The function below works when I pass in a valid username and password and
returns '1'. When I pass a username and password that is not in the database
it still returns '1'. I have put some echo statements in for debugging and
the value of $numresult is always '1'. Does mysql_num_rows retain results in
memory or something like that or am I completely going down the wrong road?
function VerifyLogin($user, $pass)
{
$conn = $this->DB_Connect();
$query = "select count(*) from users where "
."username = '$user' and "
."password = '$pass'";
$result = mysql_query($query);
if(!$result)
{
echo 'Cannot run query.';
echo 'user = ' .$user;
echo 'pass = ' .$pass;
echo 'query = ' .$query;
echo 'result = ' .$result;
$numresult = mysql_num_rows($result);
echo 'numresult = ' .$numresult;
exit;
}
else
{
$numresult = mysql_num_rows($result);
echo 'numresult = ' .$numresult;
}
//if a row exists we have a correct username/password
if (mysql_num_rows($result) == 1)
{
return 1;
}
// else username and/or password is wrong
{
return 0;
}
}
Thanks in advance
Mark
****************************************************
This e-mail is intended for the recipient only and
may contain confidential information. If you are
not the intended recipient then you should reply
to the sender and take no further ation based
upon the content of the message.
Internet e-mails are not necessarily secure and
CCM Limited does not accept any responsibility
for changes made to this message.
Although checks have been made to ensure this
message and any attchments are free from viruses
the recipient should ensure that this is the case.
****************************************************
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
