My application currently connects to MySQL and performs this query:
select nickname
from users
where nickname = '$nick' and password = '$pass'
$nick and $pass are inserted by the application.
I need to advance this query to do the following:
If the where nickname = '$nick' and password = '$pass' returns a row just return the row as usual.
If the where nickname = '$nick' and password = '$pass' return 0 rows, I need it to check whether the '$nick' is present, and it is the fact that '$pass' is wrong that there are 0 rows, if this is the case then return 0 rows, other wise if there is no '$nick' in the table, return the row anyway.
i.e. if nickname is in the table and the password is correct, or the nickname isn't in the table, return a row. Otherwise if nickname is in the table and the password is not correct, return 0 row.
Is this possible using MySQL?
Try this:
select nickname
from users
where nickname = '$nick' and password = '$pass'
union
select '$nick' as nickname
from users AS t1
where not (nickname = '$nick' and password = '$pass') and
not exists (select 1
from users
where nickname = '$nick')
Demo here
I wanted to make this two queries into one query. The purpose of the query is to check if the credentials match in either of the table "user_credentials" or "workers". How can I do so?
SELECT user_name FROM user_credentials WHERE user_name = '$user_email'
AND password = '$user_password'
SELECT user_name FROM workers WHERE user_name = '$user_email'
AND password = '$user_password'
try this
SELECT user_name FROM user_credentials WHERE user_name = '$user_email' AND password = '$user_password'
union
SELECT user_name FROM workers WHERE user_name = '$user_email' AND password = '$user_password'
then check mysqli_num_rows or mysql_num_rows
This is my table
And this is my php query code
// Check for unique username
$quser = "SELECT user_id FROM users
WHERE (username = '$u' AND email = 'e')
";
$ruser = mysqli_query($dbc, $quser) or die("MySQL error: " . mysqli_error($dbc) . "<hr>\nQuery: $quser");
if(mysqli_num_rows($ruser) == 0 ){
//do the INSERT INTO query
$q = " INSERT INTO users (lang_id, username, pass, email, active, registration_date)
VALUES ( '$l','$u', SHA1('$p'), '$e', '$a', NOW() )
";
}else{
echo 'That email address has already been registered.';
}
When I test it by entering the duplicate email address into the HTML form (assumed that the form validation is good), it returns error as shown below:
MySQL error: Duplicate entry 'email#domain.com ' for key 3
---------------------------------------------------------
Query: SELECT user_id FROM users WHERE (username = 'dsfdsf' AND email = 'e')
And of course, the value is NOT entered into the table yet.
These are the solutions I have been trying:
1/ I removed the unique indexes for username and email, data gets inserted, but still duplicated, which i NEVER expect.
2/ I tried duplicate username, but not email, the same error returns.
The question in my head now is why does it NOT returns my customized error message as in }else{ part, but the one generated by server or so?
Can you help? Thanks
Chaging your request to
$quser = "SELECT user_id FROM users
WHERE username = '$u'
or email = '$e'
";
should do the trick.
You missed a $ at email as well as this query only returned values if both are set... so only duplicate email or duplicate username wouldn't be catched.
Maybe you can catch these kind of errors with some exception handling to avoid bad luck on timing (2 processes are inserting data at the same time).
$ruser = mysqli_query($dbc, " SELECT * user_id FROM users
WHERE username like '$u' or email like '$e' ");
in the select Query Email should be $e and not just e
try
$res=mysql_query("select * from users
where username like '$u' or email like '$e' ");
if(mysql_num_rows($res)==0)
mysql_query(" insert into users
(lang_id, username, pass, email, active,registration_date) values
('$l','$u','$p','$e','$a',NOW()) ");
else
echo "Duplicate entry";
This may be the Error
Oh the problem is that you have user_id in your table as primary and it should be not be null , even user_level cannot be NULL, hence everytime you insert a new row you should insert a value for user_id and user_level
mysql_query(" insert into users
(lang_id, username, pass, email, active,registration_date,user_id,user_level)
values('$l','$u','$p','$e','$a',NOW(),$userid,'$user_level') ");
hope this solves your problem
I am working on Zend Framework, got 1 problem in query, i want to fetch userid from tbl_user & want to check record with And in where clause
here is my query
$sql=$this->select()->from(users)->where('email = ? ', trim($email) , 'password = ?', md5(trim($password)) );
when i am printing query it prints
select * from users where email = 'test#gmail.com';
i want to print query like
select * from users where email = 'test#gmail.com' AND password='123456';
thanks in advance
You were close. You just need to call the where() method twice:
$this->select()->from(users)->where('email = ?', trim($email))
->where('password = ?', md5(trim($password)));
im using hibernate with my jsp page and mySQL ,how can i do that select * from student wher userName = *** with HQL
and how i chek if that username exist in 'Student' table ?
in my sql i use that
ResultSet resultat = statement.executeQuery();
if (resultat.next()) { ....}
i try this
Session hibernateSession = MyDB.HibernateUtil.currentSession();
hibernateSession.find("select xxx from Etudinat where p.Nom=xxxx");
its give me a list but
i have a login form send me a username and password
i want to chek if that username exist in the table Student to set the user on a session
what is the safty way to do that
I could not paste code into the comment. Try the following HQL:
from Etudinat where Nom = 'xxxx'
Even better, pass the username as a parameter.
Per OP request, code snippet based on the comments:
Query q = hibernateSession.createQuery("from Etudinat where Nom = :username");
q.setParameter("username", xxxx);
Etudinat e = q.uniqueResult();