Re: Re: Beginners Problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Peter Westergaard wrote:

<snip>
You should probably check out http://php.net/mysql_query for more information on this function. The difference between "empty result" and "invalid query" is significant. Once you've determined that the query is valid, you must also then check to see if it returned any rows, possibly using a function like mysql_num_rows.
I usually skip the validity check and simply check for rows. But then I also write my code a little differently, which may be why it doesn't break. 

This is part of my login code:

 $chkuserquery = "SELECT userID
                  FROM $TB_USERS
                  WHERE `loginID`='$loginID' AND `password`='$password'
                  LIMIT 1";
 $chkuser = $db->query($chkuserquery);

 if($db->num_rows($chkuser)) {
   $userID = $db->result($chkuser,0);
   $ip = $_SERVER['REMOTE_ADDR'];
// update active session 
   $query = "UPDATE $TB_SESSIONS
             SET `userID`='$userID',`logintime`=NOW(),`loginIP`='$ip'
             WHERE `sessionID`='$sessionID'
             LIMIT 1";
   $result = $db->query($query);
$alert_level = 1; $alert_message = 'You are now logged in. Please remember to logout when done.'; 
 } else {
   $alert_level = 3;
   $alert_message = 'Username and/or password incorrect';
 }

May deserve some elaboration, as this is just a piece of a much bigger code.
$TB_USERS and $TB_SESSIONS are merely variables (constants) set earlier so that I can re-use the code more easily for different projects. $db is a simple database object that's merely a wrapper for the mysql functions. Inside $db, all the mysql functions have the or die() part set with mysql_errno() and mysql_error() which catches invalid queries.
I built my own sessions system, using the database and cookies. There's always a session active, that's why this part of the code doesn't check for it. I made it this way so I can run the login/logout script at any phase of the code, without having to worry about setting sessions and cookies before it sends the headers. 


FWIW

Rene

--
Rene Brehmer
aka Metalbunny
We have nothing to fear from free speech and free information on the Internet but pop-up advertising! 

http://metalbunny.net/
References, tools, and other useful stuff...

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [PHP Users]     [Postgresql Discussion]     [Kernel Newbies]     [Postgresql]     [Yosemite News]
  Powered by Linux