mysql

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
User avatar
ol4pr0
Forum Regular
Posts: 926
Joined: Thu Jan 08, 2004 11:22 am
Location: ecuador

mysql

Post by ol4pr0 »

Where did i go wrong

Code: Select all

<?php
$encrypted_password = "SELECT password FROM users WHERE login={$_REQUEST['login']}";
	if (crypt($_REQUEST['password'],$encrypted_password)==$encrypted_password)
	{
		echo ("logged in");
	}
// the following returns the right user and password..
// but no echo logged in.

echo $encrypted_password;
echo $_REQUEST['password'];



?>
User avatar
markl999
DevNet Resident
Posts: 1972
Joined: Thu Oct 16, 2003 5:49 pm
Location: Manchester (UK)

Post by markl999 »

$encrypted_password = "SELECT password FROM users WHERE login={$_REQUEST['login']}";
should be
$encrypted_password = "SELECT password FROM users WHERE login='{$_REQUEST['login']}'";

and unless you didn't actually post it, i don't see where you perform the actual query and get the results with a mysql_fetch_* ?
User avatar
ol4pr0
Forum Regular
Posts: 926
Joined: Thu Jan 08, 2004 11:22 am
Location: ecuador

Post by ol4pr0 »

I do see my error with getting the results back of the actual query, however adding that didnt make much differants

Also i do not see where/why, or how i should put in the fetch_
User avatar
markl999
DevNet Resident
Posts: 1972
Joined: Thu Oct 16, 2003 5:49 pm
Location: Manchester (UK)

Post by markl999 »

Well you seem to want to be performing a query, "SELECT password FROM users WHERE login='{$_REQUEST['login']}'" but you never actual perform a query. E.g something like:

Code: Select all

$sql = "SELECT password FROM users WHERE login='{$_REQUEST['login']}'"; 
//connect to the db here etc..etc..
$result = mysql_query($sql) or die(mysql_error());
if(mysql_num_rows($result)){
    $row = mysql_fetch_assoc($result);
    $encrypted_password = $row['password'];
    if (crypt($_REQUEST['password'],$encrypted_password)==$encrypted_password) {
       echo 'logged in';
   } else {
        echo 'not logged in';
   }
} else {
     echo 'no rows returned from the database.';
}
User avatar
ol4pr0
Forum Regular
Posts: 926
Joined: Thu Jan 08, 2004 11:22 am
Location: ecuador

Post by ol4pr0 »

I believe i understand partly how and why, i will read this a couple of times more untill i completely understand :)

thanks
User avatar
tim
DevNet Resident
Posts: 1165
Joined: Thu Feb 12, 2004 7:19 pm
Location: ohio

Post by tim »

what hes trying to say is:
$sql = "SELECT * FROM tim_table";

alone, is useless.

$sql = "SELECT * FROM tim_table";
$result = mysql_query($sql);

is good.
Post Reply