API tools faq
paste
Guest User

Untitled

a guest
Aug 2nd, 2018
119
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.32 KB | None | 0 0
raw download clone embed print report
  1. PHP/SQL Select Statement Does Not Work
  2. <form action="checknumbers.php" method="post">
  3.  
  4. <table width="50%" border="0">
  5. <tr>
  6. <td><label for="ni">National Insurance Number</label>
  7. </td>
  8. <td><span id="sprytextfield1">
  9. <input type="text" name="ni" id="ni" />
  10. <span class="textfieldRequiredMsg">*</span><span class="textfieldMaxCharsMsg">*</span></span></td>
  11. </tr>
  12. <tr>
  13. <td><br /><label for="ref">Reference Number</label>
  14. </td>
  15. <td><br /><span id="sprytextfield2">
  16. <input type="text" name="ref" id="ref" />
  17. <span class="textfieldRequiredMsg">*</span></span></td>
  18. </tr>
  19. <tr>
  20. <td>&nbsp;</td>
  21. <td><br /><br /><input name="" type="submit" value="Continue" /></td>
  22. </tr>
  23. </table>
  24.  
  25. </form>
  26.  
  27. <?php
  28. $host="localhost"; // Host name
  29. $username="**"; // Mysql username
  30. $password="**"; // Mysql password
  31. $db_name="***"; // Database name
  32. $tbl_name="public"; // Table name
  33.  
  34. // Connect to server and select databse.
  35. mysql_connect("$host", "$username", "$password")or die("cannot connect");
  36. mysql_select_db("$db_name")or die("cannot select DB");
  37.  
  38.  
  39. $ni=$_POST['ni'];
  40. $ref=$_POST['ref'];
  41.  
  42. // To protect MySQL injection (more detail about MySQL injection)
  43. $ni = stripslashes($username);
  44. $ref = stripslashes($password);
  45. $ni = mysql_real_escape_string($username);
  46. $ref = mysql_real_escape_string($password);
  47.  
  48. $sql="SELECT * FROM $tbl_name WHERE ni ='$ni' AND ref='$ref' AND active = 'not_activated'";
  49. $result=mysql_query($sql);
  50.  
  51. // Mysql_num_row is counting table row
  52. $count=mysql_num_rows($result);
  53. // If result matched $myusername and $mypassword, table row must be 1 row
  54.  
  55. if($count==1){
  56.  
  57. header("location:securityquestion.php");
  58. }
  59.  
  60. else {
  61.  
  62. echo '<hr><h4>Your National Insurance Number Or Reference Number Does Not Match</h4><hr><a href="register.html">Please try Again</a>';
  63. }
  64. ?>
  65.  
  66. $ni=$_POST['ni'];
  67. $ref=$_POST['ref']; // To protect MySQL injection (more detail about MySQL injection)
  68. $ni = stripslashes($username);
  69. $ref = stripslashes($password);
  70. $ni = mysql_real_escape_string($username);
  71. $ref = mysql_real_escape_string($password);
  72.  
  73. $ni= mysql_real_escape_string( stripslashes( $_POST['ni'] ) );
  74. $ref= mysql_real_escape_string( stripslashes( $_POST['ref'] ) );
  75.  
  76. $ni = stripslashes($username);
  77. $ref = stripslashes($password);
  78.  
  79. $ni = stripslashes($ni);
  80. $ref = stripslashes($ref);
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!