Source code example for Web Database Applications
Unless otherwise stated, the source code distributed with this book can be
redistributed in source or binary form so long as an acknowledgment appears
in derived source files.
The citation should list that the code comes from Hugh E.
Williams and David Lane, "Web Database Application with PHP and MySQL"
published by O'Reilly & Associates.
This code is under copyright and cannot be included in any other book,
publication, or educational product without permission from O'Reilly &
No warranty is attached; we cannot take responsibility for errors or fitness
// Test the username and password parameters
if (!isset($username) || !isset($password))
// Get the two character salt from the
// user-name collected from the challenge
$salt = substr($username, 0, 2);
// Encrypt the password collected from
// the challenge
$crypted_password = crypt($password, $salt);
// Formulate the SQL find the user
$query = "SELECT password FROM users
WHERE user_name = '$username'
AND password = '$crypted_password'";
// Execute the query
$result = @ mysql_query ($query,
// exactly one row? then we have found the user
if (mysql_num_rows($result) != 1)