php mysql username variable contains two values

Question

I am wondering if we could have one variable equals two string values? I made a login form which is not required username, only requires password. if the password matches, then it displays the the right person name. I fully understand this is not a right way or a secure way to do login form, but this form will only internally for 5 people use.

inside the php file, I set the $username = "PersonName"; the form only requires password, if the password is correct, this person could login and the name "PersonName1" on the page. I use mysql

$result = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password_encrypt '");

If I want to add another PersonName2 can I have $username="PersonName1" || $username = "PersonName2";

or if someone could give me some ideas? Many thanks

Answer 1

Yes, use the OR operand in your SQL query:

SELECT * FROM users WHERE (username='$username' OR username='$username2') AND password='$password_encrypt '

Answer 2

You can also use the IN clause:

SELECT * 
FROM users 
WHERE username IN ('$username', '$username2')
    AND password='$password_encrypt'

Answer 3

Its possible to check for X OR Y in mysql, just make sure you use parenthesis to separate your conditions.

SELECT * FROM users WHERE (username='$firstName' || username='$secondName') AND password='$password_encrypt '

Answer 4

OR is available to use in MYSQL

   SELECT * FROM users WHERE (username='$username' OR username='$username2') AND password='$password_encrypt '

Answer 5

If the user doesn't require a username then in the SQL query just search for a matching password, then using PHP you can

while($user = mysql_fetch_assoc($result)){ /* check for a good username?? */ }

Also, mysql_* has been deprecated, research MySQLi or PDO for best practices.