Logo Questions Linux Laravel Mysql Ubuntu Git Menu

How to check username and password case sensitive?





I made a login check script that checks if username and password match an account that is set in the database. All works fine but it isn't case sensitive which it really should be! What can I do to make this script also check for uppercase/lowercase? For example: I have an account with username: AdMin password: My43sGG. If I would enter admin and my43sgg in the login fields it would also work.

my script:


// connect to the database

// username and password sent from form 

// To protect MySQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM " .$members. " WHERE username='$myusername' and password='$mypassword'";

// Mysql_num_row is counting table row

// If result matched $myusername and $mypassword, table row must be 1 row

// Register $myusername, $mypassword and redirect to file "login_success.php"
else {
like image 493
Frank Kluytmans Avatar asked Mar 23 '23 22:03

Frank Kluytmans

1 Answers


WHERE BINARY username = BINARY '$myusername' AND
      BINARY password = BINARY '$mypassword'
  • SQLFiddle Demo

As a sidenote, the query is vulnerable with SQL Injection if the value(s) of the variables came from the outside. Please take a look at the article below to learn how to prevent from it. By using PreparedStatements you can get rid of using single quotes around values.

  • How to prevent SQL injection in PHP?
like image 173
John Woo Avatar answered Apr 01 '23 10:04

John Woo