0

I am new to php.

I am doing login for user, then I would like to compare the username and password of the person when he/she login to every rows in my database table.

For this case, assume user= michael, pssword =1234

I got this:

    $username= "michael";
    $password= "1234";

include("includes/connect.php"); 
$mobile_user = "select * from mobileuser" ;
$query = mysqli_query ($conn, $mobile_user);

while($results = mysqli_fetch_array ($query)){
      $user_name = $results['mobile_user_name'];
      $pass = $results['mobile_user_pass'];

   }

However, this only compare to the last row of data in my database table.

For example, if username=michael n password=1234 is located in the last row of my database table, then login success, if it does not located at the last row, login failed.

Anyone can help?

Improve this question

3 Answers 3

Reset to default
0

You should modify your code as:

$username= "michael";
$password= "1234";
include("includes/connect.php"); 

$mobile_user = "SELECT * FROM mobileuser WHERE mobile_user_name='$username' AND mobile_user_pass='$password' LIMIT 0,1";

$query = mysqli_query ($conn, $mobile_user);
$result = mysqli_fetch_array ($query);

$user_name = $result['mobile_user_name'];
$pass = $result['mobile_user_pass'];

This should work like a charm. However a better version of this would be:

$username= "michael";
$password= "1234";
include("includes/connect.php"); 

$mobile_user = "SELECT count(*) as count FROM mobileuser WHERE mobile_user_name='$username' AND mobile_user_pass='$password'";

$query = mysqli_query ($conn, $mobile_user);
$result = mysqli_fetch_array ($query);

if($result['count'] > 0){
    echo "Match Found.";
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

If you want to check if a user's credential are valid, you should count the number of rows where they match ; if this is less than one, the credentials provided are invalid. SQL query :

SELECT COUNT(*) AS number, mobile_user_name, mobile_user_pass FROM mobileuser WHERE mobile_user_name = 'someusername' AND mobile_user_pass = 'somepass'

Note that you should prevent your code from SQL injections, and you may want to store hashed passwords in your database to avoid stocking them in cleartext.

Improve this answer

Comments

0

give this a go: 

require_once ('con.php');

        $q = "SELECT `password` FROM `tbl_where_user_is` WHERE `tbl_row_username` = '$username'";
        $r = mysqli_query($db_connnect, $q);
        $row = mysqli_fetch_array($r);

        $r = mysqli_query ($db_connnect, $q);   

        if(mysqli_num_rows($r)==1)
        {   
            echo $username; 
        }else{
            echo "user not found";
        }
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.