No Result from MySQL Query

lilRachie

I'm trying to compare DB info with the users login input

<?
ob_start();
$user = $_POST['user'];
$pass = $_POST['password'];

include('connect.php');
$table = "tablename";
$sql = "SELECT * FROM $table WHERE 'username' = $user";
$result = mysql_query($sql);

//$fetch =  (mysql_fetch_assoc($result);
//$row = explode(" " , $fetch);
//list($rowID,$userq,$passq) = $row;

//$userq = "echo $row['1'];
//$passq = "echo $row['2'];


//print_r($row);
//print_r($userq);

/*
if ($user == $userq && $pass == $passq)
{
	mysql_close($db_conn);
	include('phplogin.php');
}
	else {
	mysql_close($db_conn);
	header("Location: http://www.url.com/livetest/testsite/sorry.html");
	exit;
}
*/
;


?>
<html><body>
<? 
if($result){
echo "result found";
}
else{
echo "no result found";
}
echo "$user";
 ?>
</body></html>
[code=php]

All I'm getting is
no result foundtestuser2

What gives my DB connect is fine

lilRachie

jamie85

Firstly you can add the password in your sql query:

SELECT * FROM tablename WHERE username = '$name' AND password = '$pass'

Then you just call mysql_num_rows() instead of mysql_fetch_assoc().

mysql_num_rows() returns the number of rows matching your query. If it returns 1, then you have 1 match, and the users name and password is correct. This also saves you extra code such as

if ($user == $userq && $pass == $passq)

as the comparisons were done by the SQL.

ps. You should use strcmp() or '===' to compare strings, not

if ( string1 == string2 )