mysql query and checking if its successful

[Kaisuo]

[php:1:1d5cc4ec0c]<?php

checkuser($user,$pass) {

$conn = mysql_connect($conn_host, $conn_user, $conn_pass) or die(mysql_error());

$checked = mysql_query(\"SELECT * FROM katima_members WHERE username = \'$user\' AND password = \'$pass\'\");

if($checked) {

$checking == \"ok\";

} else {

$checking == \"error\";

}

mysql_close($conn)

return $checking;

}

?>[/php:1:1d5cc4ec0c]

 

Would this return \"ok\" if the user is in the database and the username and password are correct?

[Raichu]

No, I reccomend something like this:

 

<?php



mysql_connect("localhost", "user", "pass");

mysql_select_db(name of database);

$verify = mysql_query("SELECT COUNT(*) AS number FROM member WHERE user=\'{$HTTP_POST_VARS[\'user\']}\' AND pass=\'{$HTTP_POST_VARS[\'pass\']}\'");



$result = mysql_fetch_array($verify);



if( $result[\'number\'] < 1)

{

echo " Incorrect username or password";

exit();

}





?>

Log in complete! 

 

Just edit the user pass and database name also edit the values for the name in your form

[Kaisuo]

WOW thats chinese! very complicated!

[gizmola]

WOW thats chinese! very complicated!

 

Not really... and it is the best way to handle your problem My only quibble is that you should use $_POST rather than the $HTTP_POST...

 

 

Your code btw, is completely incorrect, because all you are checking is whether your query completed or not. It would almost certainly always be true (assuming you didn\'t have a syntax error in your statement).

[Kaisuo]

its just me, I\'m not too familar with:

COUNT(*) AS number

Is there any tutorial or references on mysql_query as in stuff like

SELECT

COUNT

FROM

WHERE

.... Stuff like that?

 

Could be really useful for me.