Re: [PHP] Trying to understand sessions and using them to authenticate...

Tue, 28 Aug 2007 07:22:18 -0700 

On 8/28/07, Jason Pruim <[EMAIL PROTECTED]> wrote:
>
> On Aug 28, 2007, at 10:03 AM, Daniel Brown wrote:
>
> > On 8/28/07, Jason Pruim <[EMAIL PROTECTED]> wrote:
> > [snip]
> >>>         $sql = "SELECT * FROM users WHERE user='".$user."' AND
> >>> pass='".$pass."' LIMIT 0,1;";
> >>>         $result = mysql_query($sql) or die("Wrong data supplied or
> >>> database error");
> >>>         while($row = mysql_fetch_array($result)) {
> >
> >     Sounds to me like you're not getting through the while() clause,
> > meaning that there's no matching rows in the database.
> >
> >     $sql = "SELECT * FROM login WHERE loginid='".$user."' AND
> > email='".$pass."' LIMIT 0,1;";
> >
> >     Is the password they supply in the `email` column of the database?
>
> Yes it is... For now... I am just using test/test and I had a field
> named password in the database but thought that was messing it up, so
> I dropped that field and currently I am just using the e-mail field
> as a password.
>
> Once it works I'll change the field to a more appropriate selection
> with MD5 hashing, and maybe even a little salt in the hash. (Gotta
> add the flavor!)
>
>
> --
>
> Jason Pruim
> Raoset Inc.
> Technology Manager
> MQC Specialist
> 3251 132nd ave
> Holland, MI, 49424
> www.raoset.com
> [EMAIL PROTECTED]
>
>
>

    If you have phpMyAdmin installed on that server, J, try using the
"search" tab to see if you can find that user/email combination in the
database using = and not LIKE.

    Perhaps there's a whitespace or something of the like that's
causing it to return zero rows.

    Also, try doing this after the $result = mysql_query($sql); line:

        die("Number of rows returned by MySQL: ".mysql_num_rows($result));

-- 
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107

Hey, PHP-General list....
50% off for life on web hosting plans $10/mo. or more at
http://www.pilotpig.net/.
Use the coupon code phpgeneralaug07
Register domains for about $0.01 more than what it costs me at
http://domains.pilotpig.net/.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to