php - SQL code for checking user log in data -

-

I want to type a code to login the user's username and password to log in, but only every time Successfully logs in to run it: 

  & lt; PHP $ Conn = mysql_connect ('localhost', 'root'); If (! $ Conn) died ("Could not connect". Mysql.error ()); Mysql_select_db ('swimsafe'); If (isset ($ _ post ['chkdbforpass'])); {$ Email = $ _ POST ['chkdbforemail']; $ Pass = $ _ post ['chkdbforpass']; $ Sql ​​= 'Select * From user where email address = "$ email" and password = "$ pass";; $ Result = mysql_query ($ sql, $ conn); If (! $ Result) died ("Could not query". Mysql_error ()); Echo ("successfully logged in!"); Setcookie ('username', $ email); } Mysql_close (); ? & Gt;

Is it enough or do you have more information?

mysql _ * is excluded please PDO Or use MySQLi .

An OAP to check logins using mysqli (this also takes care of the prevention of SQL injection) The method is: 

  & lt ;? Php // connect $ mysqli = new mysqli ("localhost", "my_user", "my_password", "my_database"); If (mysqli_connect_errno ()) {printf ("Connect failed:% s \ n", mysqli_connect_error ()); Go out(); } // Prepare a prepared statement ($ stmt = $ mysqli- & gt; Create ("Choose COUNT (*) as the user name as the user where email address =? And password =?") {/ / Bind Ultimate - SQL Injection Troubleshoot $ '_POST [' chkdbforemail ']:' ', isset ($ _ POST [' chkdbforpass']) $$ _POST ['chkdbforpass']  carry about (); // result result row $ result = $ stmt-> Get_result (); $ Line = $ result- & gt; Fetch_assoc (); // check login if login ("$ sign ['userExists']) & amp; amp; and (int) $ line ['userExists'] & gt; = 1) {// login login" Echo; } Else {// login error "email address and / or password is incorrect."; } // Close statement $ stmt-> Close (); } // Close connection $ mysqli- & gt; Close (); ? & Gt;

Comments

Post a Comment

Popular posts from this blog

import - Python ImportError: No module named wmi -

-
I followed the instructions for downloading WMI for Python When I try to run the code for C.Win32_Service (StartMode = "Auto", state = "Stopped") import wmi c = wmi.WMI (): if Raw_input ("restart% s?"% S.Caption) .upper () == "Y": s.StartService () I got the error < Code> traceback (most recent call end): file ". \", Line 1, edit: I am using Python 2.7.6 EDIT2: I am running 64-bit Windows 2008 R2, and I've downloaded WMI-1.4.9.zip (md5). I removed the content and put it in D: Python \ Tools \ Scripts I executed dragon setup.py.install I said D : \ Python \ tools \ scripts to% PATH% and when I execute the code for C.Win32_Service (StartMode = "Auto", state = "Stopped") import wmi c = Wmi.WMI (): If raw_input ("Restart% s?"% S. Caption). () == "Y": s.StartService () error me Gets traceback (most recent call final): File ". See \", line 1, &
Read more

Editing Python Class in Shell and SQLAlchemy -

-
I am working on the terminal on a shell script after this tutorial SQLAlchemy tutorial. I need to type gt; & Gt; & Gt; Sqlalchemy import column, integer, string & gt; & Gt; & Gt; Class user (base): __tablename__ = 'users' id = column (integer, primary_key = true) name = column (string) absolute name = column (string) password = column (string) def __repr __ (self): return "& lt ; User (name = '% s', absolute name = '% s', password = '% s') & gt; "% (Self.name, self.fullname, self.password) After the problem I have typed the password = column (string) I hit twice and changed .... >> I then took everything back but then an error was thrown because the class already exists ... I am not completely sure how to fix it. How do I open that slip in the shell script and edit it (Add DF to DRR) The error thrown below: / user / giripeters / TFSQLLX / Lib / python2.7 / site-packages / sqlalchemy / ext / decla
Read more

c# - MySQL Parameterized Select Query joining tables issue -

-
I am using parameterized select questions in conjunction with my program and it works entirely, When I try to join the table Everything I have done is a small fraction: using (MySqlCommand cmd = new MySqlCommand (paramQuery) ToSql (), Connection)) /etc/ paramQuery.ToSql () Equal: "Select TableOne ID, Tableon, Department, Tablet. One by name table, Table 2 h Yes TableOnEID = @Pharmak "* / for (Int Index = 0; Index and Lt; ParamariX Parameter (.c calculation; Index ++) Cmd.Parameters.AddWithValue (paramQuery.Parameters (). ElementAt (index). , ParamQuery.Parameters (). ElementAt (index) .Value); / * ParamQuery.Parameters (). ElementAt (index) .k = "@most 0" paramQuery.Parameters (). ElementAt (index) .Value = "tableTwo.ID" * / MySqlDataReader Reader = cmd.ExecuteReader (); While (reader.Read ()) {// do stuff} } One of the tables I attempt to join is For the table, two with the same id for all. Is there something that I'm doing wrong?
Read more