[thelist] best way to check for valid user/password in PHP
Tom Dell'Aringa
pixelmech at yahoo.com
Thu Jan 9 13:27:01 CST 2003
I'm having a bit of trouble with checking vs. a valid username and
password in my PHP script. The password check seems to work but the
username check does not. Here is my code:
-------------------------------------------
$result = @mysql_query("SELECT password, username FROM reguser WHERE
username = '$username'");
if(!$result) {
//print error
die();
}
$row = mysql_fetch_array($result);
$checkpass = $row["password"];
$checkuser = $row["username"];
if($username != $checkuser)
{
$msg = "Sorry there is no user by that name...";
header("Location: userentry.php?msg=$msg");
}
if($password != $checkpass)
{
$msg = "Password incorrect...";
header("Location: userentry.php?msg=$msg");
}
--------------------------------------------------
When I enter a fake username I don't get that error message, it skips
to the password message. I had tried using
if(!mysql_numrows(@mysql_query($result)))
to check to see if there were no rows returned for user, but if I do
that iI have to take the @mysql_query() function out of my query at
the top. If I do this, I can't pull my rows that I DO need if its
okay using $row = mysql_fetch_array($result), It seems I have to do
another query...which of course would not be right..i be confused..
TIA
Tom
=====
var me = tom.pixelmech.webDeveloper();
http://www.pixelmech.com/
http://www.maccaws.com/
[Making A Commercial Case for Adopting Web Standards]
__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
More information about the thelist
mailing list