I have a site which has two type of users, doctor and patient. I store the information about these two types of users in two different tables. When a user is logging in, I want check if the login name submitted by the user exists in the first table (ex: patient) or in the second table (ex: doctor). How I can do this?
Below is part of my code containing the SELECT statement that I have written:
$query =
"SELECT username, password
FROM patient
WHERE username='$username' AND password='$password'";
I'm currently SELECT
ing from the patient table, but I want to know how to SELECT
both from the patient table and the doctor table.
Can you help me please?
You can do this using MySQL's UNION()
function.
$query = "SELECT username, password
FROM table_1
WHERE username='$username' AND password='$password'
UNION
SELECT username, password
FROM table_2
WHERE username='$username' AND password='$password'";
Nota: String variables must be wrapped in quotes.
I must point out though, that this method is open to SQL injection and I hope you are not storing passwords in plain text.
If you are storing passwords in plain text, it is highly discouraged and is prone to your site being compromised.
It is recommended to use CRYPT_BLOWFISH or PHP 5.5's password_hash()
function.
For PHP < 5.5 use the password_hash() compatibility pack
.
Plus, in regards to SQL injection, use mysqli
with prepared statements , or PDO with prepared statements , they're much safer .
您的DBMS是否支持UNION语句?
$query = "SELECT username,password FROM patient WHERE username='$username' AND password='$password' UNION SELECT username,password FROM othertable WHERE username='$username' AND password='$password";
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.