PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
<?php
ini_set('error_reporting', E_ALL);
ini_set('display_errors', 1);
if (!$con = mysql_connect("localhost","root",""))
{
die('Could not connect: ' . mysql_error());
}
if (!mysql_select_db("userdetails", $con))
{
die('Could not select the database: ' . mysql_error());
}
// Check to see if this var is set
if (isset($_POST['login']))
{
$login = mysql_real_escape_string($_POST['login']);
$password = mysql_real_escape_string($_POST['loginpw']);
$sql = "SELECT * FROM `users` WHERE `username` = '$login' AND `userpass` = '$password'";
if (!$result = mysql_query($sql))
{
die('Could not execute the query: ' . mysql_error());
}
while($row = mysql_fetch_array($result))
{
echo $row['username'] . ' ' . $row['password'] . '<br />';
}
}
else
{
echo 'The post var login was not set';
}
?>
thats the code, where would I put stuff so if it doesnt find ur details in the Data base, it wont show the err, Buttons for the home page (for logged in only)
Probably each username is unique in your table. Therefore the query SELECT * FROM `users` WHERE `username` = '$login' ... can return one or zero records. You don't need a while loop to fetch that. mysql_fetch_array return false if there is no record left to fetch. In your case: If there is no record matching the WHERE clause it will return false on the first call -> invalid credentials.
<?php
ini_set('error_reporting', E_ALL);
ini_set('display_errors', 1);
$userdata = false;
$con = mysql_connect("localhost","root","") or die('Could not connect: ' . mysql_error());
mysql_select_db("userdetails", $con) or die('Could not select the database: ' . mysql_error());
if (isset($_POST['login'])) {
$login = mysql_real_escape_string($_POST['login'], $con);
$password = mysql_real_escape_string($_POST['loginpw'], $con);
$sql = "SELECT * FROM `users` WHERE `username` = '$login' AND `userpass` = '$password'";
// it's not always a good idea to reveal the mysql_error to users
$result = mysql_query($sql) or die('Could not execute the query: ' . mysql_error());
$userdata = mysql_fetch_array($result);
}
else
{
echo 'The post var login was not set';
}
// ...
if ( false!== $userdata) {
// show page fore registered users
}
else {
// show page fore un-registered users
}
?>