Page 1 of 1
mysql
Posted: Thu Jun 10, 2004 9:58 pm
by ol4pr0
Where did i go wrong
Code: Select all
<?php
$encrypted_password = "SELECT password FROM users WHERE login={$_REQUEST['login']}";
if (crypt($_REQUEST['password'],$encrypted_password)==$encrypted_password)
{
echo ("logged in");
}
// the following returns the right user and password..
// but no echo logged in.
echo $encrypted_password;
echo $_REQUEST['password'];
?>
Posted: Thu Jun 10, 2004 10:01 pm
by markl999
$encrypted_password = "SELECT password FROM users WHERE login={$_REQUEST['login']}";
should be
$encrypted_password = "SELECT password FROM users WHERE login='{$_REQUEST['login']}'";
and unless you didn't actually post it, i don't see where you perform the actual query and get the results with a mysql_fetch_* ?
Posted: Thu Jun 10, 2004 10:18 pm
by ol4pr0
I do see my error with getting the results back of the actual query, however adding that didnt make much differants
Also i do not see where/why, or how i should put in the fetch_
Posted: Thu Jun 10, 2004 10:24 pm
by markl999
Well you seem to want to be performing a query, "SELECT password FROM users WHERE login='{$_REQUEST['login']}'" but you never actual perform a query. E.g something like:
Code: Select all
$sql = "SELECT password FROM users WHERE login='{$_REQUEST['login']}'";
//connect to the db here etc..etc..
$result = mysql_query($sql) or die(mysql_error());
if(mysql_num_rows($result)){
$row = mysql_fetch_assoc($result);
$encrypted_password = $row['password'];
if (crypt($_REQUEST['password'],$encrypted_password)==$encrypted_password) {
echo 'logged in';
} else {
echo 'not logged in';
}
} else {
echo 'no rows returned from the database.';
}
Posted: Thu Jun 10, 2004 10:29 pm
by ol4pr0
I believe i understand partly how and why, i will read this a couple of times more untill i completely understand
thanks
Posted: Thu Jun 10, 2004 11:20 pm
by tim
what hes trying to say is:
$sql = "SELECT * FROM tim_table";
alone, is useless.
$sql = "SELECT * FROM tim_table";
$result = mysql_query($sql);
is good.