Re: [PHP-DB] php mysql comparing two rows in two columns for username and passwort
On 29 April 2010 16:44, Alexander Schunk wrote: > Hello, > > i have it now as follows: > > while($dbbenutzer = mysql_fetch_assoc($sqlbenutzername)) > while($dbpasswort = mysql_fetch_assoc($sqlpasswort)){ You have things very twisted. Check the code posted by Karl - you only need *ONE* row containing your *TWO* fields. mysql_fetch_assoc() retrieves that *ONE* row from a MySQL result set as an array - so having those two while statements will do you no good. Regards Peter -- WWW: http://plphp.dk / http://plind.dk LinkedIn: http://www.linkedin.com/in/plind Flickr: http://www.flickr.com/photos/fake51 BeWelcome: Fake51 Couchsurfing: Fake51 -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] php mysql comparing two rows in two columns for username and passwort
Yes. You are correct. Did not include that part, sry. Dont forget mysql_real_escape_string. :) Karl On Apr 29, 2010, at 9:37 AM, Peter Lind wrote: On 29 April 2010 15:00, Karl DeSaulniers wrote: Hi, Maybe try... $benutzername = $_GET['username']; $pass = $_GET['password']; $result = "SELECT * FROM usertable WHERE sqlbenutzername='$benutzername'"; Don't use values from $_GET without sanitizing first. If using mysql_* functions, sanitize with mysql_real_escape_string() first. while($r = mysql_fetch_row($result)) { $dbbenutzer = $r["sqlbenutzername"]; $dbpasswort = $r["sqlpasswort"]; } if($benutzername == $dbbenutzer && $pass == $dbpasswort){ This would work but only if you're storing passwords in the database in clear text - which is a Bad Thing and should be avoided. Hash the passwords before storing and compare with a hashed version, not the cleartext. Regards Peter -- WWW: http://plphp.dk / http://plind.dk LinkedIn: http://www.linkedin.com/in/plind Flickr: http://www.flickr.com/photos/fake51 BeWelcome: Fake51 Couchsurfing: Fake51 -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] php mysql comparing two rows in two columns for username and passwort
On 29 April 2010 15:00, Karl DeSaulniers wrote: > Hi, > Maybe try... > > $benutzername = $_GET['username']; > $pass = $_GET['password']; > > $result = "SELECT * FROM usertable WHERE sqlbenutzername='$benutzername'"; Don't use values from $_GET without sanitizing first. If using mysql_* functions, sanitize with mysql_real_escape_string() first. > while($r = mysql_fetch_row($result)) { > $dbbenutzer = $r["sqlbenutzername"]; > $dbpasswort = $r["sqlpasswort"]; > } > if($benutzername == $dbbenutzer && $pass == $dbpasswort){ This would work but only if you're storing passwords in the database in clear text - which is a Bad Thing and should be avoided. Hash the passwords before storing and compare with a hashed version, not the cleartext. Regards Peter -- WWW: http://plphp.dk / http://plind.dk LinkedIn: http://www.linkedin.com/in/plind Flickr: http://www.flickr.com/photos/fake51 BeWelcome: Fake51 Couchsurfing: Fake51 -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] php mysql comparing two rows in two columns for username and passwort
Hi, Maybe try... $benutzername = $_GET['username']; $pass = $_GET['password']; $result = "SELECT * FROM usertable WHERE sqlbenutzername='$benutzername'"; while($r = mysql_fetch_row($result)) { $dbbenutzer = $r["sqlbenutzername"]; $dbpasswort = $r["sqlpasswort"]; } if($benutzername == $dbbenutzer && $pass == $dbpasswort){ echo 'Sie haben sich erfolgreich angemeldet'; echo 'Willkommen'; Karl On Apr 29, 2010, at 7:25 AM, Alexander Schunk wrote: Hello, i am writing a small login script for a website. The username and passwort are stored in a database in two separate columns. I have it like this: while($dbbenutzer = mysql_fetch_row($sqlbenutzername)) while($dbpasswort = mysql_fetch_row($sqlpasswort)){ echo $dbbenutzer[$i]; echo $dbpasswort[$j]; if($benutzername == $dbbenutzer and $pass == $dbpasswort){ echo 'Sie haben sich erfolgreich angemeldet'; echo 'Willkommen'; } } } Sice the values are entries in rows in two columns, i use mysql_fetch_row to get the entries. Then i want to compare the returned values of the sql statement with the values provided by the user. My problem now is only get the first value pair of username and passwort, not the second. For instance the first value pair is moritz 123456 which i get returned but i dont get returned the second value pair thomas thorr. thank you yours sincerly Alexander Schunk -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] php mysql comparing two rows in two columns for username and passwort
Hello, i am writing a small login script for a website. The username and passwort are stored in a database in two separate columns. I have it like this: while($dbbenutzer = mysql_fetch_row($sqlbenutzername)) while($dbpasswort = mysql_fetch_row($sqlpasswort)){ echo $dbbenutzer[$i]; echo $dbpasswort[$j]; if($benutzername == $dbbenutzer and $pass == $dbpasswort){ echo 'Sie haben sich erfolgreich angemeldet'; echo 'Willkommen'; } } } Sice the values are entries in rows in two columns, i use mysql_fetch_row to get the entries. Then i want to compare the returned values of the sql statement with the values provided by the user. My problem now is only get the first value pair of username and passwort, not the second. For instance the first value pair is moritz 123456 which i get returned but i dont get returned the second value pair thomas thorr. thank you yours sincerly Alexander Schunk -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php