query

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
chris_s_22
Forum Commoner
Posts: 76
Joined: Wed Dec 31, 2008 2:05 pm

query

Post by chris_s_22 »

this is part of my login i want to add a query that checks the registered feild if 1 allow to login anything else to be refused
im guessing it gonna be somthing like this

Code: Select all

 
     $query = "select registered from user where username='$username' limit 1";
     $result = mysql_query($query);
 

this is my login function how/where do i add the query above obviously i need the proper finished query

Code: Select all

 
function user_login($username, $password)
{
     // Try and get the salt from the database using the username
     $query = "select salt from user where username='$username' limit 1";
     $result = mysql_query($query);
     $user = mysql_fetch_array($result);
 
     // Using the salt, encrypt the given password to see if it 
     // matches the one in the database
     $encrypted_pass = md5(md5($password).$user['salt']);
 
     // Try and get the user using the username & encrypted pass
     $query = "select userid, username from user where username='$username' and password='$encrypted_pass'";
     $result = mysql_query($query);
     $user = mysql_fetch_array($result);
     $numrows = mysql_num_rows($result);
     
     // Now encrypt the data to be stored in the session
     $encrypted_id = md5($user['userid']);
     $encrypted_name = md5($user['username']);
 
     // Store the data in the session
     $_SESSION['userid'] = $userid;
     $_SESSION['username'] = $username;
     $_SESSION['encrypted_id'] = $encrypted_id;
     $_SESSION['encrypted_name'] = $encrypted_name;
 
 
    if ($numrows == 1)
    {
        return 'Correct';
    }
    else
    {
        return false;
    }
}
 
watson516
Forum Contributor
Posts: 198
Joined: Mon Mar 20, 2006 9:19 pm
Location: Hamilton, Ontario

Re: query

Post by watson516 »

You want to perform the registered check before the user can log in so I would say put that check at the top of the login function, no?
User avatar
paqman
Forum Contributor
Posts: 125
Joined: Sun Nov 14, 2004 7:41 pm
Location: Burnaby, BC, Canada

Re: query

Post by paqman »

Yes, set your session variables inside the if($numrows == 1) condition. That way, if they have the correct username/password combo it will log them in.
Post Reply