StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
15410966
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
4
CommunityOwnedDate
CreationDate
2013-03-14T13:41:14.930
FavoriteCount
0
LastActivityDate
2013-03-14T14:37:30.190
LastEditDate
2013-03-14T14:37:30.190
LastEditorUserId
1667004
OwnerUserId
1667004
ParentId
15410850
PostTypeId
2
Score
0
ViewCount
0
LastEditorDisplayName
text
Body
<code>Please help! SOS</code> Yep, you're in deep sh... But not for what you'd expect... Even if your code was operating well, you are the 5th or 6th who asks roughly the same question, riddled with <a href="http://en.wikipedia.org/wiki/SQL_injection" rel="nofollow">SQL injection</a> in a PHP login form using the deprecated mysql_ functions... And also, <code>$guery</code> is not the same as <code>$query</code>... Check for the q and g letters... This line: <pre><code>$guery = mysql_query("SELECT * FROM UserAccount WHERE email_address = '$email_address'"); </code></pre> Should be at least <pre><code>$query = mysql_query("SELECT * FROM UserAccount WHERE email_address = '".mysql_real_escape($email_address)."'"); </code></pre> to both be correct, and avoid injection... But you should really be using prepared statements through PDO, like this: <pre><code>try { //open connection, this is different than in the old functions $dbh = new PDO('mysql:host=localhost;dbname=test', $user, $pass); //***running query //**step1: create statement $stmt = $dbh->prepare('SELECT * FROM UserAccount WHERE email_address = :email'); //notice parameter prefixed with ':' //**step2: bind values (be sure to also check out the bindParameter() function too!) $stmt->bindValue(':email', $email_address); //**step3: exexcute statement $stmt->execute(); //**step4: process results $result = $stmt->fetch(PDO::FETCH_OBJ); if($result->PASSWORD==$password) { //logged in, do whatever reuqired } $dbh = null; //don't let it slip out of our hands } catch (PDOException $e) { print "Error!: " . $e->getMessage() . " "; die(); } </code></pre> Also, another word of caution: don't store plaintext passwords. Even storing MD5 hashes is out of scope these days, and SHA1 is also declared to be weak...
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POPHP login issues
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. USppeterka
UserOwnerUserId
1. USppeterka
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. This table or related slice is empty.
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.