Problem On Creating an online games with PHP
I have a small problem concerning with the PHP. I am currently in the process of creating an online game with my colleague and I have a small problem for the registration page.
The problem is that I always returned the correct user name and message saying I am not registered (provisional message) = damage
following is the code:
PHP Code:
<? php
session_start ();
require zone_membres_conf.php;
/ / Database connection
mysql_connect ($ mysql_host, $ mysql_login, $ mysql_password) OR die ( <p> connect to the database. Please try again later. </ p>);
mysql_select_db ($ mysql_base) OR die ( Could not select <p> the basis </ p>);
$ request_pseudo = mysql_query ( 'SELECT FOR pseudo members WHERE username ='. $ _POST [ 'form_login'].'');
$ request_mdp = mysql_query ( 'SELECT pass for members');
$ request_style = mysql_query ( 'SELECT style for members');
$ pseudo_login = mysql_query ( 'SELECT username, password, style for members');
$ aff_style = mysql_query ( 'SELECT style for members');
if (isset ($ _POST [ 'form_login']) AND isset ($ _POST [ 'choice']) AND isset ($ _POST [ 'form_passe']))
(
if ($ _POST [ 'form_login']! = NULL AND $ _POST [ 'choice']! = NULL AND $ _POST [ 'form_passe']! = NULL)
(
if (($ _POST [ 'form_login'])! == ($ requete_pseudo))
(
echo 'damage';
)
else
(
echo 'hello. $ _POST' [' form_login '];
)
else
echo 'Your connection to fail, maybe you don \' have not filled all the fields';
)
else
echo 'your connection has failed for some unknown reason later';
)
Re: Problem On Creating an online games with PHP
Hi,
- The lack mysql_fetch_array (or mysql_fetch_row)
- you will find all the mdp / style and login to your base, without filter in relation to pseudo returned
- The only complaint you or filter, you will not protect your bases (replace $ _POST'mavar '] by mysql_real_escape_string ($ _POST [' myvar]))
Re: Problem On Creating an online games with PHP
Code:
* The lack mysql_fetch_array (or mysql_fetch_row)
* you will find all the mdp / style and login to your base, without filter in relation to pseudo returned
* The only complaint you or filter, you will not protect your bases (replace $ _POST'mavar '] by mysql_real_escape_string ($ _POST [' myvar]))
Thank you for your answer.
I am a beginner and I understand not all:
What is mysql_real_escape_string?
And I try to use mysql_fetch_array it does not work at all.
