Reply to Re: php and MySQL — PHP Programming Language

Posted by Nicholas Sherlock on 09/26/68 11:43

comp_guy wrote:
> I wish to compare the password entered by
> the user with that they entered into their submitted registration

> $sql = mysql_query("SELECT * FROM users WHERE password = '$password'");

Um, don't you want to match usernames and passwords? Here, if one user
has the password "Test", then everyone can log in with the password
"Test". I'd:

$connection = mysql_connect("sentinel.cs.cf.ac.uk","scm5sjc","my
password here");

$password=$_POST['password'];
$username=$_POST['username'];

mysql_select_db("sjcdb",$connection) or die("failed!");

$result = mysql_query("SELECT * FROM users WHERE username='$username'
AND password = '$password'") or die(mysql_error());

$rows = mysql_num_rows($result);

mysql_close();

if ($rows>0){
header("Location:members.html");
} else {
header("Location:register.html");
exit;
}

Cheers,
Nicholas Sherlock

--
http://www.sherlocksoftware.org

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация