-1
 <?php
include "config.php";
?>

<?php 
    $username = $_POST['username'];
    $password = $_POST['password'];
?>

<?php

    $sql = "SELECT username FROM usr";
    $resultuser = $conn->query($sql); 
    $conn->close();



    $sql = "SELECT password FROM usr";
    $resultpass = $conn->query($sql);
    $conn->close();

?>

<?php
if ($resultuser == $username) {
    if($resultpass == $password) {
        echo "test";
    } else {
        echo "Wrong user or pass"   ;
    }
}


?>

Php won't send a query to mysql to check if the variable (username, and password) matches one of the rows in my mysql database. I'm not sure what else to do also config.php is the file which contains the code to connect to my mysql server.

Ch33ky
  • 31
  • 7

1 Answers1

0

you have to iterate over the obtained result as 

 $result = $conn->query($sql);
 $resultUser= "";
 if ($result->num_rows > 0) {
     // output data of each row
     while($row = $result->fetch_assoc()) {
        $resultUser =$row['username ']; 
    }
 }

and you are doing it wrong. In order to check where the username and password match the database entry should be like :

select * from user_table 
where username = 'pass_the_user_name' and password='user_password';

If this returns a row, that means this is a valid user else invalid credentials or anything.

Danyal Sandeelo
  • 12,196
  • 10
  • 47
  • 78
  • This was from a long time ago, it did work but I have completely redesigned what I was using it for and changed lots. – Ch33ky Jan 29 '16 at 16:56