Hi all,
I need some advice as to how to manage a user login system using PHP and
MySQL. Currently, I have the following table:
+-------------+--------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+-------------+--------------+------+-----+---------+----------------+
| MemberID | bigint(20) | | PRI | NULL | auto_increment |
| MemberFname | varchar(30) | | | | |
| MemberLname | varchar(40) | | | | |
| Login | varchar(8) | | | | |
| Password | varchar(32) | | | | |
| Bio | text | YES | | NULL | |
| Address | varchar(127) | YES | | NULL | |
| City | varchar(40) | YES | | NULL | |
| State | char(2) | YES | | NULL | |
| Zip | int(5) | YES | | NULL | |
| Phone | varchar(20) | YES | | NULL | |
| Cell | varchar(20) | YES | | NULL | |
| Email | varchar(40) | YES | | NULL | |
+-------------+--------------+------+-----+---------+----------------+
And my PHP function looks like this:
function login($user, $pass)
{
// Validate the fields passed in
if(($user == "") || ($pass == ""))
{
$status = array('code' => -1,
'msg' => '[ERROR] Invalid form'
);
return $status;
}
// Build the query
$query = "select
MemberID,
MemberFname,
MemberLname,
Login,
Password
from
band
where
Login = '$login' and
Password = MD5('$password'))";
$this->query($query) or die"[ERROR] Could not login: ".mysql_error());
// Loop through all of the records, and push into an assoc array
while($this->nextRecord())
{
$User[] = $this->Record;
}
// Return the results
return $User;
}
My question is, is this the best way to be doing this? I would love
some feedback and suggestions as to perhaps better methods to do this.
The database is on a hosted account, so I don't have access or privs to
change configurations or add real MySQL users.
Thanks!
-Erich-
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
