[User Login and Registration] Can't check if username exists
Posted: Tue Jun 21, 2011 11:30 am
So I've been following your tutorial, and everything seems to work, errors and verifying, except for the preventing of more then one of the same username.
<?php
error_reporting(1);
// checks if username is taken
function user_exists($user){
$user = mysql_real_escape_string($user);
$total = mysql_query("SELECT COUNT('id') FROM 'users' WHERE 'username' = '{$user}'");
return (mysql_result($total, 0) == '1') ? true : false;
}
// checks if username & pass are valid
function valid_credientials($user, $pass){
$user = mysql_real_escape_string($user);
$pass = sha1($pass);
$total = mysql_query("SELECT COUNT('id') FROM 'users' WHERE 'username' = '{$user}' AND 'password' = '{$pass}'");
return (mysql_result($total, 0) == '1') ? true : false;
}
// adds new user & pass to database
function add_user($user, $pass, $realname, $email){
$user = mysql_real_escape_string(htmlentities($user));
$pass = sha1($pass);
$realname = mysql_real_escape_string(htmlentities($realname));
$email = mysql_real_escape_string(htmlentities($email));
mysql_query("INSERT INTO users (username, password, realname, email) VALUES ('$user', '$pass', '$realname', '$email')") or die(mysql_error());
}
?>
This always gives me an error, when asked to check for the username.
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''users' WHERE 'username' = 'dmillerw'' at line 1
SELECT COUNT('id') FROM 'users' WHERE 'username' = '{$user}'
What am I missing?