This question already has an answer here:
Closed 10 years ago.
Possible Duplicate:
PHP PDO Username Availability Checker
I have a php script that checks the availability of a username (if it's taken already or not). But I want to compare the username typed in by the user and the usernames in the database in lowercase. I already put the input in lowercase, but how do I make the retrieved column in lower case. Here's the php script
<?php
$usr = strtolower($_GET['username']);
$link = new PDO('mysql:host=***;dbname=***;charset=UTF-8','***','***');
$usr_check = $link->prepare("SELECT * FROM Conference WHERE Username = :usr");
$usr_check->bindParam(':usr', $usr);
$usr_check->execute();
if($usr_check->rowCount()>0)
echo "false";
else
echo "true";
?>
How do i set the username column to lowercase, then compare it to $usr? Thanks
please try
SELECT * FROM Conference WHERE LOWER(Username) = :usr
http://www.sqlinfo.net/mysql/mysql_function_upper_lower.php
ok as you said on the comment below I recommend you to do the following.
convert your result into lowercase http://sqlfiddle.com/#!2/bd50e/1
convert your comparison string to the table into lowercase by using strtolower
now compare the results
You could use
SELECT * FROM Conference WHERE LOWER(Username) = :usr
as the query, but that would cost you the benefit of an index.
However, the comparison should be case insensitive anyways if the column uses a "ci" collation.
If you want to convert string to lower in MySQL use LOWER(str) function.
Related
include("src/database.php");#this included file works wll
$query=mysqli_query($conn,"SELECT * FROM students limit 1");
$data=mysqli_fetch_assoc($query);
echo "my hased data id ".$data["password"]." and Actual password is 12345678 <br />";
if(password_verify("12345678",$data["password"])){
echo "Finally this worked";
}else{
echo "THIS ALWAYS EXECUTES";
}
#now i cannot hardcode the data it sees it as a varaible inside of a string since it contains multiple $s
#this is the hashed data $2y$10$S/HjSwqh8QIjc
Another problem is that I can't hardcode the value into a variable. It conatins multiple $s so it sees them as another variable in a string. What should I do about this?
As you said in the comments you store the password in a column with a mac length of 10. If you read the documentation of the password_hash function you will see the column length need to be at least 72 characters long.
So changing the max length of your column will probably solve your problem
This question already has answers here:
How can I prevent SQL injection in PHP?
(27 answers)
How can I accept a hash mark in a URL via $_GET?
(4 answers)
Closed 4 years ago.
I have this website where users can enter stable names to compete in games against other members. Usually it's fine as I can just escape or use addslashes to handle apostrophes and other such characters. What I am having an issue with is when users use a hash/pound/number sign in the stable name like the first example below or a bunch of special characters like the second example below...
#a new rising
ΔMi−1 = −αΣn=1NDi[n][Σj∈C{i}Fji[n - 1] + Fexti[[n-1]]
When this goes over as part of a url to a second page and the stable is a appended to the URL to be used as a GET variable to pull details from the database, nothing is returned. I have tried using urlencode, rawurlencode, and percent encoding on the $stable variable as is suggested in other questions on this site but nothing seems to work. Below is a sample of the code that has the issue...
Referring URL --- mydomain.com/stable.php?stable=#a new rising&season=59
Code for stable.php...
$stable = addslashes($_GET["stable"]);
$season = $_GET['season'];
echo $stable;
$sql = "SELECT total, wins, loss, ties FROM History_Stables WHERE stable = '$stable' AND season = '$season'";
$res = $link->query($sql);
$arr = $res->fetch_array();
$pts = $arr[total];
$w = $arr[wins];
$l = $arr[loss];
$t = $arr[ties];
And so on. What exactly am I missing here to get the hash/pound/number sign to be properly encoded as %23?
This question already has answers here:
Accessing random rows from database without repetition
(2 answers)
Closed 4 years ago.
from the past few days i have had this problem with a quiz scenario in created as part of my project. i wanted random questions to be asked but when i use the rand() function , the questions are being repeated. also i figured out that since its being done on the same page and every time the page refreshes, the random number is again selected thereby leading to this flaw! so i considered storing the value of the last random que_id in a session and generating a query like so:
enter code here <?php session_start();$jsqla=mysql_query("select que_id from mst_que");$jfeta=mysql_fetch_assoc($jsqla);session_start();$id=array($jfeta['id$_SESSION['id'][] = $id;$rs=mysql_query("SELECT * FROM `mst_que` WHERE que_id NOTIN ('id') ORDER BY RAND() ")
Please help me in this. I just want to create a session array where i want to store the previously generated random number and use it in query so that it is not repeated again. please
Store it in a variable and unset it from the array of questions:
function get_question($questions)
{
$question = rand($questions);
$questionKey = array_search($question, $questions);
unset($questions[$questionKey]);
return $question;
}
Try creating an array and then assign it to any session variable, for example:
$quizQuestions[] = $questionId;
$_SESSION['question'] = $quizQuestions;
In case you want to update the value, simply fetch it and assign new value and update it in the same variable again:
$quizQuestions = $_SESSION['question'];
$quizQuestions[] = $questionId;
$_SESSION['question'] = $quizQuestions;
Make sure that you have a session started first, add the following code to the very start of this script:
if(!isset($_SESSION)) {
session_start();
}
This question already has answers here:
How to check if a row exists in MySQL? (i.e. check if username or email exists in MySQL)
(4 answers)
Closed 6 years ago.
I am modifying a web application that was built in PHP by another developer. Currently, if the user fills out a form and enters a username that is already being used, it displays the MySQL error Duplicate entry 'fred' for key 'username' on a new page. I want to make it so that an error message is displayed on the same page, so I'm trying to check if the username entered matches another username in the table, but I cannot get it to work. Any thoughts?
$username_entry = ($_POST['username']);
$username_match = mysql_query("SELECT * FROM business WHERE username='$username_entry'");
if (($_POST['username']) == $username_match ) {
// do something
}
first of all you're not returning anything from your query to check against. I query the db to see if any rows return with that username. $cnt is the number of rows so if that is greater than zero you have a duplicate.
$username_entry = ($_POST['username']);
$username_match = mysql_query("SELECT count(*) FROM business WHERE username='$username_entry'");
$cnt = mysql_num_rows($username_match);
if (($cnt > 0 ) {
// do something
}
I need to save a list of blocked words in mysql database and use my below code to block some words or phone numbers... Please help with a little example.
Thanks
$blocked_words=array("word1" ,"word2","word3");
$string_words=explode(" ", $_POST['text']);
$phone_words=explode(" ", $_POST['phone']);
$result = array_intersect($blocked_words, $string_words);
$result_phone = array_intersect($blocked_words, $phone_words);
You can generate an array from the blocked_words table and use it like above code you mentioned,
Or
May be what you think you want is something similar to
"SELECT word FROM blocked_words WHERE word == $Phone_num"
and check whether row count is 0 or not for determining whether it is blocked word?
I think i was not able to explain, but i have completed my requirement from one of a stackoverflow answers from another post
here is what i was required
$blocked_words=array();
$q="select words from blocked";
$rs=mysql_query($q);
while($rd=mysql_fetch_object($rs))
{
$blocked_words[]=$rd->words;
}
by this i got all words from table 'blocked' into $blocked_words, now i can use it further
Thanks