Home/ Questions/Q 692189
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-14T02:37:30+00:00

I tried this so far: <?php $error = ; $conn = pg_connect(host=localhost dbname=brittains_db user=brittains

  • 0

I tried this so far:

<?php

$error = "";

$conn = pg_connect("host=localhost dbname=brittains_db user=brittains password=XXXX" );

$sql = "SELECT * FROM logins";
$result = pg_query($conn, $sql);

if($_SERVER["REQUEST_METHOD"] == "GET") {
    $userName="";
    $password="";
}

else if($_SERVER["REQUEST_METHOD"] == "POST") {

    $userName=trim($_POST["userNameLogin"]);
    $password=trim($_POST["passwordLogin"]);

    if(pg_fetch_result($results, $userName, "userName")==true 
       && pg_fetch_result($results, $password, "userName")==true) {
        setcookie("userIDforDV", $userName, time()+43200);
    }
    else {
        $error = "Your username and or password is incorrect";
    }

}

$userName = $_COOKIE['userIDforDV'];

if(isset($userName) && $userName!="") {
    echo "Welcome " . $userName;
}

echo $error;

?>

<form action="<?php echo $_SERVER['PHP_SELF'];  ?>" method="post">
    <table>
        <tr>
            <td class="signupTd">
                User Name:&nbsp;
            </td>
            <td>
                <input type="text" name="userNameLogin" value="" size="20" />
            </td>
        </tr>
        <tr>
            <td class="signupTd">
                Password:&nbsp;
            </td>
            <td>
                <input type="password" name="passwordLogin" value="" size="20" />
            </td>
        </tr>
        <tr>
            <td class="signupTd" colspan="2">
                <input type="submit" name="submit" value="Submit"/>
            </td>
        </tr>
    </table>
</form>

That was the idea I came up with… but its probably a really bad idea and it doesn’t work… how might I go about this properly? I need really detailed descriptions please.

By the way, my SQL is:

CREATE TABLE logins(
    userName VARCHAR(25) NOT NULL PRIMARY KEY,
    password VARCHAR(25) NOT NULL,
    firstName VARCHAR NOT NULL,
    lastName VARCHAR NOT NULL,
    ageDay INTEGER NOT NULL,
    ageMonth INTEGER NOT NULL,
    ageYear INTEGER NOT NULL,
    email VARCHAR(255) NOT NULL,
    createDate DATE
);

and my registration form has already been made and is working and I do have users in my database, they just can’t login.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    check http://php.net/manual/en/function.pg-fetch-result.php ‘s comments.
    edit :
    password should be varchar(32) and use md5 passwords (or even better 64 and use sha1).
    also I’m not familiar with pgSQL in general, however IMO the correct way would be to use an sql query to check instead of using pg_fetch_result.

    $query = "SELECT * FROM logins WHERE userName = '$userName' AND password = md5('$password');";
$result = pg_query($conn, $query);
if(pg_num_rows($result) != 1) {
    // do error stuff
} else {
    // user logged in
}
    • 0