Query issues using AND

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
johnnymac131
Forum Newbie
Posts: 11
Joined: Sun Oct 28, 2007 11:51 am

Query issues using AND

Post by johnnymac131 »

I need to write the following in php code: the variables are varchar

Code: Select all

Select * FROM users WHERE username = $username AND password = $password

Code: Select all

$query = "SELECT * FROM users WHERE username='" . mysql_real_escape_string($username) . "'";
Rovas
Forum Contributor
Posts: 272
Joined: Mon Aug 21, 2006 7:09 am
Location: Romania

Post by Rovas »

Check the result from mysql_real_escape_string.
User avatar
aceconcepts
DevNet Resident
Posts: 1424
Joined: Mon Feb 06, 2006 11:26 am
Location: London

Post by aceconcepts »

Why dont you use mysql_real_escape_string before your query?
johnnymac131
Forum Newbie
Posts: 11
Joined: Sun Oct 28, 2007 11:51 am

Post by johnnymac131 »

It works but i dont know how to add the "AND" part after the query
User avatar
aceconcepts
DevNet Resident
Posts: 1424
Joined: Mon Feb 06, 2006 11:26 am
Location: London

Post by aceconcepts »

Code: Select all

$query = sprintf("SELECT * FROM users WHERE username='%s' AND password='$password'", mysql_real_escape_string($username));
Password encryption would be a good idea if not already done (MD5 etc...)
Post Reply