Hi, I'm trying to create a Login & Register form which will create a profile for that user but I'm getting a lot of problems and I can't seem to figure out why it's not working correctly? I've created a post on the forums before about this problem but the problem was never resolved, I am new to PHP hence my noobieness. Basicly the problem at the moment is when I try to login it gives me a 'Wrong details error' which is expressed like so:
elseif(!mysql_num_rows($r))
{
$errorMsg = "* Sorry, couldn't log you in. Wrong login information.";
}
As far as the register form goes, it works fine to my knowledge as it's adding users to the database when they register and it's encrypting their passwords by using the crypt(); function. I'll link the Login form, the register form and the dbConfig below but I'll replace any sensitive details with '-HIDDEN-' for safety. I would really appreshiate if someone could help me out on this one cause I've been stuck with this problem for quite a while now and I can't figure it out, thanks a lot 
Register.php
<?php
include ("dbConfig.php");
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
$usernameSQL = mysql_real_escape_string($_POST['username']);
$emailSQL = mysql_real_escape_string($_POST['email']);
$passwordSQL = mysql_real_escape_string($_POST['password']);
$passwordSQL = crypt('$password');
$q = "INSERT INTO -HIDDEN-(username, email, password)VALUES('$usernameSQL', '$emailSQL', '$passwordSQL')";
$r = mysql_query($q);
header("Location: register.php?op=thanks");
}
?>
<form action="?op=reg" method="POST">
Username:<br><font color="red">*</font><input class="GeneralForm" type="text" name="username" id="username" maxlength="20"><br>
<br>
Email:<br><font color="red">*</font><input class="GeneralForm" type="text" name="email" id="email" maxlength="50"><br>
<br>
Password:<br><font color="red">*</font><input class="GeneralForm" type="password" name="password" id="password" maxlength="50"><br>
<br>
<input type="checkbox" name="tick"><font color="gray" size="3"> I agree to the Terms of Use<br>
<br>
<button type="submit" name="submit" class="InputButton" value="Submit">Submit</button>
</form>
<br><font size="2" color="gray">* You can edit details on your profile when you login!</font>
Login.php
<?php
session_start();
include "dbConfig.php";
$errorMsg = "";
if ($_GET["op"] == "fail")
{
$errorMsg = "* You need to be logged in to access the members area!";
}
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
$username = trim($_POST["username"]);
$password = trim($_POST["password"]);
if (empty($username) || empty($password))
{
$errorMsg = "* You need to provide a username & password.";
}
else
{
$usernameSQL = mysql_real_escape_string($username);
$passwordSQL = crypt('$password');
$q = "SELECT id FROM -HIDDEN- WHERE username='{$usernameSQL}' AND password='{$passwordSQL}' LIMIT 1";
$r = mysql_query($q) or die("Error: " . mysql_error() . "<br>Query: " . $q);
if(!$r)
{
//Error running query
$errorMsg = "* Wrong username or password.";
}
elseif(!mysql_num_rows($r))
{
//User not found
$errorMsg = "* Sorry, couldn't log you in. Wrong login information.";
}
else
{
// Login good, create session variables and redirect
$_SESSION["valid_id"] = $obj->id;
$_SESSION["valid_user"] = $username;
$_SESSION["valid_time"] = time();
// Redirect to member page
header("Location: members.php");
}
}
}
?>
<form action="?op=login" method="POST">
Username:<br>
<input class="GeneralForm" type="text" name="username" id="username" maxlength="20" value="<?php echo htmlentities($usernameSQL); ?>">
<br><br>
Password:<br>
<input class="GeneralForm" type="password" name="password" id="password" maxlength="50">
<br><br>
<button type="submit" name="Submit" class="InputButton" value="Login">Login</button>
<h1 class="FailLoginState"><?php echo $errorMsg; ?></h1>
</form>
dbConfig.php
<?
$host = "-HIDDEN-";
$user = "-HIDDEN-";
$pass = "-HIDDEN-";
$db = "-HIDDEN-";
$ms = mysql_pconnect($host, $user, $pass);
if ( !$ms )
{
echo "Error connecting to database.\n";
}
mysql_select_db($db);
?>