Jump to content

Archived

This topic is now archived and is closed to further replies.

romio

Login Page, Code Advice

Recommended Posts


This is my code which I use for my Login page, I would appreciate if anyone could tell me if its good enough, if not, then how can I improve it.
[code]
if ((isset($_POST['username'])) && (isset($_POST['username'])))
{
  $loginUsername = mysql_escape_string($_POST['username']);
  $password = mysql_escape_string(md5($_POST['password']));

  $checkaccess = "SELECT username,password FROM login WHERE username = '$loginUsername' AND password = '$password'";
  $Login = mysql_query($checkaccess) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($Login);
if ($loginFoundUser){
setcookie('Logged', 'True', time()+60*60);
header('Location: index.php');
exit;
}else{
  $errorMessage = true;
}
}
[/code]

Share this post


Link to post
Share on other sites
[code]  $loginFoundUser = mysql_num_rows($Login);
if ($loginFoundUser){
setcookie('Logged', 'True', time()+60*60);
header('Location: index.php');
exit;
}else{
  $errorMessage = true;
}[/code]

[quote=php.net/mysql_num_rows]
mysql_num_rows return the number of rows in a result set on success, or FALSE on failure.
[/quote]

$loginFoundUser will only be false if the SQL statement has an error in it..
you'll have change you if statement to

[code]if ($loginFoundUser == 1{[/code]

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.