I need help with this mysql


#1

Hello,

so i need some help with my code

<?php

include('db.php');

$action = $_GET['action'];

$username = $con->real_escape_string($_GET['username']);
$password = $con->real_escape_string(md5($_GET['password']));

if(!$action)
{
	echo "Please enter an action.";
}
else
{	
	if($action == "register")
	{
		if($query = $con->query("INSERT INTO users (username,password) VALUES ('$username','$password')"))
			
		{
			echo "1";
		}
		else
		{
			echo "0";
		}
	}
	else if($action == "login")
	{
		$query = $con->query("SELECT * FROM users WHERE username = '$username' and password = '$password'");
		$cnt = $query->num_rows;
		
		if($cnt > 0)
		{
			echo "1";
		}
		else
		{
			echo "0";
		}
	}
	else
	{
		echo "Invalid action.";
	}
}

?>

I need the code where i can have the user input a email. / can someone setup a ID system

i need the error code 3 to be password to short ( min 4charctors)
same with username but with error code 4 (min 4Charctors)

and error code 2 to be username/password allreday registerd

Please can u guys help:?


#2

Can I just say, do NOT use md5() for security. It's like leaving a door unlocked.
It's an easy access-point for brute-force attacks. Just a point for the future :slight_smile:


#3

how do i not use md5?


#4

You use something else for encryption, such as the PHP hashing system that's built-in.

And to answer the original question, I wouldn't use Codecademy for recruitment. This is a platform for helping people and solving their problems.


#5

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.