Jump to content

Having problems reading table entries. What am I doing wrong?


sardonicgem

Recommended Posts

Hello folks,

 

I am a complete newbie and I have created a simple login page that correlates to the following DB table named users

 

  Column  | Type | Modifiers

  ----------+------+-----------

  username | text |

  password | text |

 

which contains the following:

 

username |  password

----------+--------------

testname | testpassword

(1 row)

 

 

This is my script logic:

 

        $sql = "SELECT username, password FROM users WHERE username = $usr AND password = $pass";

$result = pg_exec($handle, $sql);

if ($result)

{

$data = pg_fetch_row($result);

echo "data: $data[0], $data[1]<br>\n";

dbdiscon($handle);

return true;

}

else

{

dbdiscon($handle);

echo "not found";

return false;

}

 

 

The variables get set to $usr = "testname" and $pass = "testpassword" when entered into the login form.

 

This is the error I get:

 

connection to database established ...

 

Warning: pg_exec() [function.pg-exec]: Query failed: ERROR: column "testname" does not exist LINE 1: ...CT username, password FROM users WHERE username = testname A... ^ in

 

 

Link to comment
Share on other sites

Try like this:

 

$sql = "SELECT username, password FROM users WHERE username = '$usr' AND password = '$pass'";

 

You should also use pg_escape_string() on $usr and $pass first, otherwise people may be able to insert their own sql commands into the username or password.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.