On Mar 14, 2008, at 5:40 PM, TG wrote:

>
> Then it's the other query (with the ORDER BY) that you want to look
> at to fix
> the SQL error.
>
> Don't forget to use (assuming MySQL) mysql_real_escape_string() on all
> variables being used in the SQL query. That'll prevent a
> problem with
> single quotes or other bad characters showing up in your variables and
> breaking your SQL. Not to mention the security benefits.

All that's taken care of... The issue is though, that that query is
getting run even when the login wasn't successful... When you log in
with the proper username/password that query runs just fine...

>
>
> -TG
>
> ----- Original Message -----
> From: Jason Pruim <japruim@raoset.com>
> To: "TG" <tg-php@gryffyndevelopment.com>
> Cc: "PHP General List" <php-general@lists.php.net>
> Date: Fri, 14 Mar 2008 17:11:40 -0400
>
>>> Ok so the next thing to check is your query. Maybe echo it out so
>>> you can
>>> see what's actually attempting to execute.
>>
>> echo from my actual query
>> SELECT * FROM current WHERE loginName='japruim' AND
>> loginPassword='mybadpassword' LIMIT 0,1;
>>>
>>>
>>> I don't see an "ORDER BY" in the SQL listed below.
>>
>> The ORDER BY actually comes from a different query that should ONLY
>> be
>> done AFTER successful login... It's actually related to the sorting
>> of
>> the records that should be retrieved.
>
>