"Harlequin" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Another day another problem. This time it appears that users are able to
> enter their details but I get a query execution error with the following
> section of code:
>
> /* Verify Login */
> $sql = "SELECT UserFirstName,UserID,UserPassword FROM RegisteredMembers
> WHERE UserID='$_POST[TXT_UserID]'";
If your user id is of type int you don't need the quotes around the value.
But you definitely need quotes around your POST array key:
$sql = "SELECT UserFirstName,UserID,UserPassword FROM RegisteredMembers
WHERE UserID = $_POST['TXT_UserID']";
> $result = mysql_query($sql) or die ("couldn't select database");
> $num = mysql_num_rows($result);
> if ($num == 1) file://Login Name Was Found
> {
> $sql = "SELECT UserID FROM RegisteredMembers
> WHERE UserID='$_POST[TXT_UserID]'
> AND password=UserPassword('$_POST[TXT_UserPassword]')";
You already have the user id ($_POST[TXT_UserID]), so why select it?
Regards, Torsten
> $result2 = mysql_query($sql) or die("Couldn't execute query #2.");
>
> The next to last line is bugging me though. "AND password= etc. because I
> have a variable declared earlier in the logon page for TXT_UserPassword
and
> the UserPassword column exists but where in the hell is "password"...?
>
> Is this another of MySQLs "on the fly" variables...?
>
> --
> -----------------------------
> Michael Mason
> Arras People
> www.arraspeople.co.uk
> -----------------------------
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
