login with username or email address in php

Question

I am trying to create a login with username or email

My code is:

$username=$_REQUEST[\'login\'];
$email=$_REQUEST[\'login\'];
$password=$_REQUEST[\'passw         


        

Answer 1

You are setting the same value to two variables, and then using an if/else. Both if statements are equivalent.

You need to figure out if $_REQUEST[login] contains a valid email address, and if so use the email field of the database. Otherwise, use the username field.

Also, you should not be putting variables directly into the query. Use prepared statements.