Imtehbegginer Posted December 16, 2006 Share Posted December 16, 2006 My code:[code]<?php// LOGINinclude 'includes/connect.php';$query_select_login = mysql_query("SELECT username FROM accounts WHERE username = '".$_POST['username']."'");$query_rows = mysql_num_rows($query_select_login);// Check for the username above.// Now we check the rowsif($query_rows = 0) {die("There is no such username in the database.");} else {echo "";}$query_select_pass = mysql_query("SELECT password FROM accounts WHERE password = '".$_POST['password']."'");// THIS IS WHERE PHPFREAKS HELPS ME.[/code]How can I make the password select from the row of that username? Quote Link to comment Share on other sites More sharing options...
trq Posted December 16, 2006 Share Posted December 16, 2006 The question is why are you trying to do this in two queries? Try...[code=php:0]"SELECT username FROM accounts WHERE username = '{$_POST['username']}' && password = '{$_POST['password']}'"[/code]This gets it all done in one query. However, be aware that using the $_POST[] variables directly in your query like that opens your database to sql injections. You'll should clean and validate the data first. Quote Link to comment Share on other sites More sharing options...
emehrkay Posted December 16, 2006 Share Posted December 16, 2006 first off, never take user inputted data straight to the database the way you are doing. at least clean it up before you post it in your query.but to answer yoru question all you have to do is add AND username = '". $username . "' to your second query. //where $username = $_POST['username'] <--do some clean up at this point Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.