PHWinfo - Afficher un message

10/07/2007, 06h34

cover wrote:

> So as I look at this again, perhaps the user logs in their first name
> and in the table password_tbl a password exists that corresponds with
> their first name. So is that:
>
> $query="SELECT * FROM $table WHERE
> firstname_column='{$_POST['firstname']}'" AND;
> password_column='{$_POST['password']}'";
> $res=mysql_query($query);
> if(!mysql_num_rows($res)) {
> echo "sorry, the wrong password";
> exit;
> }
> echo "Wow, you know the password";

Yes, in the case you want that the user will be using both a login name and
password, if you only want a password, you have to see that the password is
unique, otherwise the users can be mixed up (while using login+pass the
likelihood is a lot less that you have two persons with the same login and
password, of course you should see to have only one user for each
username/login you use).

--

//Aho

10/07/2007, 06h34	#4
J.O. Aho Messages: n/a Hébergeur:	Re: Passwording a PHP page cover wrote: > So as I look at this again, perhaps the user logs in their first name > and in the table password_tbl a password exists that corresponds with > their first name. So is that: > > $query="SELECT * FROM $table WHERE > firstname_column='{$_POST['firstname']}'" AND; > password_column='{$_POST['password']}'"; > $res=mysql_query($query); > if(!mysql_num_rows($res)) { > echo "sorry, the wrong password"; > exit; > } > echo "Wow, you know the password"; Yes, in the case you want that the user will be using both a login name and password, if you only want a password, you have to see that the password is unique, otherwise the users can be mixed up (while using login+pass the likelihood is a lot less that you have two persons with the same login and password, of course you should see to have only one user for each username/login you use). -- //Aho