I am trying to create login. But on checking the credentials from database it is logging if any1 data is correct and other is incorrect also.
for login- name, email, mobile all are allowed.
'status' should be 'active' is an extra condition.
What am I doing wrong??
function login($username, $password) {
$where = "status='active' AND name='$username' OR email_id= '$username' OR mobile_no='$username' AND password ='trim($password)'";
$this->db->select('*');
$this->db->from('user_details');
$this->db->where($where);
//$this->db->where('password', trim($password));
$this->db->limit(1);
$query = $this->db->get();
if ($query->num_rows() == 1) {
return $query->result();
} else {
return false;
}
}