Home/ Questions/Q 9304245
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-18T23:39:58+00:00

I am completely new to MYSQL and PHP, so i just need to do

  • 0

I am completely new to MYSQL and PHP, so i just need to do something very basic.
I need to select a password from accounts where username = $_POST['username']… i couldn’t figure this one out, i keep getting resource id(2) instead of the desired password for the entered account. I need to pass that mysql through a mysql query function and save the returned value in the variable $realpassword. Thanks!

EDIT:
this code returned Resource id (2) instead of the real password
CODE:

<?php
$con = mysql_connect('server', 'user', 'pass'); 
if (!$con) 
{ 
    die('Could not connect: ' . mysql_error()); 
} 
echo '<br/> '; 

// Create table
mysql_select_db("dbname", $con);

//Variables

//save the entered values

$enteredusername = $_POST['username'];
$hashedpassword = sha1($_POST['password']);

$sql = "SELECT password from accounts where username = '$enteredusername'";

$new = mysql_query($sql,$con);

echo "$new";


if (!mysql_query($sql,$con))
{
  die('Error: ' . mysql_error());
}



mysql_close($con);

?>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I think your code looks something like this

    $realpassword = mysql_query("SELECT password 
     from accounts where username = '$_POST[username]'");
echo $realpassword;

    This will return a Resource which is used to point to the records in the database. What you then need to do is fetch the row where the resource is pointing. So, you do this (Note that I am going to use structural MySQLi instead of MySQL, because MySQL is deprecated now.)

    $connection = mysqli_connect("localhost", "your_mysql_username", 
    "your_mysql_password", "your_mysql_database") 
    or die("There was an error");
foreach($_POST as $key=>$val) //this code will sanitize your inputs.
    $_POST[$key] = mysqli_real_escape_string($connection, $val);
$result = mysqli_query($connection, "what_ever_my_query_is") 
    or die("There was an error");
//since you should only get one row here, I'm not going to loop over the result.
//However, if you are getting more than one rows, you might have to loop.
$dataRow = mysqli_fetch_array($result);
$realpassword = $dataRow['password'];
echo $realpassword;

    So, this will take care of retrieving the password. But then you have more inherent problems. You are not sanitizing your inputs, and probably not even storing the hashed password in the database. If you are starting out in PHP and MySQL, you should really look into these things.

    Edit : If you are only looking to create a login system, then you don’t need to retrieve the password from the database. The query is pretty simple in that case.

    $pass = sha1($_POST['Password']);
$selQ = "select * from accounts 
    where username = '$_POST[Username]' 
    and password = '$pass'";
$result = mysqli_query($connection, $selQ);
if(mysqli_num_rows($result) == 1) {
    //log the user in
}
else {
    //authentication failed
}

    Logically speaking, the only way the user can log in is if the username and password both match. So, there will only be exactly 1 row for the username and password. That’s exactly what we are checking here.

    • 0