Member Avatar for NA

hi everyone i need help in my query while user login.

<?php

$username = $_POST["username"];
$password = $_POST["password"];

$con = oci_connect("user","pswrd","db");
if(! $con)
{
    die('Connection Failed'.oci_error());
}
$query = "SELECT username, password FROM users
WHERE username=$username";

$stmt = oci_parse($conn, $query);

$row = oci_fetch_array($stmt, OCI_NUM);;

if($row["username"]==$username && $row["password"]==$password)
    echo"You are a validated user.";
else
    echo"Sorry, your credentials are not valid, Please try again.";
?>

i got error which is that
oci_fetch_array(): ORA-24374: define not done before fetch or execute

  • 2 Contributors
  • 5 Replies
  • 584 Views
  • 2 Hours Discussion Span
  • Latest Post Latest Post by rproffitt
Member Avatar for NA

kindly guide me in my code why its not working?

Edited by NA
Member Avatar for rproffitt
  1. For starters are you sure you can break lines 11 and 12?

  2. Where is the OCI execute?
    Example at http://php.net/manual/en/function.oci-fetch-array.php

  3. How are you going to avoid breaking one of the cardinal rules about passwords?

It's rather scary what I see folk code today.

Member Avatar for NA

no sir explain in which line i need to change to a perfect code

Member Avatar for rproffitt

Sorry, I've yet to see perfect code. But I did try to share why your system is broken in both a missing line plus why it's a bad idea to store passwords.

I can only guess you didn't check the example in the PHP document link I shared.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.