Oh sorry.. I didn't notice that.. anyway.. I want to know.. what to add to this code to make it also check the serial between the database (That users' row) and the GET variable before it echos anything.. so the UserName, Password and Serial must be the same for that user..
Waiting your reply.. regards.. ----- Original Message ----- From: "Miguel J. Jiménez" <[EMAIL PROTECTED]> To: "Radwan Aladdin" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Monday, January 19, 2004 9:29 PM Subject: Re: [PHP] Is this code right? > Radwan Aladdin wrote: > > >Hi all.. I made this code for the login.php page.. it will compare A value from the users machine (Serial) and with a value inside the database (In that users' row).. so after logging it will check if also this value is the same and then echo something..is the following code is right for that? : > > > > <?php > > > >$link = mysql_connect("localhost", "Database username", "Database password) or die("Could > >not connect: " . mysql_error()); > >mysql_select_db("Table name", $link); > > > >$UserName = $_GET['UserName']; > >$Password = $_GET['Password']; > >$Serial = $_GET['Serial']; > > > >$query = "SELECT Serial, Password from accounts where UserName='$UserName'"; > >$result = mysql_query($query) or die("Query errort: " . mysql_error()); > >$row = mysql_fetch_row($result) or die("User Not found: " . mysql_error()); > >$Serial = htmlspecialchars($row[0]); > > > > > mysql_select_db is for selecting the database and NOT the table, the > SELECT statement must be something like this: "select SOMETHING from > TABLE where WHERE_CLAUSE" > > > > ---------------------------------------------------------------------------- ---- > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php