName']."'";
$rs=mysql_query($SQL);
if(mysql_num_rows($rs)>0 && $rs){
$SQL="SELECT userID FROM tblusers WHERE PASSWORD=PASSWORD
('".$_POST['pWord']."') AND userID=".
mysql_result($rs,0,"userID");
//echo $SQL;
$rs=mysql_query($SQL);
if(mysql_num_rows($rs)>0 && $rs){
header("Location:memberContent.php");
}
}
}
?>
<!-- I am a comment -->
<html>
<head>
<title>Sign in!</title>
</head>
<body>
<p><a href="member_register.php">Sign Up!</a></p>
<h1>Please enter your username and password!</h1>
<?php echo $strMsg;?>
<form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
Username: <input type="text" name="uName" />
<br />
Password: <input type="password" name="pWord" />
<br />
<input type="submit" name="submit" value="sign in" />
</form>
</body>
</html>