On Mar 14, 2008, at 5:40 PM, TG wrote:
Then it's the other query (with the ORDER BY) that you want to look
at to fix
the SQL error.
Don't forget to use (assuming MySQL) mysql_real_escape_string() on all
variables being used in the SQL query. That'll help prevent a
problem with
single quotes or other bad characters showing up in your variables and
breaking your SQL. Not to mention the security benefits.
All that's taken care of... The issue is though, that that query is
getting run even when the login wasn't successful... When you log in
with the proper username/password that query runs just fine...
-TG
----- Original Message -----
From: Jason Pruim <japruim@xxxxxxxxxx>
To: "TG" <tg-php@xxxxxxxxxxxxxxxxxxxxxx>
Cc: "PHP General List" <php-general@xxxxxxxxxxxxx>
Date: Fri, 14 Mar 2008 17:11:40 -0400
Ok so the next thing to check is your query. Maybe echo it out so
you can
see what's actually attempting to execute.
echo from my actual query
SELECT * FROM current WHERE loginName='japruim' AND
loginPassword='mybadpassword' LIMIT 0,1;
I don't see an "ORDER BY" in the SQL listed below.
The ORDER BY actually comes from a different query that should ONLY
be
done AFTER successful login... It's actually related to the sorting
of
the records that should be retrieved.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
