php mysql login error

Question

this is my php script for reading a user details in my table, i wonder why it returns "No user found " message when executing in postman. could u please help me in findinhg the solution for this.

h dont know whether what am i doing now is correct or not, please do guide me in a right way

    if ((isset($_POST["username"])) && (isset($_POST["password"]))) 
       {
    $username = $_POST['username'];
    $password = $_POST['password'];

    // get a user from register table
$result = mysql_query("SELECT *FROM register WHERE username = $username AND    password = $password");
if (!empty($result)) {
    // check for empty result
    if (mysql_num_rows($result) > 0) {

        $result = mysql_fetch_array($result);

        $user = array();
        $user["id"] = $result["id"];
        $user["username"] = $result["username"];
        $user["name"] = $result["name"];
        $user["email"] = $result["email"];
        $user["password"] = $result["password"];
        $user["bike_name"] = $result["bike_name"];              
        $user["bike_no"] = $result["bike_no"];
        // success
        $response["success"] = 1;
        $response["message"] = "Logged in as".$user["username"];
        // user node
        $response["user"] = array();

        array_push($response["user"], $user);

        // echoing JSON response
        echo json_encode($response);
    } else {
        // no user found
        $response["success"] = 0;
        $response["message"] = "No User found";

        // echo no users JSON
        echo json_encode($response);
    }
} else {
    // no user found
    $response["success"] = 0;
    $response["message"] = "No user found";

     echo json_encode($response);
      }
    } else {
      // required field is missing
    $response["success"] = 0;
     $response["message"] = "Required field(s) is missing";

      // echoing JSON response
       echo json_encode($response);
      }
    ?>

First give a space between * and **from** in your query. You had given like this **SELECT *FROM**. It should be **SELECT * FROM** — Ganesh Radhakrishnan, Feb 10 '17 at 18:11
Did you check whether you're getting correct values in `$username` and `$password` or not? — Rajdeep Paul, Feb 10 '17 at 18:13
You're wide open for SQL injection, and your variables need to be quoted. mysql_* functions are removed in PHP7 and deprecated in previous versions because they are horribly insecure and open to SQL injection. Switch to [PDO](https://secure.php.net/manual/en/pdo.prepared-statements.php) or [mysqli](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php), and take advantage of prepared statements so you don't have to worry about quoting your variables. — aynber, Feb 10 '17 at 18:13
http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php — Ganesh Radhakrishnan, Feb 10 '17 at 18:15

php mysql login error

0 Answers0