Login condition with user or email in the same field

Question

Login condition with user or email in the same field

Navigation

#1 by (4 votes)
#2 by (2 votes)
#3 by (0 votes)
#4 by (0 votes)

5

I am creating a system for schools, where the teacher, when registering, inserts data such as name, email, user and password. So far the teacher can log in with email, but I wish I could login with the name too (I made changes but this is giving error because I do not know how to create the condition).

LOGIN PAGE:

<form method="post" action="login2.php">

  <div id="pagina">
  <p align="left">Digite seu Email:
  <input type="text" name="login" id="login"  value="" />
</p>

  <p>Digite sua senha:
  <input type="password" name="senha" id="senha" />

  </p>
  </p>
  <p>
  <input type="submit" class="tooltip-inner" value="Fazer Login" />
  <div id="erro">
  <?php echo isset($_REQUEST["erro"]) ? $_REQUEST["erro"]: ""?>
  </div>
  <a href="recuperacao.php">Esqueceu sua senha?</a>
  </p>
  <p>Não tem uma Conta?<a href="cadastro.php">Criar usuario. </a></p>
  <p>

  </p></form>

LOGIN CONFIRMATION PAGE:

    <?php
include "CONEXAO.php";

 $login= $_REQUEST["login"];
 $senha = $_REQUEST["senha"];

 $sql = "select * from professor where login= :email ou login= :usuario and senha= :senha";

 $result = $conexao->prepare($sql);
 $result ->bindValue(":email", $email);
$result ->bindValue(":usuario", $usuario);
 $result ->bindValue(":senha", $senha);
 $result ->execute();

 $qtde = $result->rowCount();

 if ($qtde ==1)
 {
     session_start();
     $linha = $result->fetch(PDO::FETCH_ASSOC);
     $_SESSION["cod.professor"] = $linha ["cod.professor"];
     $_SESSION["nome"] = $linha ["nome"];

     header("location: perfil.php");
 }
 else
 {
     header("location: login.php?erro=E-mail ou senha invalidos.");
 }

?>

php mysql email login

asked by anonymous 09.05.2018 / 15:45

4 answers

Concept of deadlock in Java What is Feature Driven Development (FDD)?

score 4 · Answer 1

When you have more than one valid condition, you usually use OR , but you have to be careful about grouping:

SELECT * FROM professores WHERE (:login=email OR :login=usuario) AND senha= :senha;

Without the parentheses you can have serious problems on one side of the OR validate only by the login, without considering a password when the user is not provided:

SELECT * FROM professores WHERE :login=email OR :login=usuario AND senha= :senha;
--                              ^^^^^^^^^^^^
--                                    | Se isso for verdadeiro, o resto das condições
--                                    | acaba sendo ignorado e a pessoa loga sem senha

The simplest way:

The simplest is to use IN , and this is true for as many fields as you want:

SELECT * FROM professores WHERE :login IN (email, usuario) AND senha= :senha

Regardless of what was asked, storing the password in the DB is always a bad idea. See more links below:

How to do encrypted password queries in the database?

How to safely have password hash?

score 2 · Answer 2

In your query try to do it this way

$sql = "select * from professor where (login= :email or login= :usuario) and senha= :senha";

There is no condition OU the condition you should use is OR

score 0 · Answer 3

First, you must specify which fields in your teachers table corresponds to the email and login field. So the query should be

$sql = "select * from professor where login= :login or email= :login and senha= :senha";

As I'm not very familiar with : to represent a value, in the form of a variable, it would look like this:

$sql = "select * from professor where login='$login' or email='$login' and senha= $'senha'";

login or should be the search condition of the two fields because you used the variable there above to request the input information and stored in this variable:

$login= $_REQUEST["login"];

score 0 · Answer 4

I was able to solve the errors that were the variables in the result, the code looks like this:

$login = $_REQUEST["login"];
 $senha = $_REQUEST["senha"];

 $sql = "select * from professores where (email= :login or usuario= :login) and senha= :senha";

 $result = $conexao->prepare($sql);
 $result ->bindValue(":login", $login);
 $result ->bindValue(":senha", $senha);
 $result ->execute();

Thank you