View Full Version : Log in form, almost working, just needs a bit of work, but have got stuck

06-22-2010, 11:08 AM
Hello All,

I have a php script that i use along with a flex front end. I have become a little stuck with my script thou.

The code is as follows

$hostname_conn = "localhost";
$username_conn = "";
$password_conn = "";

$conn = mysql_connect($hostname_conn, $username_conn, $password_conn);


//mysql_real_escape_string POST'ed data for security purposes
$user = mysql_real_escape_string($_POST["user"]);
$pass = mysql_real_escape_string($_POST["pass"]);

//a little more security
$code_entities_match = array('--','"','!','@','#','$','%','^','&','*','(',')','_','+','{','}','|',':','"','<','>','?','[',']','\\',';',"'",',','.','/','*','+','~','`','=');
$user = str_replace($code_entities_match, "", $user);
$pass = str_replace($code_entities_match, "", $pass);

$query = "SELECT * FROM usernames WHERE username = '$user' AND password = '$pass'";

$result = mysql_query($query);

$logged = mysql_num_rows($result);

if ($logged == 1)
echo "<status>true</status>";
echo "<status>false</status>";

My database has three fields, "username" "password" and "level"

Now at the moment my scirpt ignores the third field "level" and allows log in if their data is in the database "username" and "password". Now what i want to be able to do, is when the script returns the value <status>true</status> i would also like to return the value of the "level" field for that given user, could anyone help me out with this please?

06-22-2010, 11:35 AM
echo "<status>true</status> Your level is: ".$result['level'].".";

06-22-2010, 11:54 AM
Thank you for the reply !

ALthough one small problem, because i am feeding this back into flex, i need the output slightly different.

I need the output like this.

<level> "The RESULT OF LEVEL HERE </level>

i want just the text their, but when ever i put text inside the <level> tags, php takes any text inside at normal text, and ignores any code . . .

ANy suggestions how to get around it ?