login with username or email address in php

Question

I am trying to create a login with username or email

My code is:

$username=$_REQUEST[\'login\'];
$email=$_REQUEST[\'login\'];
$password=$_REQUEST[\'passw         


        

Answer 1

$username=$_REQUEST['login'];
$email=$_REQUEST['login'];

This is wrong, you are using $_REQUEST['login'] for both email and username. Why don't you just use email?

If $_REQUEST['login'] doesn't have email address, of course this wont return you anything.

Also, both of your if statements will always execute, unless the fields are empty. right?

Take the login out, enforce the users to login with email addresses. also, take md5 of the password. who stores raw passwords these days?