Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Basically, I’ve changed something in my php login code and now when I log in, the MySQL requires that the case matches?!
$match = "select * from users where username = '".$username."' and password = '".$password."';";
echo $match;
If my username’s CaSe doesn’t match the database then it doesn’t return any rows.
If a user registers as ADMIN then I want them to be able to log in as “admin” or “AdMiN” etc. any ideas?
Many thanks 🙂
The collation for that column has changed, I guess. See this MySQL page about case sensitivity in string comparison to learn more. To insulate yourself from problems like that, something like:
is the usual trick. As others have observed, though, understanding how collation works in the database and using it appropriately is the best solution. Getting the database collation right and relying on it should allow the database to use any index on the username column, rather than scanning the table.
And also make sure that you’re avoiding SQL injection attacks — what happens in your current code if a user enters a username containing a single quote?
You may also want to consider what characters you’ll allow as usernames, and what character set you’re using — is “René” a valid username? Will it successfully pass from your front-end, through the database and back out unmolested by character set problems? Joel Spolsky’s excellent article on Unicode is probably worth a read at some point.