Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- login with username or email address in php
- $username=$_REQUEST['login'];
- $email=$_REQUEST['login'];
- $password=$_REQUEST['password'];
- if($username && $password) {
- $query="select * from user_db where username='$username' and password='$password'";
- } else if ($email && $password) {
- $query="select * from user_db where email='$email' and password='$password'";
- }
- $login=$_REQUEST['login'];
- $query = "select * from user_db where ( username='$login' OR email = '$login') and password='$password'"
- $username=$_REQUEST['login'];
- $email=$_REQUEST['login'];
- $username=$_REQUEST['username'];//I'm assuming your code here was wrong
- $email=$_REQUEST['email'];//and that you have three different fields in your form
- $password=$_REQUEST['password'];
- if (validate_username($username)) {
- $query="select * from user_db where username='".$username".' and password='".validate_password($password)."'";
- } else if (validate_email($email)) {
- $query="select * from user_db where email='".$email."' and password='".validate_password($password)."'";
- }
- //... elsewhere...
- function validate_username(&$username) {
- if (strlen($username) <= 1) { return false; }
- //return false for other situations
- //Does the username have invalid characters?
- //Is the username a sql injection attack?
- //otherwise...
- return true;
- }
- function validate_email(&$email) {
- //same deal as with username
- }
- function validate_password(&$password) {
- //same deal as with username
- }
Add Comment
Please, Sign In to add comment