Just Checking

[ATM]

I recently started learning mysql and haven't been able to set it up yet, but I was wondering if the following code will work;

<?php $mysql_servername="" ?><?php $mysql_username="" ?><?php $mysql_password="" ?><?php $mysql_database="" ?><?php $mysql_tablename="" ?><?php $mysql_fieldname="" ?><?php $mysql_password_field="" ?><?php $mysql_xml_reference="" ?><?php $username=$_POST["username"]; ?><?php $password=$_POST["password"]; ?><?php $connect = mysql_connect( $mysql_servername, $mysql_username , $mysql_password ); ?><?php mysql_select_db( $mysql_database , $connect ); ?><?php $login = "SELECT * from $mysql_tablename WHERE $mysql_fieldname='$username'"; ?><?php $fetch_array = mysql_fetch_array($login)); ?><?php if ($fetch_array['$mysql_password_field']="$password"){$xml_reference=$fetch_array['$mysql_xml_reference'];} ?><?php mysql_close($connect); ?>

The code is firstly meant to connect to my sql, then get the username and password send from a form, it's then ment to look to see if the username exists in the table of data and if it does it's meant to check to see if the passwords match and then if they do it's meant to get another field, which will contain a url and put that url into a variable.Thanks,

[www.mihalism.com]

First of all you only need one bracket and you did not end your variables with ;Here i made it more clean and it should work

 <?php $mysql_servername=""; $mysql_username=""; $mysql_password=""; $mysql_database=""; $mysql_tablename=""; $mysql_fieldname=""; $mysql_password_field=""; $mysql_xml_reference=""; $username=$_POST["username"]; $password=$_POST["password"]; $connect = mysql_connect( $mysql_servername, $mysql_username , $mysql_password ); mysql_select_db( $mysql_database , $connect ); $login = "SELECT * from ".$mysql_tablename." WHERE ".$mysql_fieldname."='".$username'.""; $fetch_array = mysql_fetch_array($login)); if ($fetch_array['$mysql_password_field']="$password"){ $xml_reference=$fetch_array['$mysql_xml_reference']; } mysql_close($connect);  ?>

[ATM]

Cheers,

[justsomeguy]

if ($fetch_array['$mysql_password_field']="$password"){There are two things wrong with that. The first one is that you use single quotes, and single quotes do not do variable replacement. So it is using the string "$mysql_password_field" for the array index. Secondly, you are using the assignment operator, so you are setting the value of $fetch_array['$mysql_password_field'] equal to whatever is contained in the $password variable. So the if statement is always true. You need to be using comparison instead of assignment, and there's also no point to have quotes around a single variable.if ($fetch_array[$mysql_password_field] == $password){

[ATM]

So is this ok?

<?php$mysql_servername="";$mysql_username="";$mysql_password="";$mysql_database="";$mysql_tablename="";$mysql_fieldname="";$mysql_password_field="";$mysql_xml_reference="";$username=$_POST["username"];$password=$_POST["password"];$connect = mysql_connect( $mysql_servername, $mysql_username , $mysql_password );mysql_select_db( $mysql_database , $connect );$login = "SELECT * from ".$mysql_tablename." WHERE ".$mysql_fieldname."=".$username."";$fetch_array = mysql_fetch_array($login);if ($fetch_array[$mysql_password_field] == $password){$xml_reference=$fetch_array[$mysql_xml_reference];}else {header("Location: http://www.yourdomain.co.uk/");}mysql_close($connect);?>

[justsomeguy]

I don't know if it's "ok", I don't know what you're trying to do with it. If it runs and does what you want, then it's ok. If it gives an error message, then it's not ok. If whatever column you are checking in your SQL statement is a character column, then you will need to surround the value you are checking with quotes.