Login

Dignity · (This post was last modified: 08-13-2011, 01:29 PM by Eyrk.)

I have two questions about PHP+SQL.

How do I check if something exists in a table? - Done
How to I check if something equals something?

By "equals something" I mean something like

Code:
if Pass='$psw'

setcookie("User", "");

Only in SQL.

Chaos · (This post was last modified: 08-12-2011, 09:42 PM by manbat116.)

I don't know much SQL, but why don't you make a variable for the SQL, then check it like:

[lua]
<?php

$okay = TRUE;

$sql = "SQL HERE";
if $sql == "$sql {
$okay = FALSE;
}

?>

[/lua]

That may have errors, I just did it off the top of my head. But it may work.

Dignity · 08-13-2011, 01:31 PM

Let me re-state my question.

I have a login system, and for login, how do I check if the input equals the data?

Chaos · (This post was last modified: 08-13-2011, 05:06 PM by manbat116.)

Oh that's easy!

(password1 is your password, password2 is the one where you confirm it)

[lua]
if($password1 != $password2) {
header('Location: register.php');
}

if(strlen($username > 30) {
header('Location: register.php');
}
[/lua]

By the way, I would add in an error message. But that's how you do it.

Dignity · 08-13-2011, 05:05 PM

But, password2 is in a database?

Chaos · (This post was last modified: 08-13-2011, 05:07 PM by manbat116.)

You can put it in there if you want. But I just check it right when they load the page. Just store there hashed password in the database.

Dignity · 08-13-2011, 05:21 PM

I do not understand.

Code?

Chaos · 08-13-2011, 05:28 PM

Okay, I put the passowrd1 in the database (hashed of course) BUT

When they fill out a form:

[lua]
<html>

<form name="register action="register.php" method="post">
Username: <input type="text" name="username" maxlength="30" />
Password: <input type="password" name="password1" />
Password Again: <input type="password" name="password2" />
<input type ="submit" value="Register" />
</form>
</html>
[/lua]

As you can see I have 'Password' (password1) and 'Password Again' (password2) then, when they hit register, it sends username and password, and ID in the database. NOT password2. Password2 is checked when they register ONLY. Why would you need it it in the database. Just check it when they load the page.

noob007 · (This post was last modified: 08-13-2011, 05:37 PM by Voided.)

He's asking how to get a password from a SQL database.

Assuming you have a SQL database connection, use this query:

[lua]
$result = mysql_query("SELECT * FROM users WHERE username = '".mysql_real_escape_string($_POST['username'])."' AND password = '".hash('sha256',$_POST['password'])."'");

if (mysql_num_rows($result)) {
// success
} else {
// fail
}
[/lua]

Remember to hash your password. In the example I used sha256.

Dignity · 08-13-2011, 05:46 PM

I'ts not working

http://virtualscope.x10.mx/Account/cookie.php

Source:

Code:
<?php

include("../api.php");

@ $con=mysql_connect("*", "*", "*");

if (!$con)

{

sError(mysql_error());

}

$result = mysql_query("SELECT * FROM User WHERE Username = '".mysql_real_escape_string($_POST['user'])."' AND Password = '".hash('sha256',$_POST['psw'])."'");

if (mysql_num_rows($result)) {

setcookie("user", $_REQUEST['user']);

} else {

sError("Incorrect username/password");

}

?>

Login
Username:
Password:	Lost Password?
	Remember me