Hi codefreek. What, if any, error message are you receiving?
One thing I notice right away is that your form's HTML is within the <?php ?> tag.
This will fix that:
PHP Code:
<?php
include 'config.php';
if(@$_POST['submit']=="log")
$ert = mysql_query("SELECT * FROM `cms` WHERE `rank` = '0'");
while ($row = mysql_fetch_array($ert, MYSQL_NUM)) {
if($username == $row['username'] && $md5password == $row['password']){
$_SESSION['loggedIn'] = true;
// check the rank
if ($_session['loggedIn'] == true)
[inline]mising some sort of statement here[/inline];
elseif ($_SESSION['loggedIn'] == null)
print "Access Denied";
if ($ert == "0")
print "Access Denied";
elseif ($ert == "1")
print "you have access to admin";
?>
<h2>Please log in:</h2>
<form method="post" action="<?php echo $PHP_SELF;?>">
Username: <input name="usernamn" type="text" value="" /><br />
Password: <input name="password" type="password" value="" />
<input name="submit" type="submit" value="log" />
I fixed a couple of other syntactical errors. These mainly were ones like forgetting parenthesis around your
if and
elseif statements. You also are missing a statement on your first
if statement.
One thing to remember and this is important, when doing comparisons in PHP, you need to make sure and use either the '==' or the '===' operators as just using a '=' will just set the variable. This will in turn always result in a true stement.
example:
PHP Code:
<?php
if ($somevar = "1")
{
This section will always execute
because $somevar is just being set to "1"
}
?>
The proper way:
PHP Code:
<?php
if ($somevar == "1")
{
This section executing will depend
on $somevar being equal to "1"
}
?>
Take a look at the php.net site and read up on
if.
Also, you are a little paranoid about being flamed. Has someone here done that?