PHP and Mysql relationship

Anon

I have been having a problem with really understanding how you can take your information from a form then compare it to what is in the database. I have been through numerous DOC files, Email Lists, and books. I apparently have not found anything to help me truly understand. I am still new at this and find myself trying to code in PHP like I would in PERL. Here is what I am doing.

$result = mysql_db_query ("accent", "select * from Customers WHERE CustID=$Pass1 AND CustNumb=$Pass2 AND CustName=$User");
if ( ! mysql_num_rows($result)) {
echo "<H1>Error!!! You do not have access or mistyped</h2>" ;
} else {

$webpage = "http://www.accentsystems.com";
$fp = fopen( $webpage, "r" ) or die ("COuld not open");
print fgets ( $fp, 1024) ;
}

I am basically taking a number and a name and seeing if they are in the database. If this is true and they match lets move on to the next page. I think my problem is that do not understand what (mysql_num_rows or mysql_fetch_object) to use here.

If anyone can help and/or point me in a direction to get a better understanding I would appreciate it.

Bill Marlin

Anon

Well, here is the problem. Take the following code:

$result = mysql_db_query ("accent", "select * from Customers WHERE CustID=$Pass1 AND CustNumb=$Pass2 AND CustName=$User");
if (mysql_num_rows($result) == 0) { // There are no rows returned, the credentials are not valid
echo "<H1>Error!!! You do not have access or mistyped</h2>" ;
} else {

$webpage = "http://www.accentsystems.com";
$fp = fopen( $webpage, "r" ) or die ("COuld not open");
print fgets ( $fp, 1024) ;
}

... mysql_num_rows returns an int that corresponds to the number of rows your query returned. I don't like using this because if you decide to move to another database platform (i.e. oracle), some databases do not provide for the number of rows. So, what I would do is the following:

$result = mysql_db_query ("accent", "select * from Customers WHERE CustID=$Pass1 AND CustNumb=$Pass2 AND CustName=$User");
if (!($row = @mysql_fetch_object($result)) {
echo "<H1>Error!!! You do not have access or mistyped</h2>" ;
} else {
$webpage = "http://www.accentsystems.com";
$fp = fopen( $webpage, "r" ) or die ("COuld not open");
print fgets ( $fp, 1024) ;
}

What the above does ($row = @mysql_fetch_object($result)) is pulls the first row from the result set. If it returns false (i.e. no record), then the condition is satisfied (double negative). The @ sign in front of the function merely tells it to suppress error messages, so you don't get any unwanted output. I hope that helps. If you have any other questions feel free to mail me.

Chris King