cluce Posted May 2, 2007 Share Posted May 2, 2007 here is the code I am using but it will not echo their name. Does anybody have any suggestions on how to do this correctly? <?php $sql = "SELECT f_name, l_name FROM auth_users WHERE username = '".$_POST["username"]."' AND password = PASSWORD('".$_POST["password"]."')"; ?> <?php echo "Welcome", $sql; ?> Link to comment https://forums.phpfreaks.com/topic/49655-trying-to-greet-the-user-by-first-name-and-lastname-when-they-log-in/ Share on other sites More sharing options...
monk.e.boy Posted May 2, 2007 Share Posted May 2, 2007 Please read this for your site safety: http://en.wikipedia.org/wiki/Sql_injection Are you passing this SQL string to the database and looking at the results? <?php $sql = "SELECT f_name, l_name FROM auth_users WHERE username = '".$_POST["username"]."' AND password = PASSWORD('".$_POST["password"]."')"; $query = mysql_query( $sql, $connection ); if( $row = mysql_fetch_array( $query ) ) { echo 'Welcome '. $row['f_name'] .' '. $row['l_name']; } ?> monk.e.boy Link to comment https://forums.phpfreaks.com/topic/49655-trying-to-greet-the-user-by-first-name-and-lastname-when-they-log-in/#findComment-243448 Share on other sites More sharing options...
trq Posted May 2, 2007 Share Posted May 2, 2007 You really ought to do some tutorials on fetching data from a database. Your code does nothing but sets a string to a variable. <?php <?php $sql = "SELECT f_name, l_name FROM auth_users WHERE username = '{$_POST["username"]}' AND password = '{$_POST["password"]}'"; if ($result = mysql_query($sql)) { if (mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); echo "Welcome {$row['f_name']} {$row['l_name']}<br />"; } else { echo "No user found"; } } else { echo "Query failed<br />$sql<br />" . mysql_error(); } ?> PS: I removed the use of the PASSWORD function form your query as it should NOT be used to store passwords. It is an internal mysql function, not intended for use. Link to comment https://forums.phpfreaks.com/topic/49655-trying-to-greet-the-user-by-first-name-and-lastname-when-they-log-in/#findComment-243450 Share on other sites More sharing options...
cluce Posted May 2, 2007 Author Share Posted May 2, 2007 Thanks. I plan on getting a book. Link to comment https://forums.phpfreaks.com/topic/49655-trying-to-greet-the-user-by-first-name-and-lastname-when-they-log-in/#findComment-243460 Share on other sites More sharing options...
trq Posted May 2, 2007 Share Posted May 2, 2007 Theres a free online book in my signiture. Link to comment https://forums.phpfreaks.com/topic/49655-trying-to-greet-the-user-by-first-name-and-lastname-when-they-log-in/#findComment-243470 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.