php - Username MUST exist in database to create login -
i created login page of dreamweaver, , want make username field must match username in sql database in order create password. not familiar , unsure on need require existing username , add password username row in database.
here php code created dreamweaver: connection database exists, know not present in below code. works fine normal registration page, don't want being able register.
<?php if (!function_exists("getsqlvaluestring")) { function getsqlvaluestring($thevalue, $thetype, $thedefinedvalue = "", $thenotdefinedvalue = "") { if (php_version < 6) { $thevalue = get_magic_quotes_gpc() ? stripslashes($thevalue) : $thevalue; } $thevalue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($thevalue) : mysql_escape_string($thevalue); switch ($thetype) { case "text": $thevalue = ($thevalue != "") ? "'" . $thevalue . "'" : "null"; break; case "long": case "int": $thevalue = ($thevalue != "") ? intval($thevalue) : "null"; break; case "double": $thevalue = ($thevalue != "") ? doubleval($thevalue) : "null"; break; case "date": $thevalue = ($thevalue != "") ? "'" . $thevalue . "'" : "null"; break; case "defined": $thevalue = ($thevalue != "") ? $thedefinedvalue : $thenotdefinedvalue; break; } return $thevalue; } } // *** redirect if username exists $mm_flag="mm_insert"; if (isset($_post[$mm_flag])) { $mm_dupkeyredirect="userexists.php"; $loginusername = $_post['username']; $loginrs__query = sprintf("select username users username=%s", getsqlvaluestring($loginusername, "text")); mysql_select_db($database_user_information, $user_information); $loginrs=mysql_query($loginrs__query, $user_information) or die(mysql_error()); $loginfounduser = mysql_num_rows($loginrs); //if there row in database, username found - can not add requested username if($loginfounduser){ $mm_qschar = "?"; //append username redirect page if (substr_count($mm_dupkeyredirect,"?") >=1) $mm_qschar = "&"; $mm_dupkeyredirect = $mm_dupkeyredirect . $mm_qschar ."requsername=".$loginusername; header ("location: $mm_dupkeyredirect"); exit; } } $editformaction = $_server['php_self']; if (isset($_server['query_string'])) { $editformaction .= "?" . htmlentities($_server['query_string']); } if ((isset($_post["mm_insert"])) && ($_post["mm_insert"] == "register")) { $insertsql = sprintf("insert users (username, password) values (%s, %s)", getsqlvaluestring($_post['username'], "text"), getsqlvaluestring($_post['password1'], "text")); mysql_select_db($database_user_information, $user_information); $result1 = mysql_query($insertsql, $user_information) or die(mysql_error()); $insertgoto = "login.php"; if (isset($_server['query_string'])) { $insertgoto .= (strpos($insertgoto, '?')) ? "&" : "?"; $insertgoto .= $_server['query_string']; } header(sprintf("location: %s", $insertgoto)); } mysql_select_db($database_user_information, $user_information); $query_user_request = "select * users"; $user_request = mysql_query($query_user_request, $user_information) or die(mysql_error()); $row_user_request = mysql_fetch_assoc($user_request); $totalrows_user_request = mysql_num_rows($user_request); ?>
simply may check
$loginusername = $_post['username']; $loginrs__query = sprintf("select username users username='$loginusername'", getsqlvaluestring($loginusername, "text")); if query gives result after further logic
Comments
Post a Comment