-1
<?php
include('conexao.php');
if(empty($_POST['usuario']) || empty($_POST['senha'])) {
header('Location: index.html');
exit();
}
$usuario = mysqli_real_escape_string($conexao, $_POST['usuario']);
$senha = mysqli_real_escape_string($conexao, $_POST['senha']);
$query = 'select usuario_id, usuario from usuario where usuario = '{$usuario}' and senha = md5('{$senha}')';
$result = mysqli_query($conexao, $query);
$row = mysql_num_rows($result);
if($row == 1) {
$_SESSION['usuario'] = $usuario;
header('Location: home.html');
exit();
} else {
header('Location: index.html');
exit();
}
It returns the following error:
Parse error: syntax error, Unexpected '' and password = md5('' (T_CONSTANT_ENCAPSED_STRING) in C: xampp htdocs login.php on line 13
Please help me I have no idea what it might be ...
When using variables inside a string use double-quoted strings. Anyway, on the line your error replaces the first and last ' with ".
– user142154
But to make a query to the database, even more in an area as sensitive as login, please use at least mysqly:().
– user142154
Nor should md5 be used to "encrypt" passwords
– tvdias