0

OK,
Here's what I have.
This is my simple form.

<form action="log_test.php" method="post">
<input type="text" name="username">
<input type="password" name="password">
<input type="submit" name="submit" value="Log in">

</form>

and here is my script

$query = "SELECT userId, password FROM table";

$result = mysql_query($query);

while($row = mysql_fetch_array($result))
{
	echo $row['userId'];
	echo $row['password'];
}

I got it pulling up and printing everything in the database, but how can I take the user input and see if it matches one in the database.

I don't think it works the way I'm doing it, maybe because I am trying to match one user input to all the database.
But that's just a guess.
Thanks
Dan

5
Contributors
5
Replies
6
Views
7 Years
Discussion Span
Last Post by rajarajan07
0

Firstly, you have to retrieve (and validate) the values entered in the form, something like this:

$user=$_POST['username'];
      $pass=$_POST['password'];

and then add a WHERE clause to your SELECT statement:

$query = "SELECT userId, password FROM table WHERE userId='$user' AND password='$pass'";
0
<?php
$username = $_POST['username'];
$password = $_POST['password'];

if (!$username or !$password) {
    echo 'make sure you entered the required fields';
    exit(0);
}

$query = "SELECT password FROM table WHERE userId = '$username'";
$dbarray = mysql_fetch_array($query);

if ($password == $dbarray['u_passwd']) {
		echo 'Password match'; 
} else {
		echo 'Password Fail'; 	
                exit(0);
}
?>

You will probably want to increase the security of your login script by using encryption and other validation... But let's do it one step at a time!

Edited by nonshatter: n/a

0

There is error occurs while execution of above program.
mysql_fetch_array() function is not valid.

0

You have to add this line right before you try to fetch an array (it practically executes your query):

$resource = mysql_query($query) or die(mysql_error());

Once your MySQL resource is ready you use mysql_fetch_array:

$dbarray = mysql_fetch_array($resource);
0
uid=$_POST['username'];
pwd=$_POST['password'];
$query = "SELECT * FROM table where userId='$uid' and password='$pwd'";
$result = mysql_query($query);

if (mysql_num_rows($result) > 0) { 
echo "Match Found";
while($row = mysql_fetch_array($result))
{
	echo $row['userId'];
	echo $row['password'];
}
}else echo "No Match Found";
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.