1

I am trying to create a logging in system for my website. this is what i have.

    include('MYSQL_connect_userdata.php');
    $query = "SELECT * FROM userinfo WHERE username = '$username' AND password = '$password' ";
    $result = mysql_query($query) or die("cant find table");
    $count2 = mysql_num_rows($result);
    $resultarray = mysql_fetch_array($result);
    echo "SELECT * FROM userinfo WHERE username = '$username' AND password = '$password' ";

MYSQL_connect_userdata.php connects to the mysql server and selects the database.

When I paste the output of the echo "SELECT * FROM userinfo WHERE username = '$username' AND password = '$password' ";

phpmyadmin returns the row that i am looking for. (contains a username and password")

for some reason mysql_num_rows($result) is returning 0 even when the inputs are the correct values. the inputs are taken using $_POST like this at the top of the php file

$username = $_POST['username'];
$password = $_POST['password'];

If I change the query to exclude the "AND password = '$password' "; part then the page works as intended and mysql_num_rows returns 1.

any ideas whats going on? im rlly new to php so extra explaination would be appreciated. Thanks.

Improve this question
2
  • Your application is a call for SQL injection Commented Dec 7, 2012 at 2:14
  • Echo the query to see what it looks like in the script Commented Dec 7, 2012 at 2:15

1 Answer 1

Reset to default
1 
$con = mysql_connect("localhost", "peter", "abc123");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

$db_selected = mysql_select_db("test_db",$con);

$sql = "SELECT * FROM person";


//Your missing the connection , store in a variable
$result = mysql_query($sql,$con);

echo mysql_num_rows($result);

mysql_close($con);
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.