e-
From: Hutchins, Richard [mailto:[EMAIL PROTECTED]
Sent: Monday, July 19, 2004 12:38 PM
To: [EMAIL PROTECTED]
Subject: RE: [PHP-DB] Begining PHP...Have Questions
Trade in those commas around your $_POST['username'] for some periods.
Rich
> -Original Message-
> From:
On Mon, 2004-07-19 at 14:08, Aaron Todd wrote:
> That makes great sence, however when I tried using $_POST in my SQL
> statement it would not work.
>
> This works fine:
> $query = "SELECT * FROM users WHERE email='".$username."'";
> But this one doesnt at all:
> $query = "SELECT * FROM users WHERE
Trade in those commas around your $_POST['username'] for some periods.
Rich
> -Original Message-
> From: Aaron Todd [mailto:[EMAIL PROTECTED]
> Sent: Monday, July 19, 2004 2:08 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [PHP-DB] Begining PHP...Have Questions
Jon,
The table contains 2 fields...email and pass. My plan is to use the email
address as the username.
$query = "SELECT * FROM users WHERE email='".$username."'";
I used this query because a persons whole email address should be unique. I
didnt feel it was necessary to add the AND password= b
That makes great sence, however when I tried using $_POST in my SQL
statement it would not work.
This works fine:
$query = "SELECT * FROM users WHERE email='".$username."'";
But this one doesnt at all:
$query = "SELECT * FROM users WHERE email='",$_POST['username'],"'";
It does however work for
You want to use $_POST['username'] instead of $username everywhere you
have a POST variable. I believe this became the standard around PHP4.2.
Can you give us the table def and the results of that select? Also, can
you copy that query ( echo "$query";) into your next reply?
I think you're qu
You should generally $_POST for all posted variables, $_GET for all
"get" variables (in the query string / url), and the other
superglobals for other such things. If you don't care if it's POST,
GET, or a cookie, you can use $_REQUEST.
register_globals is a setting in your php.ini. It's best pract
Jon,
Thanks for the info. I did change the LIKE to =. This was done just for my
debugging. I do have it set to = on a normal basis.
I am a little unsure what you mean at the end of your reply about register
globals. Are you saying that everywhere I use $username to refer to the
users inputed
if you have shell access, please do the following
describe users;
select * from users;
also, why are you using LIKE instead of =?
use this instead:
$query = "SELECT * FROM users WHERE email = '".$username."'";
i would also suggest turning off register globals and using
$_POST['username'] and not $
