[SOLVED] Combining two conditions?

[merylvingien]

Hi fellas, a bit stuck with this simple check.

I have a page where users can log in, but i want to be sure that it is properly protected, so i think i am overdosing on security, anyway i am trying two checks for proper email and password, first against the database and second in the page coding.

Why you might ask, i dont know LOL

Anyway i am stuck here.

I havent tried to combine two conditions together before, so i am not sure if this is correct also i am pulling a hashed password from the database, so i am not sure if i am coding that part correctly in this situation:

if ($email = "$row[email]") && ($password = "$row[md5'password']")
{ continue as normal

How should this statment be coded, i have tried it this way, that way and upside down.

[mikesta707]

if you want to check equality use the comparison operator (==) or identical operator (===) not the assignment operator(=) what that is doing is setting $email to $row['email']

 

if ($email == $row['email']) && ($password == $row['md5password'])
{ continue as normal

 

also surround associative array keys with single quotes

[merylvingien]

Thanks for the reply i better check some other code in that case LOL, but that still gives me : Parse error: syntax error, unexpected T_BOOLEAN_AND

[mikesta707]

oh my bad. your parenthesis are all wrong

if ($email == $row['email'] && $password == $row['md5password'])
{ continue as normal

[FaT3oYCG]

You also need to use the MD5(); function on the password that the user has entered otherwise it will not compare to the already MD5 hashed password in the database.

[merylvingien]

You think my parenthesis is bad, you should have seen my school reports LOL

 

 

FaT3oYCG i was just about to mention the fact that i cannot log in anymore LOL

 

if ($email == $row['email'] && $password == $row[md5('password']))

  is that correct?

I will try it, but as i am here writing and may benifit other readers at some point 

 

Edit: nope LOL

[mikesta707]

oh, well you are doing that completely wrong.

 

assuming that the password is already md5'ed in the database

if ($email == $row['email'] && md5($password) == $row['password'])

 

what you did there didn't really even make any sense. you were trying to md5 the string 'password' followed by a square bracket, and use that md5'ed string as the key in the $row array.

[merylvingien]

Thanks, that works a treat! Its ok, i am shaking my head at myself too LOL

 

Still, at least i have learnt something new today.

 

Cheers guys