Hedi
Reputation: 322
check username and password
I want check if a username and password exist in my database or not, but my code have problem and I couldn't find it.
$result=mysql_query("SELECT C_ID FROM customer WHERE C_NNAME ='".$_POST['username']."' AND C_PASS = '".$_POST['pass']."'");
if($result=='FALSE'){
$word .= select_key('keyword', 'K_ID', 'password');
}
else
{
$word.= select_key('keyword', 'K_ID', 'Please Complete Feilds');
}
Upvotes: 1
Views: 250
Answers (3)
blockhead
Reputation: 9705
You need to use mysql_num_rows to find out if there was any results.
Upvotes: 0
Dave_Peachy
Reputation: 498
$name = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['pass']);
$result = mysql_query("SELECT C_ID FROM customer WHERE C_NNAME ='$name' AND C_PASS = '$password'");
if(mysql_num_rows($result) > 0) {
// There's a match
} else {
// There's no match
}
Also please don't use mysql_ functions use mysqli_ or stores procedures. The code is not secure against sql injection not a good idea to use this on a public website.
Upvotes: 1
Repox
Reputation: 15476
Other than your SQL injections problems, you are using the superglobal array $_POST wrong (as you are naming it $post).
Try using the correct superglobal variable name - and Google for SQL injections.
Upvotes: 2
Related Questions
- How to check username and password matches the database values
- PHP/SQL Login Form - how to check password in database
- Check username/password on wordpress
- sql / php - login check
- Checking if Username and Password are correct
- username and password validation in php mysql
- Use SQL to check if user exists in database
- Verify Login Details to MySQL
- Checking account details through php and sql
- Check if database credentials are valid?