Login with PHP and SQL


#1

Hey there,

so I have set up a database and established a connection. Up until here I know everything.
The issue is:
I can’t seem to figure out how I can for example if somebody types in a password and a username how to check if these two were given together.
like in a row: User:John Pswd:Smith
If somebody types in U:John and then Pswd:Smith that it is validated as right but
U:John Pswd:John as wrong.

Can someone please help me? How to update certain info on like a profile page to select the right person would be nice too.

Thanks,
ColeBrookstone


#2

All you need to achieve this is WHERE and AND:

// terrible query, but just to give you an idea
// DON'T USE THIS, its not secure (SQL injection)
"SELECT * FROM table WHERE User = ".$username." AND Pswd = ".$password

the WHERE clause can also be used for profile pages

now, i haven’t used PHP in ages, you will have to check how to make the code i provided secure.

just look into what WHERE and AND do, that should help you further :slight_smile:


#3

Thank you! I think now I kinda know how to start.


#4

just make sure you use better security then i did in the code sample


#5

Yeah I will. Just one question: What is that .$username for?
is it just as an example if my variable was named $username and is the dot necessary?


#6

yep

yes, its string concatenation:

http://php.net/manual/en/language.operators.string.php

but then again, don’t use this code. Just focus on WHERE and AND, and find the most recent PHP documentation to do it right


#7

Okay thank you. I am trying to make a login now. But thanks again.