Lorddraco98
Sun 29th Sep '02, 1:58pm
Okey, need some help hehe.
I'm kinda new to SQL and am just learning PHP/MySQL.
first off, on this query
$query = "insert into user values ('".null."', '".$loginname."', '".$loginpassword."', '".$emailaddress."')";
that code works, now why do I need the periods before and after the variable names, and why do I need all those single and double quotes?? I'm having a hard time following this.
My DB is set up this way:
Database
table: user
columns in the user table: userid, username, password, email
the userid colum is an auto-incrament and its the primary key, the rest are all text
I'm just trying to create right now a series of pages where you can: register a user name, pass, and e-mail address, insert that info to the DB. Then make a login page, that asks for user name and pass, and then checks the name and pass against that stored in the DB.
WIth the query listed above, I can successfully add users, just not encrypted passwords yet hehe. Problem comes when i want to check the user name/password that was typed in against the DB.
I'm using this code:
$query = "select username FROM user where username is '.loginname.'";
$result= mysql_query($query)
or die("Couldn't execute query");
$num1= mysql_num_rows($result);
if ($num >1)
{
$query ="SELECT password FROM user WHERE username='.$loginname.' AND password='.$loginpassword.'";
$result2 = mysql_query($query)
or die("Couldn't connect ot MySQL server");
$num2 =mysql_num_rows($result2);
if ($num2 >0)
{
$auth="yes";
}
else
{
echo "login not accepted";
}
}
the variables loginname and loginpassword and from forms listed on the previous page. Right now, i run this and get my error message that "query couldn't be executed"
Can anyone help me here so I can get user/password checking against the DB working and also explain the stuff in my first question? Thanks!
I'm kinda new to SQL and am just learning PHP/MySQL.
first off, on this query
$query = "insert into user values ('".null."', '".$loginname."', '".$loginpassword."', '".$emailaddress."')";
that code works, now why do I need the periods before and after the variable names, and why do I need all those single and double quotes?? I'm having a hard time following this.
My DB is set up this way:
Database
table: user
columns in the user table: userid, username, password, email
the userid colum is an auto-incrament and its the primary key, the rest are all text
I'm just trying to create right now a series of pages where you can: register a user name, pass, and e-mail address, insert that info to the DB. Then make a login page, that asks for user name and pass, and then checks the name and pass against that stored in the DB.
WIth the query listed above, I can successfully add users, just not encrypted passwords yet hehe. Problem comes when i want to check the user name/password that was typed in against the DB.
I'm using this code:
$query = "select username FROM user where username is '.loginname.'";
$result= mysql_query($query)
or die("Couldn't execute query");
$num1= mysql_num_rows($result);
if ($num >1)
{
$query ="SELECT password FROM user WHERE username='.$loginname.' AND password='.$loginpassword.'";
$result2 = mysql_query($query)
or die("Couldn't connect ot MySQL server");
$num2 =mysql_num_rows($result2);
if ($num2 >0)
{
$auth="yes";
}
else
{
echo "login not accepted";
}
}
the variables loginname and loginpassword and from forms listed on the previous page. Right now, i run this and get my error message that "query couldn't be executed"
Can anyone help me here so I can get user/password checking against the DB working and also explain the stuff in my first question? Thanks!