Page 1 of 1
mySQL
Posted: Wed Sep 04, 2002 9:52 pm
by Silver_Eclipse
say i have this date in my table
|ID|Name | Pass
1 |Name 1| Pass1
2 |Name 2| Pass2
how would i go about having it so that when they login it checks to make sure that the pass for that name is checked instead of checking the whole table for that password, because another user may have the password they enter but that password wouldnt match the one with the username entered.
Posted: Wed Sep 04, 2002 11:29 pm
by phice
This shall be moved to the MySQL Forum.
Code: Select all
SELECT * FROM members WHERE username = $username AND password = $password
I know there is a better way, but this is by far the easiest.
Posted: Thu Sep 05, 2002 12:40 am
by Takuma
Apply the code like this:-
Code: Select all
<?php
mysql_connect("localhost","username","password") or die ("Failed to establish connection with MySQL");
mysql_select_db("database") or die ("Failed to select a database");
//You should encrypt password like
//$_POSTї'password'] = md5($_POSTї'password']);
$sql = "SELECT * FROM your_table WHERE Name = {$_POSTї'username']} AND WHERE Pass = {$_POSTї'password']}"
$result = mysql_query($sql) or die(mysql_error());
if(mysql_num_rows($result) == 0) {
echo "Invalid Password";
}
while($row = mysql_fetch_array($result) {
if($rowї"Name"] == $_POSTї'username'] && $rowї"Pass"] == $_POSTї'password']) {
echo "Login Success";
} else {
echo "Failed to login";
}
}
?>
Posted: Thu Sep 05, 2002 3:32 pm
by Silver_Eclipse
but if say this is their information:
Username: user99
Pass: pass99
and another users information is
Username: user_01
Pass: pass99
but user99 changes their password to pass00 and tries to login with pass99, it would still let them in because that password exists even though it isnt the one that goes with their username.
Edit:im guessing this part takes care of that:
Code: Select all
while($row = mysql_fetch_array($result) {
if($rowї"Name"] == $_POSTї'username'] && $rowї"Pass"] == $_POSTї'password']) {
echo "Login Success";
} else {
echo "Failed to login";
}
}
let me know if i'm wrong though (and if i am right so i don't keep asking more questions).
also what is & for?
Posted: Thu Sep 05, 2002 5:14 pm
by phice
It's an HTML code... It changed it the 'AND' (&) symbol. Much like, my oh so favorite, ( ) which is a space.
Posted: Thu Sep 05, 2002 7:35 pm
by Silver_Eclipse
well i knew it had to be one of those symbols like that, just wanted to know what it did since i hardly ever use those (except for   heh).
Posted: Thu Sep 05, 2002 7:43 pm
by volka
the query string phice wrote would work.
Only records that match both conditions (username = $username AND password = $password ) will be delivered. There's no need for additional testing in php. But you should put the strings in ''.
Code: Select all
$query = "SELECT * FROM members WHERE username = '$username' AND password = '$password'";