PHWinfo - Afficher un message

14/03/2008, 19h00

On Mar 14, 2008, at 12:51 PM, TG wrote:

>
> I think the first thing I'd check is why you'd have more than one
> row being
> returned. Is this a problem with some other part of the system?
> Bad data
> import? Not checking for unique users when creating them?
> Something
> like that.

The username's will be unique... Still need to make that change to the
DB but they will be.

The main reason I'm doing it this way, is if I don't put in some kind
of a check on the authentication then it pops up a mysql error saying
that there is a problem with my syntax... instead of NOT logging them
in... So I thought if I checked to make sure that the query only
returned 1 row, it would match up and I could do some error checking
based on that...

>
>
> If you do everything you can to prevent the possibility of multiple
> users,
> then you can still check for multiple results if you want, maybe
> send an
> email to yourself, but for the sake of not frustrating your users,
> just
> take the first result and compare the login to that. The worst
> that'll
> happen is they won't match and the user won't get logged in. Best
> case is
> they get logged in and you won't get an annoyed user calling you.

>
>
> -TG
>
> ----- Original Message -----
> From: Jason Pruim <japruim@raoset.com>
> To: PHP General List <php-general@lists.php.net>
> Date: Fri, 14 Mar 2008 12:12:56 -0400
> Subject: [php] Is this the best way?
>
>> Hi everyone,
>>
>> I am attempting to add a little error checking for a very simple
>> login
>> system. The info is stored in a MySQL database, and I am using mysqli
>> to connect to it. I have it working with the solution provided below,
>> but I am wondering if this is the right way to do it or if there is a
>> better way?
>>
>> My thinking with this is if more then 1 record is returned from the
>> database, then there is a issue... If only is returned then the
>> username/password matched and I can safely show them the info...
>>
>> $rowcnt = mysqli_num_rows($loginResult);
>> if($rowcnt !="1"){
>> echo "Auth failed";
>> die("Auth failed... Sorry");
>>
>>
>>
>> }else{
>> while($row1 = mysqli_fetch_array($loginResult)) {
>> $_SESSION['user'] = $row1['loginName'];
>> $_SESSION['loggedin'] = "YES";
>> $table = $row1['tableName'];
>> $adminLevel = $row1['adminLevel'];
>> $authenticated = "TRUE";
>> echo "<BR>authentication complete";
>> }
>> return Array($table, $authenticated, $adminLevel);
>
>

--

Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424-9337
www.raoset.com
japruim@raoset.com

14/03/2008, 19h00	#2
Jason Pruim Messages: n/a Hébergeur:	Re: [PHP] Is this the best way? On Mar 14, 2008, at 12:51 PM, TG wrote: > > I think the first thing I'd check is why you'd have more than one > row being > returned. Is this a problem with some other part of the system? > Bad data > import? Not checking for unique users when creating them? > Something > like that. The username's will be unique... Still need to make that change to the DB but they will be. The main reason I'm doing it this way, is if I don't put in some kind of a check on the authentication then it pops up a mysql error saying that there is a problem with my syntax... instead of NOT logging them in... So I thought if I checked to make sure that the query only returned 1 row, it would match up and I could do some error checking based on that... > > > If you do everything you can to prevent the possibility of multiple > users, > then you can still check for multiple results if you want, maybe > send an > email to yourself, but for the sake of not frustrating your users, > just > take the first result and compare the login to that. The worst > that'll > happen is they won't match and the user won't get logged in. Best > case is > they get logged in and you won't get an annoyed user calling you. > > > -TG > > ----- Original Message ----- > From: Jason Pruim <japruim@raoset.com> > To: PHP General List <php-general@lists.php.net> > Date: Fri, 14 Mar 2008 12:12:56 -0400 > Subject: [php] Is this the best way? > >> Hi everyone, >> >> I am attempting to add a little error checking for a very simple >> login >> system. The info is stored in a MySQL database, and I am using mysqli >> to connect to it. I have it working with the solution provided below, >> but I am wondering if this is the right way to do it or if there is a >> better way? >> >> My thinking with this is if more then 1 record is returned from the >> database, then there is a issue... If only is returned then the >> username/password matched and I can safely show them the info... >> >> $rowcnt = mysqli_num_rows($loginResult); >> if($rowcnt !="1"){ >> echo "Auth failed"; >> die("Auth failed... Sorry"); >> >> >> >> }else{ >> while($row1 = mysqli_fetch_array($loginResult)) { >> $_SESSION['user'] = $row1['loginName']; >> $_SESSION['loggedin'] = "YES"; >> $table = $row1['tableName']; >> $adminLevel = $row1['adminLevel']; >> $authenticated = "TRUE"; >> echo "<BR>authentication complete"; >> } >> return Array($table, $authenticated, $adminLevel); > > -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424-9337 www.raoset.com japruim@raoset.com