RE: [PHP-WIN] Re: Password Protection

Thu, 19 Jul 2001 04:36:39 -0700 

It is more correct to use 'else' as a default error catch. It is
far better to turn it aroud like;

<?
$result = mysql_query("SELECT password, author FROM newsauthors WHERE 
author='$name' AND password='$code'");
// If no rows are returned the user is not valid
// However if two rows are return there is also a problem!
if(mysql_num_rows($result) != 0):
   {
   while($result):  // Loop through $result array
      {
      $stored_password=$result[0];
      $stored_author=$result[1];
      // Check author and pasword match
      if(($stored_password == $code) && ($stored_author == $name)):
          {
          Print "Correct password"; // if correct
          }
      else:
          {
          Print "Authetication failed";  // if failed
          }
      end if;
      }
   end  while;
   } 
// If no rows found in DB to match author and password
else:
   {
    Print "Authentication failed";
   }
end if;

Have fun & hope this helps

Regards EF

>===== Original Message From "elias" <[EMAIL PROTECTED]> =====
>try like that:
><?
>$result = mysql_query("SELECT password FROM newsauthors WHERE author='$name'
>AND password='$code'");
>if (mysql_num_rows($result) == 0)
>{
>// sorry wrong password
>} else { // correct pwd }
>
>
>"Nintendoodle" <[EMAIL PROTECTED]> wrote in message
>002701c10ff5$bb273e80$[EMAIL PROTECTED]">news:002701c10ff5$bb273e80$[EMAIL PROTECTED]...
>I am trying to get a content management system up and running on my site. I
>want to have the thing password protected, and this was how I was going
>about it, passing on name and password variables in the urls of the
>management system. However, this doesnt work, it just says your password in
>correct, even when it is not.
>
>Any help ?
>
><?php
>$code = mysql_query("SELECT password FROM newsauthors WHERE $name =
>author");
>?>
><?php
>if ($code = $password) {
>?>
>//Content manager stuff goes here
><?
>} else {
>echo( "You have entered an incorrect password, or you do not have access to
>this part of the Staff area. Please press back on your browser and re-enter
>details." );
>}
>?>
>
>Thanks in advance
>
>
>
>
>--
>PHP Windows Mailing List (http://www.php.net/)
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail: [EMAIL PROTECTED]


-- 
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to