Jump to content

PHP select from database and compare result Problem


Go to solution Solved by alpine,

Recommended Posts

My Boss Good day and Good day evry1 in here happy Sunday. i have a php script dat is suposse to register users into a database. bt 1st i want it to chk d user password with a pin code in the data base and the user password and if my db pin match den we add the user details to the database else we echo an error bt i dnt seem to b getting it. please help me dis d php script:

 $connect=mysql_connect("$host","$user","$password")
  or die("Bross why na, change the localhost to example site.com without www. ");
  $select=mysql_select_db("$db_name")
  or die("dagogo change the db");
  
  //collection data from registration form and processing encrypting it
  $first_name=($_POST["First_Name"]);//user 1st name
  $last_name=($_POST["Last_Name"]);//user last name
 $username=($_POST["UserName"]);//user special User name
 $phone=($_POST["Phone"]);//user phone number
 $email=($_POST["email"]);//user email address
 $password=($_POST["password"]);//user password
 
     //checking the pin with pin in the database
 
 $query=mysql_query("SELECT * FROM pin_code WHERE pin='$password'");
 $numrows=mysql_num_rows($query);
 if($numrows!=0)
 {
 while($row =mysql_fetch_assoc($query))
 {
 
 $dbpassword=$row['pin'];
 
 }
 if($password==$dbpassword)
 {
 
 
 //inserting the form details into the database.
 mysql_query("INSERT INTO users(first_name,last_name,username,phone,email,password)VALUES('$first_name','$last_name','$username','$phone','$email','$password')")or die ("Registration failed");
 }
}
 else
 {
 echo"dagogo";
 }
 

its echos d error dagogo even wen i put in the right pin please help

 

PARAMETERS $row['pin']  is d field in d database table ie pin

Edited by IlaminiAyebatonyeDagogo

Sorry, please post in full English not text speak.

 

 

yes it is dey are suppose 2 pay 4 pin code and use as dere password wen registring

I don't understand that.

 

please give examples.

Edited by Ch0cu3r

ohh am sorry you ask if:

 

Is the pin code the same as the users password?

I answered Yes.

Reason been that they will buy the pin code from web master and use then use it as their password when registering on the site and the pin code will be inserted into the database. so when the user buy a database inserted pincode he use it as it password and then register with it. so he will be allowed bcos d pin code is in the database

You're getting the dagogo message because the following query is not returning any results where the pin matches the entered pass code ($password).

 $query=mysql_query("SELECT * FROM pin_code WHERE pin='$password'");

How are you storing the pin codes in the pin_code table? Can you provide an example of what your pin codes look like.

You're getting the dagogo message because the following query is not returning any results where the pin matches the entered pass code ($password).

 $query=mysql_query("SELECT * FROM pin_code WHERE pin='$password'");

How are you storing the pin codes in the pin_code table? Can you provide an example of what your pin codes look like.

pin is name of field in the pin_code and then add a dumie data say 1234dagogo now wen am registring i would use 1234dagogo as d password and on my database pin_code is the table which u know and pin is the name of the field

You are overcomplicating things, something like this

 <?php

$query = mysql_query("SELECT * FROM pin_code WHERE pin = '".htmlspecialchars($password, ENT_QUOTES)."'");

 if(mysql_num_rows($query) == '1'){
   // Pin found - create user with kung-fu query
 }
 else{
   echo 'Pin not found';
 }

?>
  • Solution

You need to debug your submitted formdata as you encounter problems,

and make sure the pin actually exists in database AND that it isnt encrypted in any way.

If its stored encrypted, you need to encrypt the posted password in order to match them!

Also, this example looks for ONE record of that exact pin code, if its stored several pins with the same value in db, this query will fail !!

 <?php

$query = mysql_query("SELECT * FROM pin_code WHERE pin = '".htmlspecialchars($password, ENT_QUOTES)."'");

 if(mysql_num_rows($query) == '1'){
   // Pin found - create user with kung-fu query
 }
 else{
   echo '<p>Pin not found</p>';
   echo '<p>Posted Pin: '.$password.'</p>; // <--- is this displayed value the exact value stored in db ????
 }

?>
Edited by alpine
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.