For Programmers: Free Programming Magazines  


Home > Archive > PHP DB > January 2008 > Re: [PHP-DB] Re: Beginners Problem









You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

 

Author Re: [PHP-DB] Re: Beginners Problem
Rene Brehmer

2008-01-11, 7:00 pm



Peter Westergaard wrote:
> <snip>
> You should probably check out http://php.net/mysql_query for more
> information on this function. The difference between "empty result"
> and "invalid query" is significant. Once you've determined that the
> query is valid, you must also then check to see if it returned any
> rows, possibly using a function like mysql_num_rows.
I usually skip the validity check and simply check for rows. But then I
also write my code a little differently, which may be why it doesn't break.

This is part of my login code:

$chkuserquery = "SELECT userID
FROM $TB_USERS
WHERE `loginID`='$loginID' AND `password`='$password'
LIMIT 1";
$chkuser = $db->query($chkuserquery);

if($db->num_rows($chkuser)) {
$userID = $db->result($chkuser,0);
$ip = $_SERVER['REMOTE_ADDR'];

// update active session
$query = "UPDATE $TB_SESSIONS
SET `userID`='$userID',`logintime`=NOW(),`lo
ginIP`='$ip'
WHERE `sessionID`='$sessionID'
LIMIT 1";
$result = $db->query($query);

$alert_level = 1;
$alert_message = 'You are now logged in. Please remember to logout
when done.';
} else {
$alert_level = 3;
$alert_message = 'Username and/or password incorrect';
}

May deserve some elaboration, as this is just a piece of a much bigger code.
$TB_USERS and $TB_SESSIONS are merely variables (constants) set earlier
so that I can re-use the code more easily for different projects. $db is
a simple database object that's merely a wrapper for the mysql
functions. Inside $db, all the mysql functions have the or die() part
set with mysql_errno() and mysql_error() which catches invalid queries.

I built my own sessions system, using the database and cookies. There's
always a session active, that's why this part of the code doesn't check
for it. I made it this way so I can run the login/logout script at any
phase of the code, without having to worry about setting sessions and
cookies before it sends the headers.


FWIW

Rene

--
Rene Brehmer
aka Metalbunny

We have nothing to fear from free speech and free information on the
Internet but pop-up advertising!

http://metalbunny.net/
References, tools, and other useful stuff...
Sponsored Links







Also available: Server administration forum archive | Web Design forum archive | Software forum archive | Hardware reviews archive

Copyright 2008 codecomments.com