say i have this date in my table
|ID|Name | Pass
1 |Name 1| Pass1
2 |Name 2| Pass2
how would i go about having it so that when they login it checks to make sure that the pass for that name is checked instead of checking the whole table for that password, because another user may have the password they enter but that password wouldnt match the one with the username entered.
mySQL
Moderator: General Moderators
This shall be moved to the MySQL Forum.
I know there is a better way, but this is by far the easiest.
Code: Select all
SELECT * FROM members WHERE username = $username AND password = $passwordApply the code like this:-
Code: Select all
<?php
mysql_connect("localhost","username","password") or die ("Failed to establish connection with MySQL");
mysql_select_db("database") or die ("Failed to select a database");
//You should encrypt password like
//$_POSTї'password'] = md5($_POSTї'password']);
$sql = "SELECT * FROM your_table WHERE Name = {$_POSTї'username']} AND WHERE Pass = {$_POSTї'password']}"
$result = mysql_query($sql) or die(mysql_error());
if(mysql_num_rows($result) == 0) {
echo "Invalid Password";
}
while($row = mysql_fetch_array($result) {
if($rowї"Name"] == $_POSTї'username'] && $rowї"Pass"] == $_POSTї'password']) {
echo "Login Success";
} else {
echo "Failed to login";
}
}
?>-
Silver_Eclipse
- Forum Commoner
- Posts: 61
- Joined: Sun Aug 18, 2002 7:26 pm
but if say this is their information:
Username: user99
Pass: pass99
and another users information is
Username: user_01
Pass: pass99
but user99 changes their password to pass00 and tries to login with pass99, it would still let them in because that password exists even though it isnt the one that goes with their username.
Edit:im guessing this part takes care of that:
let me know if i'm wrong though (and if i am right so i don't keep asking more questions).
also what is & for?
Username: user99
Pass: pass99
and another users information is
Username: user_01
Pass: pass99
but user99 changes their password to pass00 and tries to login with pass99, it would still let them in because that password exists even though it isnt the one that goes with their username.
Edit:im guessing this part takes care of that:
Code: Select all
while($row = mysql_fetch_array($result) {
if($rowї"Name"] == $_POSTї'username'] && $rowї"Pass"] == $_POSTї'password']) {
echo "Login Success";
} else {
echo "Failed to login";
}
}also what is & for?
-
Silver_Eclipse
- Forum Commoner
- Posts: 61
- Joined: Sun Aug 18, 2002 7:26 pm
the query string phice wrote would work.
Only records that match both conditions (username = $username AND password = $password ) will be delivered. There's no need for additional testing in php. But you should put the strings in ''.
Only records that match both conditions (username = $username AND password = $password ) will be delivered. There's no need for additional testing in php. But you should put the strings in ''.
Code: Select all
$query = "SELECT * FROM members WHERE username = '$username' AND password = '$password'";