• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 255
  • Last Modified:

simplest way

My code looks for all emails to see if $email is already in the database (that is right, because more than one user CAN NOT have the same email).

My code looks for all passwords to see if $password is already in the database (that is wrong, because more than one user CAN have the same password).


$password=mysql_real_escape_string($_POST['password']);

$select="SELECT * FROM area WHERE password LIKE '$password' LIMIT 1";

$password_select=mysql_query($select);


if(mysql_num_rows($password_select))
 {
  echo "The password is correct!";
 }
else
 {
  $error.=4;

  echo "The password is incorrect!";
 };


What is the simplest way to solve this problem?
0
locke2005
Asked:
locke2005
1 Solution
 
trickyidiotCommented:
This code is only checking to see if the password exists in the table.

It looks like code from a login script... Can you post your full code and explain your problem in a little more detail?
0
 
DrNikon224Commented:
Is this code for logging a user in? Try this:

<?
$email=mysql_real_escape_string($_POST['email');
$password=mysql_real_escape_string($_POST['password']);
$select="SELECT * FROM area WHERE email = '$email' AND password = '$password'";

$password_select=mysql_query($select);


if(mysql_num_rows($password_select) == 1)
 {
  echo "The password is correct!";
 }
else
 {
  $error.=4;

  echo "The password is incorrect!";
 };
?>

This checks the password, for the supplied email address, and if exactly one row was returned, the password and email address provided are correct.
0
 
locke2005Author Commented:
Thank you, DrNikkon! You renewed my hope of working with MySQL!!!
0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now