The function below works when I pass in a valid username and password and returns '1'. When I pass a username and password that is not in the database it still returns '1'. I have put some echo statements in for debugging and the value of $numresult is always '1'. Does mysql_num_rows retain results in memory or something like that or am I completely going down the wrong road?
function VerifyLogin($user, $pass) { $conn = $this->DB_Connect(); $query = "select count(*) from users where " ."username = '$user' and " ."password = '$pass'"; $result = mysql_query($query); if(!$result) { echo 'Cannot run query.'; echo 'user = ' .$user; echo 'pass = ' .$pass; echo 'query = ' .$query; echo 'result = ' .$result; $numresult = mysql_num_rows($result); echo 'numresult = ' .$numresult; exit; } else { $numresult = mysql_num_rows($result); echo 'numresult = ' .$numresult; } //if a row exists we have a correct username/password if (mysql_num_rows($result) == 1) { return 1; } // else username and/or password is wrong { return 0; } } Thanks in advance Mark **************************************************** This e-mail is intended for the recipient only and may contain confidential information. If you are not the intended recipient then you should reply to the sender and take no further ation based upon the content of the message. Internet e-mails are not necessarily secure and CCM Limited does not accept any responsibility for changes made to this message. Although checks have been made to ensure this message and any attchments are free from viruses the recipient should ensure that this is the case. **************************************************** -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php