Login through loginza

Question

Login through loginza

I am trying to allow my users to log in by email or by username. Currently, only the username is accepted. My working SQL looks like this:

$sql = "SELECT * FROM customers WHERE login = '".$username."' AND password = '".$password."'";

information:

$username is $_POST['username']
$password is md5($_POST['password'])

Now I would like to distribute it to an email address that a client can enter in his profile. My SQL looks like this:

 $sql = "SELECT * FROM customers WHERE (login = '".$username."' OR email = '".$username."') AND password = '".$password."'";

I will check this SQL with:

 $result = mysql_query($sql); mysql_num_rows($result)

But at the moment this does not work. If I use OR in my SQL, mysql_num_rows returns 0 . What could be the problem? Or is there another and better way to achieve this?

+6

php mysql

emjay May 08 '13 at 9:09

source share

5 answers

Saravanan Sampathkumar · Answer 1 · 2013-05-08T11:15:35+0000

Try it: Can the username have a username or email address on the right? Therefore, first check to see if the "@" character is in the username string.

it

 if(stripos($username,'@') !== FALSE){ $sql = "SELECT * FROM customers WHERE email = '".$username."' AND password = '".$password."'"; }else{ $sql = "SELECT * FROM customers WHERE login = '".$username."' AND password = '".$password."'"; }

Thus, if the condition is successful, the letter will be checked. Username will be verified

Stormix · Answer 2 · 2014-03-22T20:30:10+0000

Try this, I'm sure it will work:

$ sql = "SELECT * FROM customers WHERE login = '". $ username. "'| email ='". $ username. "And password = '". $ password. "'";

And to determine when the password is incorrect, or only login credentials:

add this:

if (mysql_num_rows ($ result) == 0) {echo 'Invalid username or password!';}

Red october · Answer 3 · 2013-05-08T09:30:59+0000

Maybe the problem is with characters?

 SELECT * FROM `customers` WHERE (LOWER(`login`)='" . strtolower($username) . "' OR LOWER(`email`)='" . strtolower($username) . "') AND `password`='" . $password . "'"

Abhik dey · Answer 4 · 2013-12-02T07:55:46+0000

  $sql = "SELECT * FROM customers WHERE EXISTS(select 1 from customers where login = '".$username."' OR email = '".$username."') AND password = '".$password."'";

Try this, I hope your problem is resolved.

user3801289 · Answer 5 · 2014-07-03T11:57:53+0000

You can just use 2 queries and or in the condition

 $query=mysql_query("select * from customers where user='$username' and password='$password'"); $query1=mysql_query("select * from customers where email='$username' and password='$password'"); if(mysql_num_rows($query)==1 || mysql_num_rows($query1)==1) { //YOUR CODE } else { //YOUR CODE }

Login through loginza

More articles: