|
Mysql Data Retrieval
hey guys, i have a quick question... im trying to get into databasing with php and wrote this piece of code
PHP Code:
<?php
//set variables
$user = $_POST[UserName];
$pass = $_POST[Password];
$flag = 0;
//checks if variables are set and passed correctly
echo "$user " . $pass;
// Begins mysql connection
$con = mysql_connect("localhost","root","polerty");
if (!$con) { //if could not connect
die ("Connection Error: " . mysql_error());//kill script and display error
} else { //if connection succesful, display connection succesful
echo "<br>connection successful";
}
mysql_select_db("users",$con); // Selects the Database we're working with and connects using var con
$results = mysql_query("SELECT Usernames FROM members"); //sets var results to the mysql query command
/* the while loop continues while it is set true (while there are rows to fetch) the rows get set to
an array called var users and can be called by the name of array and the name of the column/index
ie. (array[columnName]) */
while($users = mysql_fetch_array($results))
{
//if the var user (the users input) equals the fetched array (the stored information)
if ($user == $users['Usernames'])
{
$flag=1;//then set the flag to one
}
}
// if the flag is set to 1, then display error message along with the form
if ($flag == 1){
echo "Username already taken <br>";
include("index.html");
//if its not set to 1, then store the users input into the database
} else {
//if theres an error while trying to add the username and password to the database, then display it
if(!mysql_query("INSERT INTO members (Usernames, Passwords) VALUES ('$user','$pass')"))
echo mysql_error();
}
mysql_close($con); // close mysql connection
?>
i know its long im sry.. im new to this and i don't know which parts you guys need to see but i was looking around and stumbled on this piece of code
PHP Code:
$result=mysql_query("select * from users
where username='" . $_SESSION['username'] . "' and password='" . $_SESSION['password'] . "'");
// retrieve number of rows resulted
$num=mysql_num_rows($result);
// print login form and exit if failed.
if($num < 1){
echo "You are not authenticated. Please login.<br><br>
<form method=POST action=index.php>
username: <input type=text name=\"username\">
password: <input type=password name=\"password\">
<input type=submit>
</form>";
exit;
}
my question is, which script would be more efficient? the one that checks the tables to see if its in the listing or the one that uses the mysql check. any pros and cons?
|
