Several things you want to check/change:
- "SELECT *" is bad, bad mojo, because when you change your database schema and add or remove a field, you're going to end up with more or less columns in your result row, some of them probably useless and just wasting memory. Always do your SELECTs specifying exactly which fields you want.
- Also, I noticed that you're using numerical indexes for fetching rows with MySQL. Also not ideal because you have to remember and work with row indexes. Instead use mysql_fetch_assoc() instead of mysql_fetch_row() so that you're returned an associative array with the column names. Example:
- Code: Select all
$result= mysql_query("SELECT user_id FROM users WHERE password='awesome'");
$row = mysql_fetch_assoc($result);
echo "Your password is correct, your user ID is: $row[user_id]";
- You should use the mysqli_* functions instead of the regular mysql_* functions. The mysqli functions are the new versions, and they'll eventually replace the old ones.
- Even better, you should use a database abstraction class like PDO or ADODB. But keep it simple for now, you can change this later.