Can't match variable from FORM with MYSQL record in PHP

Question

Good evening,

I have a problem with my login code. I've created form that I take variables from into my php code(that part works well). Then I created php login code where I'm trying to match password by entered login. But even when I enter login and the right password I still get else . Here is the code:

<?php

$login=$_POST["loginas"];
$password=$_POST["passwordas"];

//connect to mysql
$rysys = new mysqli('localhost', 'root','','testas');
//are we connected?
if($rysys->connect_error){
    die("Neprisijungeme, nes: " . $rysys->connect_error);
}

//the query
$sql = "SELECT password FROM vartotojai WHERE login='$login'";
$rezultatas=$rysys->query($sql);
if($password == $rezultatas){
    echo "Prisijungeme \n";
}
    else{
        echo "Neteisingas slaptazodis arba prisijungimo vardas\n";
    }


?>

Explanation: $login I get it from my form $password I get it from my form I have database 'testas' , that has 'vartotojai' table. And vartotojai table has 'password' and 'login' Login and password that I enter is 100% like in database.

Answer 1

The query function doesn't return your password field as a string, please read the documentation:

http://php.net/manual/en/mysqli.query.php

Your check will therefore always be false. Correct use of the function would be the following:

if($password == $rezultatas["password"]){

Answer 2

I found a solution on myself. I added one more line:

$rez=$rezultatas->fetch_assoc(); Ths line helped me to create a assoc array from results I got from query.

if($password == $rez["password"] And here I just used assoc array to check if it's good.

@odedta , You're right. Finding answers to your problems on your own is more useful. But to get advices from people that are way better than me is good way to learn as well.