Domanda
Hi at the moment I am trying to create a login system but I am hitting a problem with setting privileges for the users this is the MySql statement that i am using to find out the username and password from phpMyAdmin database.
https://stackoverflow.com/questions/21531183
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
I was wondering if someone could help me edit this code so that I can echo or print the account_type to the page so i can use it within a PHP if statement to restrict what the users see.
I have tried
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' and account_type ='myaccount'";
$result=mysql_query($sql);
this is the full pages code
<?php
ob_start();
$host="127.0.0.0"; // Host name
$username="username"; // Mysql username
$password="password"; // Mysql password
$db_name="dbname"; // Database name
$tbl_name="table"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
$row = mysql_fetch_array($result);
print_r($row);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_start();
$_SESSION['username'] = $myusername;
$_SESSION['password'] = $mypassword;
//session_register("myusername");
//session_register("mypassword");
//echo "correct";
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>
Soluzione
You are missing mysql_fetch_array() call.
$sql = "SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result = mysql_query($sql);
$row = mysql_fetch_array($result);
After that you can access $row array; to see its contents use:
print_r($row);
To access specific field, use $row['fieldname']
Altri suggerimenti
You need to fetch that array from sql.
See the PHP manual
