aznjay Posted November 23, 2006 Share Posted November 23, 2006 [code]$blah2 = $_POST['user'];$blah = $_POST['pass']; $something=date("F j, Y");$result = mysql_query("SELECT * FROM users WHERE username = '" . $blah2 . "' AND password = '" . $blah . "'"); $co = 0;while($r = mysql_fetch_array($result)) { $co ++; $item_name = $r["item_name"]; $item_id = $r["item_id"];} if($co != 0){print "error you dumbass, wrong password and or username!";} else{echo "$item_name";}[/code]Okay what I'm trying to do is to check if there is user in the database but it seem to be not work...so yeah can anyone make me a new script or fix this one? Quote Link to comment Share on other sites More sharing options...
btherl Posted November 23, 2006 Share Posted November 23, 2006 [code=php:0]$user = $_POST['user'];$pass = $_POST['pass']; $something=date("F j, Y");$user = mysql_real_escape_string(urldecode($user));$pass = mysql_real_escape_string(urldecode($pass));$result = mysql_query("SELECT * FROM users WHERE username = '" . $user . "' AND password = '" . $pass . "'") or die(mysql_error()); $co = 0;while($r = mysql_fetch_array($result)){ $co ++; $db_user = $r['username']; $db_pass = $r['password'];} if($co != 0){print "error you dumbass, wrong password and or username!";} else{echo "$db_user password correct";}[/code]Hope that helps :) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.