web_master Posted November 8, 2013 Share Posted November 8, 2013 Hi, I got a problem. I have an array, list of users (and passwords). But it is an Array and I must enter a names and passwords "manually". I want to change that array to query... Array is: $LOGIN_INFORMATION = array( 'zubrag' => 'password', 'test' => 'testpass', 'admin' => 'passwd'); so I want to chage it: $QueryReturn = mysql_query(' SELECT * FROM `users` WHERE ORDER BY `users_username` ASC '); if(!$QueryReturn){ echo mysql_error(); exit; } while($request = mysql_fetch_array($QueryReturn)) { /// } $request['users_username'] $request['users_password'] this two variables is what can change in array... So, I dont know how can I replase with Query the Array. Thanks in advanced T Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted November 8, 2013 Share Posted November 8, 2013 (edited) If you want to convert your array to the database you'll first need to add the username/passwords to the users table. You will also want to encrypt the users password too. // connect to database $LOGIN_INFORMATION = array( 'zubrag' => 'password', 'test' => 'testpass', 'admin' => 'passwd' ); // loop through the $LOGIN_INFORMATION array add each username/password to the users table foreach($LOGIN_INFORMATION as $username => $password) { $username = mysql_real_escape_string($username); // sanitize the username $password = md5($password); // encrypt users password. Never store passwords as plain text // insert into table mysql_query('INSERT INTO users (users_username, users_password) VALUES('$username', '$password'); } Once the users have been added to the database you can delete that code. For logging in the user. The code would be $username = mysql_real_escape_string($request['users_username']); // sanitize username $password = md5($request['users_password']); // encrypt users password. // query the database. Find record that matches the username and password hash $result = mysql_query("SELECT users_id, users_username FROM `users` WHERE users_username = '$username' AND users_password = '$password' LIMIT 1"); // check query executed if($result) { // check that the query returned any results if(mysql_num_rows($result)) { // username/password matched. // set cookie/session so user stays logged in. } else { // no rows return. Display login error message echo 'Sorry username/password invalid'; } } else { // something wrong. Query didn't execute probably due to an error echo 'Database error: ' . mysql_error(); } Edited November 8, 2013 by Ch0cu3r Quote Link to comment Share on other sites More sharing options...
web_master Posted November 8, 2013 Author Share Posted November 8, 2013 If you want to convert your array to the database you'll first need to add the username/passwords to the users table. You will also want to encrypt the users password too. // connect to database $LOGIN_INFORMATION = array( 'zubrag' => 'password', 'test' => 'testpass', 'admin' => 'passwd' ); // loop through the $LOGIN_INFORMATION array add each username/password to the users table foreach($LOGIN_INFORMATION as $username => $password) { $username = mysql_real_escape_string($username); // sanitize the username $password = md5($password); // encrypt users password. Never store passwords as plain text // insert into table mysql_query('INSERT INTO users (users_username, users_password) VALUES('$username', '$password'); } Once the users have been added to the database you can delete that code. For logging in the user. The code would be $username = mysql_real_escape_string($request['users_username']); // sanitize username $password = md5($request['users_password']); // encrypt users password. // query the database. Find record that matches the username and password hash $result = mysql_query("SELECT users_id, users_username FROM `users` WHERE users_username = '$username' AND users_password = '$password' LIMIT 1"); // check query executed if($result) { // check that the query returned any results if(mysql_num_rows($result)) { // username/password matched. // set cookie/session so user stays logged in. } else { // no rows return. Display login error message echo 'Sorry username/password invalid'; } } else { // something wrong. Query didn't execute probably due to an error echo 'Database error: ' . mysql_error(); } Thanks Ch0cu3r, very nice explaination! And its work fine. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.