0

I am wondering if we could have one variable equals two string values? I made a login form which is not required username, only requires password. if the password matches, then it displays the the right person name. I fully understand this is not a right way or a secure way to do login form, but this form will only internally for 5 people use.

inside the php file, I set the $username = "PersonName"; the form only requires password, if the password is correct, this person could login and the name "PersonName1" on the page. I use mysql 

$result = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password_encrypt '");

If I want to add another PersonName2 can I have $username="PersonName1" || $username = "PersonName2";

or if someone could give me some ideas? Many thanks

olo
  • 5,225
  • 15
  • 52
  • 92

5 Answers5

2

Yes, use the OR operand in your SQL query:

SELECT * FROM users WHERE (username='$username' OR username='$username2') AND password='$password_encrypt '
1

You can also use the IN clause:

SELECT * 
FROM users 
WHERE username IN ('$username', '$username2')
    AND password='$password_encrypt'
hjpotter92
  • 78,589
  • 36
  • 144
  • 183
0

Its possible to check for X OR Y in mysql, just make sure you use parenthesis to separate your conditions.

SELECT * FROM users WHERE (username='$firstName' || username='$secondName') AND password='$password_encrypt '
jtavares
  • 449
  • 2
  • 9
0

OR is available to use in MYSQL

   SELECT * FROM users WHERE (username='$username' OR username='$username2') AND password='$password_encrypt '
Shijin TR
  • 7,516
  • 10
  • 55
  • 122
0

If the user doesn't require a username then in the SQL query just search for a matching password, then using PHP you can 

while($user = mysql_fetch_assoc($result)){ /* check for a good username?? */ }

Also, mysql_* has been deprecated, research MySQLi or PDO for best practices.

Jono20201
  • 3,215
  • 3
  • 20
  • 33