posted 19 years ago
I have a user table that contains three columns: username, password, and fullname. The fullname will be used to greet the user. The password is hashed before put in the table. Which one is the better way:
Method 1:
The query is
If the query doesn't return a row it means the username given is wrong.
If it does, then we compare the password we get from the database with the one given by user.
OR
Method 2:
The query is
If the query doesn't return a row it means either the username or the password are wrong.
?
[ May 16, 2005: Message edited by: Yosi Hendarsjah ]