Checking Username and Password

wanted420

I set up a form to enter in a username and password. How would validate if the username and password are the same as the one in my db? using php and mysql

drag0n

read up on mysql about the subject:
mysql_num_rows

Sharif

I won't give you the exact answer since you need to learn it but I'll give you the process.

First you do your mysql query:

SELECT username, password FROM <table> WHERE username = '<variable for the username field>' AND password = '<variable for password field>'

Then you execute an IF statement to check if the username and password given exists:

if (mysql_num_rows(<variable for query>) > 0)

If there is such a username and password in the database, then you can execute more code... like a "Success" message. If now, you use an else statement to execute a "Login Unsucessful" message. So it's like this:

if (mysql_num_rows(<variable for query>) > 0)
{
YOUR CODE FOR SUCCESS
}
else
{
YOUR CODE FOR FAILURE
}

Simple as that.

wanted420

thank you for the replies and for puting me on the right path. I know i need to read more but i just am not understanding it right now. but thanks again.

wanted420

again thank for the help but one more ? if you dont mind answering. you said this:

SELECT username, password FROM <table> WHERE username = '<variable for the username field>' AND password = '<variable for password field>'

how do i get the username into the variable from a form asking for the username?
ex:
Username:<input type="text" name="user">
what do i use to get what they enter stored in the variable?

wanted420

Even if you can just point me to a good tutorial site that would be great!!! thanks again

wanted420

YES!!!!!!!!!!!! i figured it out!!!! but still tutorials would be nice. thanks for all the help!!!🙂 🙂 🙂 🙂 🙂 🙂 🙂 🙂 🙂 🙂

Sharif

wanted420, post you code here and I'll check to see if there is anything you should change/improve.

wanted420

Here is the registering part of the code:

<html>

<head>

	<link rel="stylesheet" type="text/css" href="eg.css" />

</head>


<body  vlink="#c0c0c0">



<?php



if ($submit)
{
	if (strlen($username) < 4 || strlen($password) < 4)
	{
	echo "Username and Password must be atleast 4 characters.\n";
	}

else
{


	// process form when submit is clicked

	$db = mysql_connect("localhost", "root");

	 mysql_select_db("members",$db);

	 $sql = "INSERT INTO members (username, password, fname, lname, email) VALUES 	 							('$username','$password','$fname','$lname','$email')";

	$result = mysql_query($sql);

	 echo "Thank you for signing up.\n";

}
}	
else
{



  // display form before submit button is clicked



  ?>



  <form method="post" action="<?php echo $PHP_SELF?>">

  <h3>Username:</h3><input type="Text" name="username">

  <h3>Password:</h3><input type="password" name="password">

  <h3>First Name:</h3><input type="Text" name="fname">

  <h3>Last Name:</h3><input type="Text" name="lname">

  <h3>E-Mail:</h3><input type="Text" name="email">

  <br><br>

  <input type="Submit" name="submit" value="Submit">



  </form>



  <?php



} // end if



?>


</body>



</html>

Here is the login section:

<html>

<head>
		<link rel="stylesheet" type="text/css" href="eg.css" />
</head>

<body>
<?php

if($submit)
{
$db = mysql_connect("localhost", "root");
mysql_select_db("members",$db);
$user = "SELECT username,password FROM members WHERE username = '$username' AND password = 

'$password'";
$result = mysql_query($user);

if (mysql_num_rows($result) > 0)
{
echo "Yeah";
}
else
{
echo "shit";
}

}
else
{
?>

<form method="post" action="<?php echo $PHP_SELF?>">


<h3>Username:</h3><input type="Text" name="username">

<h3>Password:</h3><input type="password" name="password">
<input type="submit" name="submit" value="submit">


<?php
}

?>

</body>
</html>

Sharif

Code looks good. Good work.

wanted420

Thanks.