I have a user password system where I need to 1) check a user

Question

0

Asked: May 27, 20262026-05-27T21:32:43+00:00 2026-05-27T21:32:43+00:00

I have a user password system where I need to 1) check a user

0

I have a user password system where I need to 1) check a user password against two potential passwords stored in the database and 2) if a match is found make sure the user email matches the user email stored in the row that had the matching password.

This the current mysql I have to pull the unique user on login:

$sql = "SELECT * FROM users WHERE email='$u' AND password='$p' OR password_two='$p'";

This works in the vast majority of cases but fails when multiple users have the same passwords – for example if multiple users have the password ‘123456’. I’m assuming this is because the AND OR setup I have above is incorrect.

I’m updated the sql query to the statement below:

$sql = "SELECT * FROM (SELECT * FROM users WHERE password='$p' OR password_two='$p') WHERE email = '$u' ";

This query doesn’t work for any users – Can someone help me identify where the query is going wrong?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-27T21:32:44+00:00

Editorial Team

2026-05-27T21:32:44+00:00Added an answer on May 27, 2026 at 9:32 pm

If I understand the question correctly, you’re looking for:

$sql = "SELECT * FROM users WHERE email='$u' AND (password='$p' OR password_two='$p')";

Without the parenthesis, it’s interpreted as:

$sql = "SELECT * FROM users WHERE (email='$u' AND password='$p') OR (password_two='$p')";

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have a user password system where I need to 1) check a user

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply