OK,
Here's what I have.
This is my simple form.

<form action="log_test.php" method="post">
<input type="text" name="username">
<input type="password" name="password">
<input type="submit" name="submit" value="Log in">

</form>

and here is my script

$query = "SELECT userId, password FROM table";

$result = mysql_query($query);

while($row = mysql_fetch_array($result))
{
	echo $row['userId'];
	echo $row['password'];
}

I got it pulling up and printing everything in the database, but how can I take the user input and see if it matches one in the database.

I don't think it works the way I'm doing it, maybe because I am trying to match one user input to all the database.
But that's just a guess.
Thanks
Dan

Member Avatar for michelleradu

Firstly, you have to retrieve (and validate) the values entered in the form, something like this:

$user=$_POST['username'];
      $pass=$_POST['password'];

and then add a WHERE clause to your SELECT statement:

$query = "SELECT userId, password FROM table WHERE userId='$user' AND password='$pass'";
<?php
$username = $_POST['username'];
$password = $_POST['password'];

if (!$username or !$password) {
    echo 'make sure you entered the required fields';
    exit(0);
}

$query = "SELECT password FROM table WHERE userId = '$username'";
$dbarray = mysql_fetch_array($query);

if ($password == $dbarray['u_passwd']) {
		echo 'Password match'; 
} else {
		echo 'Password Fail'; 	
                exit(0);
}
?>

You will probably want to increase the security of your login script by using encryption and other validation... But let's do it one step at a time!

There is error occurs while execution of above program.
mysql_fetch_array() function is not valid.

Member Avatar for michelleradu

You have to add this line right before you try to fetch an array (it practically executes your query):

$resource = mysql_query($query) or die(mysql_error());

Once your MySQL resource is ready you use mysql_fetch_array:

$dbarray = mysql_fetch_array($resource);
Member Avatar for rajarajan2017
uid=$_POST['username'];
pwd=$_POST['password'];
$query = "SELECT * FROM table where userId='$uid' and password='$pwd'";
$result = mysql_query($query);

if (mysql_num_rows($result) > 0) { 
echo "Match Found";
while($row = mysql_fetch_array($result))
{
	echo $row['userId'];
	echo $row['password'];
}
}else echo "No Match Found";
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.