<?php

// Inialize session

session_start();
// Include database connection settings
$hostname = 'localhost'; // Your MySQL hostname. Usualy named as 'localhost', so you're NOT necessary to change this even this script has already online on the internet.
$dbname = 'zclass'; // Your database name.
$username = 'root'; // Your database username.
$password = ''; // Your database password. If your database has no password, leave it empty.

// Let's connect to host
mysql_connect($hostname, $username, $password) or DIE('Connection to host is failed, perhaps the service is down!');
// Select the database
mysql_select_db($dbname) or DIE('Database name is not available!');


// Retrieve username and password from database according to user's input
$userName=mysql_real_escape_string($_POST['name1']);
$userSchool=mysql_real_escape_string($_POST['school1']);
$userClass=mysql_real_escape_string($_POST['class1']);


//*********retrieving data from Database**********

$query = "SELECT * FROM member WHERE $userName='name1', $userSchool='school1' and $userClass='class1'";
//$login = mysqli_query("SELECT userName,password FROM 'member' WHERE userName= $_post['username'] AND passWord= $_post['password'])";
// Check username and password match
$res = mysql_query($query);

$rows = mysql_num_rows($res);
if ($rows==1) {
// Set username session variable

$_SESSION['userName'] = $_POST['name1'];

// Jump to secured page
header("Location: post.php";
}
else {
// Jump to login page
echo "user name and password not found";
}
exit;
?>

xlim, you didn't state the problem

luckily for you I have "php eyes"

you didn't even put the form

the bolded part below indicates your problem... you might be getting a database error... or undefined variable error...

//*********retrieving data from Database**********

$query = "SELECT * FROM member WHERE $userName='name1', $userSchool='school1' and $userClass='class1'";
//$login = mysqli_query("SELECT userName,password FROM 'member' WHERE userName= $_post['username'] AND passWord= $_post['password'])"wink;

zeroshadow:
xlim, you didn't state the problem

luckily for you I have "php eyes"

you didn't even put the form

the bolded part below indicates your problem... you might be getting a database error... or undefined variable error...

it's actually saying username and password not found

xlim:


it's actually saying username and password not found

that's because you're calling the variables wrongly

// Retrieve username and password from database according to user's input
$userName=mysql_real_escape_string($_POST['name1']);
$userSchool=mysql_real_escape_string($_POST['school1']);
$userClass=mysql_real_escape_string($_POST['class1']);


//*********retrieving data from Database**********

$query = "SELECT * FROM member WHERE $userName='name1', $userSchool='school1' and $userClass='class1'";
//$login = mysqli_query("SELECT userName,password FROM 'member' WHERE userName= $_post['username'] AND passWord= $_post['password'])"wink;

is meant to be

// Retrieve username and password from database according to user's input
$userName=mysql_real_escape_string($_POST['name1']);
$userSchool=mysql_real_escape_string($_POST['school1']);
$userClass=mysql_real_escape_string($_POST['class1']);


//*********retrieving data from Database**********

$query = "SELECT * FROM member WHERE userName=$userName, userSchool=$userSchool and userClass='$userClass";
//$login = mysqli_query("SELECT userName,password FROM 'member' WHERE userName= $userName AND passWord= $userPass"wink;

there could be mistakes in my correction but you are not calling the your variables... you're mixing mysql and mysqli(very bad practice)... my battery is dying..

zeroshadow:


that's because you're calling the variables wrongly




is meant to be



there could be mistakes in my correction but you are not calling the your variables... you're mixing mysql and mysqli(very bad practice)... my battery is dying..

thanks so much. will work on that now

xlim:


thanks so much. will work on that now

If it doesn't work try putting it in an "if
Statement" to check if something was typed

if(isset($_POST['name1'])&&isset($_POST['school1'])&&isset($_POST['class1'])){
// Retrieve username and password from database according to user's input
$userName=mysql_real_escape_string($_POST['name1']);
$userSchool=mysql_real_escape_string($_POST['school1']);
$userClass=mysql_real_escape_string($_POST['class1']);


//*********retrieving data from Database**********

$query = "SELECT * FROM member WHERE $userName='name1', $userSchool='school1' and $userClass='class1'";
//$login = mysqli_query("SELECT userName,password FROM 'member' WHERE userName= $_post['username'] AND passWord= $_post['password'])";
// Check username and password match
$res = mysql_query($query);

$rows = mysql_num_rows($res);
if ($rows==1) {
// Set username session variable

$_SESSION['userName'] = $_POST['name1'];

// Jump to secured page
header("Location: post.php";
}
else {
// Jump to login page
echo "user name and password not found";
}

}
exit;

trollin. . .

Heheheheheh using mysql_real_escape in $_post, oh lawd!

xlim:
<?php

// Inialize session

session_start();
// Include database connection settings
$hostname = 'localhost'; // Your MySQL hostname. Usualy named as 'localhost', so you're NOT necessary to change this even this script has already online on the internet.
$dbname = 'zclass'; // Your database name.
$username = 'root'; // Your database username.
$password = ''; // Your database password. If your database has no password, leave it empty.

// Let's connect to host
mysql_connect($hostname, $username, $password) or DIE('Connection to host is failed, perhaps the service is down!');
// Select the database
mysql_select_db($dbname) or DIE('Database name is not available!');


// Retrieve username and password from database according to user's input
$userName=mysql_real_escape_string($_POST['name1']);
$userSchool=mysql_real_escape_string($_POST['school1']);
$userClass=mysql_real_escape_string($_POST['class1']);


//*********retrieving data from Database**********

$query = "SELECT * FROM member WHERE $userName='name1', $userSchool='school1' and $userClass='class1'";
//$login = mysqli_query("SELECT userName,password FROM 'member' WHERE userName= $_post['username'] AND passWord= $_post['password'])";
// Check username and password match
$res = mysql_query($query);

$rows = mysql_num_rows($res);
if ($rows==1) {
// Set username session variable

$_SESSION['userName'] = $_POST['name1'];

// Jump to secured page
header("Location: post.php";
}
else {
// Jump to login page
echo "user name and password not found";
}
exit;
?>

Okay! It's okay to make such mistake when just starting PHP. Well, you made 2 mistakes in the above program.

1. WHERE $userName='name1', $userSchool='school1' and $userClass='class1
Don't use variable in place of column name, spell out the column as it is, like WHERE Grade='$grade' AND Level='$level'...
2. You're not making any login authentication cause in your code, you've already commented the vairable $login //$login=mysqli_query...
instead of authenticating with the username and password, you're trying to authenticate with UserClass, UserSchool, etc query, i.e $res = mysqli_query($query).

Solution should clearly be:

1. Uncomment $login, and perform a query on it in place of $res, like $login_query = "SELECT * FROM member WHERE username='$Username' AND password='$password'";
2. Then make $res = mysqli_query($login_query); You can the process it and it'll authenticate. *Remember to always encrypt your passwords.