Page 1 of 1

passwords in mysql..

Posted: Thu Jun 13, 2002 1:43 am
by hob_goblin
Ok, I have passwords stored in mysql, I realize its not very secure, but im not hiding anything very secure at the moment...

here is the table i built:

CREATE TABLE users (
fid TINYINT not null AUTO_INCREMENT,
username varchar(80) NOT NULL,
password varchar(50) NOT NULL,
email varchar(150) NOT NULL,
aim varchar(60) NOT NULL,
PRIMARY KEY (fid)

);

now how do i check if the username and password entered is valid, and then execute some statements if it is valid?

Posted: Thu Jun 13, 2002 2:31 am
by Peter
In php...

<?

$conn = mysql_connect("host","user","pass") or die("Error: Connection");

mysql_select_db("database with user table") or die("Error: Database?");

// using the variables from user input - $username, $password
$qry = mysql_query("select * from table where username='$username' and password='$password'") or die("wrong username/password combination");

// from here you can grab data from the table and execute commands

mysql_close($conn);

?>

Posted: Thu Jun 13, 2002 6:37 am
by jason
Just an addon to the above code...to actually make it work as intended...

Code: Select all

<? 

$conn = mysql_connect("host","user","pass") or die("Error: Connection"); 

mysql_select_db("database with user table") or die("Error: Database?"); 

// using the variables from user input - $username, $password 
$qry = mysql_query("select * from table where username='$username' and password='$password'") or die("wrong username/password combination"); 

if ( mysql_num_rows($qry) ) &#123;
    // person is logged in....
&#125; else &#123;
    // person did wrong user/pass
&#125;

// from here you can grab data from the table and execute commands 

mysql_close($conn); 

?>