I have a user table that contains three columns: username, password, and fullname. The fullname will be used to greet the user. The password is hashed before put in the table. Which one is the better way:
Method 1: The query is If the query doesn't return a row it means the username given is wrong. If it does, then we compare the password we get from the database with the one given by user.
OR
Method 2: The query is If the query doesn't return a row it means either the username or the password are wrong.