Mysql PHP Error - Login Validation -
good day gents
busy frustrating myself here. busy trying write simple login script validates login against database.
however keep on getting:
warning: mysql_fetch_array() expects parameter 1 resource, boolean given in
here code.... when run query on sql workbench works 100%
<?php // grab user submitted information $email = $_post['users_email']; $pass = $_post['users_pass']; // connect database $con = mysql_connect('localhost','root',''); // make sure connected succesfully if(! $con) { die('connection failed'.mysql_error()); } // select database use mysql_select_db('arctecs',$con); $result = mysql_query('select users_email, users_pass users users_email = $email'); $row = mysql_fetch_array($result); if($row['users_email']==$email && $row['users_pass']==$pass) echo'you validated user.'; else echo'sorry, credentials not valid, please try again.'; ?>
this not correct
'select users_email, users_pass users users_email = $email' better way
"select users_email, users_pass users users_email = '$email'" need wrap string data in single quote.
the post data directly being used in query not good. start using pdo prepared statements avoid sql injections or at-least sanitize data as
$email = $_post['users_email']; $pass = $_post['users_pass']; $con = mysql_connect('localhost','root',''); // make sure connected succesfully if(! $con) { die('connection failed'.mysql_error()); } $email = mysql_real_escape_string($email);
Comments
Post a Comment