Thanks to everyone so far who has responded, but the other posts are going
down a different road than what I currently need.

In my code below I am building a login page.  I am continuing to do
different things to debug this problem myself and I think I have narrowed it
down a bit.  Like I said in my previous post...the program does work without
error, it just doesnt produce the expected results.  When I enter username1
and password 1 I get pasword1.  When I enter username2 and password2 I get
password2.  When I enter username2 and password1 I get password2.  This isnt
a very effective login program.

If you look at the last if statement:
    if (!$_POST['passw'] = mysql_result($result,0,"pass")){
      $error = "Invalid Password.<br>";
      echo "$error<br>";
    } else {
      printf("Password is %s<br>\n", mysql_result($result,0,"pass"));

I am trying to validate what is entered in the form with what is in the
database.  That looks like good code to me, but like I said before, when I
enter username2 and password1 I get password2.  I think $result should only
contain the row that username2 is in so the pass field should have
password2.  I believe it does.  But If I put password1 in the form and the
program checks to see if it is equil to password2 it should echo the error.

You may be able to tell, but I am getting really confused by this.

If anyone can help with this I would really appreciate it.


"Aaron Todd" <[EMAIL PROTECTED]> wrote in message
> I am just starting out with PHP and I have created a simple login program
> that is supposed to check users input with a mysql database.  I am doing 5
> verifications before the program is completed...Check for the Submit
> check for a valid email address(which is the username), check for a valid
> password, check to see if the username exists in the database, and finally
> check to see if the password matches the database for the coresponding
> username.  Currently you dont get access to a site you only get told what
> your password is in the database.
> Everything is technically working, but its not perfect and I think I need
> some help.  I have entered 2 records in the database for testing purposes.
> When I put in username1 and password1 it works.  The program returns the
> coresponding password.  When I change to username2 and still put in
> password1 it will return password1.
> I have done some debuging and I am unsure of what is really happening.  My
> code is below.  Would anyone be able to tell me what I am doing wrong.
> Thanks,
> Aaron
> <html>
> <body>
> <?php
> if ($submit) {
>   if
> -z{|}`]+\.'.'[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $username)) {
>     $error = "You must enter a valid email address for your
>     echo "$error<br>";
>   } else {
>     $db = mysql_connect("localhost", "username", "password");
>     mysql_select_db("database",$db);
>     $query = "SELECT * FROM users WHERE email LIKE '".$username."'";
>     echo "$query<br>";
>     $result = mysql_query($query,$db);
>     $num_rows = mysql_num_rows($result);
>     echo "There are $num_rows records matching $username<br>";
>     echo "Entered User Name:  $username<br>";
>     echo "Entered Password:  $passw<br>";
>     if (strlen($passw) < 6 || !preg_match('/[a-z]/i', $passw) ||
> !preg_match('/[0-9]/', $passw)) {
>       $error = "Invalid Password.  Must be greater than six characters
> containing at least one number.<br>";
>       echo "$error<br>";
>     } else {
>       if (!$num_rows){
>         $error = "Username was not found.  Please Register.";
>         echo "$error<br>";
>         die(mysql_error());
>       } else {
>         if (!$passw = mysql_result($result,0,"pass")){
>           $error = "Invalid Password.<br>";
>           echo "$error<br>";
>         } else {
>           printf("Password is %s<br>\n", mysql_result($result,0,"pass"));
>         }
>       }
>     }
>   }
> } else {
>   ?>
> <form method="post" action="<?php echo $PHP_SELF?>">
>   User Name:<input type="Text" name="username"><br>
>   Password:<input type="Text" name="passw"><br>
>   <input type="Submit" name="submit" value="Enter information">
>   </form>
> <?php
> } // end if
> ?>
> </body>
> </html>

PHP Database Mailing List (
To unsubscribe, visit:

Reply via email to