Aureole Posted March 26, 2008 Share Posted March 26, 2008 Ok, basically, I taught myself PHP by reading tutorials and taking apart other people's code, not sure if other people have done the same, but anyway... No doubt, a lot of the code I used to taught myself was old and/or outdated. When I'm approaching login, this is basically what I do. <?php $ln = md5( $_POST['login_name'] ); $pa = md5( $_POST['password'] ); $query = "SELECT * FROM `members` WHERE `login_name` = '{$ln}' AND `password` = '{$pa}'"; $result = mysql_query( $query ); if( $result ) { echo( 'Login successful.' ); } else { echo( 'Login unsuccessful.' ); } ?> Now that's all fine and dandy and it has always worked for me, but now I've started to use classes and functions it doesn't work out. <?php $ln = md5( $_POST['login_name'] ); $pa = md5( $_POST['password'] ); $db->select( '*', 'members', array( 'mem_lname' => $ln, 'mem_pass' => $pa ) ); $db->exec_query(); /* $exec_query performs mysql_query() on the query created with $db->select and returns it within $db->result Now the problem is, the following statement always evaluates to true */ if( $db->result ) { echo( 'Login successful.' ); } else { echo( 'Login unsuccessful.' ); } /* If I get rid of the above statement and do this: $db->fetch_assoc(); var_dump( $db->assoc ); ...it works as expected, so my query is well formed and is being executed echo( $db->result ); would produce a resource id, unless of course I enter incorrect details and $db->assoc contains all the data from the database, again, unless I enter incorrect details. */ ?> So what should I do to check if the login was successful, now that if( $db->result) doesn't work? Link to comment https://forums.phpfreaks.com/topic/97972-right-way-to-go-about-logging-in/ Share on other sites More sharing options...
trq Posted March 26, 2008 Share Posted March 26, 2008 This approuch is floored. <?php $ln = md5( $_POST['login_name'] ); $pa = md5( $_POST['password'] ); $query = "SELECT * FROM `members` WHERE `login_name` = '{$ln}' AND `password` = '{$pa}'"; $result = mysql_query( $query ); if( $result ) { echo( 'Login successful.' ); } else { echo( 'Login unsuccessful.' ); } ?> mysql_query returns true if your query is successfull, not if it finds results. There is a difference. You would need to use... <?php $ln = md5( $_POST['login_name'] ); $pa = md5( $_POST['password'] ); $query = "SELECT * FROM `members` WHERE `login_name` = '{$ln}' AND `password` = '{$pa}'"; if ($result = mysql_query( $query )) { if(mysql_num_rows($result)) { echo( 'Login successful.' ); } else { echo( 'Login unsuccessful.' ); } } ?> Other than that, theres not much we can help you with. Simply stating something doesn't work gives us nothing. We need to see the relevent code. Link to comment https://forums.phpfreaks.com/topic/97972-right-way-to-go-about-logging-in/#findComment-501292 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.