PHP and mysql: Login query??

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Snaked
    New Member
    • Mar 2008
    • 11
    #1

    PHP and mysql: Login query??

    Code:
    function log_in($uname,$pword){
		if (mysql_num_rows(mysql_query("SELECT `iduser`, `cardno` FROM `user` WHERE `uname` = 'Steffan_James' AND `pword` = 'collingwoodcard'"))){
		$res = mysql_query("SELECT * FROM `user` WHERE `uname` = 'Steffan_James' AND `pword` = 'collingwoodcard' LIMIT 1");
		$row = mysql_fetch_array($res);
		setcookie('id',$row["iduser"],2592000 + time(),'/');
		setcookie('cno',$row["cardno"],2592000 + time(),'/');
		return 1;
		} else {return 0;}
}
    That's it. I've filled the query with some test details, and i know that my passwords are insecure.

    It won't log in, even though the query runs fine on PHPMyAdmin...
    Tags: None
    • Atli
      Recognized Expert Expert
      • Nov 2006
      • 5062
      #2
      This code is very inefficient. You are executing the query twice, when doing it once would be perfectly fine. Not to mention that the second time you are getting all the fields, not just those you are using.

      Try doing something more like:
      [code=php]
      function doLogin()
      {
      $sql = "SELECT id, whatever FROM user WHERE uname = 'name' AND pwd = 'pass'";
      $res = mysql_query($sq l) or die("Login query failed: ". mysql_error());
      if(mysql_num_ro ws($res)) {
      // Set cookies and stuff here...
      return true;
      }
      else {
      return false;
      }
      }
      [/code]
      Try that and see if it helps any.

        Comment

        • Snaked
          New Member
          • Mar 2008
          • 11
          #3
          I realize what went wrong now... I FORGOT TO CONNECT TO THE DATABASE. Thanks for your help.

            Comment

            Previous template Next
            Working...