kbrink43 - 4:37 pm on Mar 23, 2011 (gmt 0)

First of all, great site and community ya'll have here. I have learned quite a bit in the past few weeks. I have come across something that has stumped me and I have no idea how to figure it out. By no means am I fluent in PHP, but I have dabbled with the code.

What this basically does is let a customer enter their account number. Once they enter it, it will search a table and return the account number and a temporary password. The account number ranges from all numbers, ie 91234124 to 22-12341 or 542-123456 etc... If a customer enters something other than a number, then I'd like it to return the message "Does not start with a number." If it can't find it in the database then, the message "It does not exist." I have gotten the numbers to work correctly, but whenever I try to enter an account number with a dash, it brings up the message that it doesn't exist. I think it has something to do with the preg_match. Also if I change the wording from = to LIKE in the $sql statement, i receive the a totally different account number and password than the one that is entered.

Can anybody help out with this? Thanks so much in advance!

<?php

if(isset($_POST['submit'])){
if(isset($_GET['go'])){
if(preg_match("/^[0-9]+/", $_POST['name'])){

$name=$_POST['name'];
$db=mysql_connect ("localhost", "----", "----") or die ('I cannot connect to the database because: ' . mysql_error());
$mydb=mysql_select_db("----");
$sql="SELECT acct, pw FROM `ouc` WHERE acct = $name";
$result=mysql_query($sql);
$row=mysql_fetch_array($result);
$acct =$row['acct'];
$pw =$row['pw'];

if(empty($acct)){
echo "<div class='cbb red'><p><strong>This account number does not exist in our database, please enter the number exactly as it is printed on your bill. If you believe you have reached this message in error, please call us at ----- or email us at -----.</strong></p></div>";
}
else{
echo "<div class='cbb green'><ul>\n";
echo "<li>" . "Account ID - " .$acct . "</a></li>\n";
echo "<li>" . "Temporary Password - " .$pw . "</a></li>\n";
echo "</ul></div>";
echo "<div class='cbb gray'>Please write down your password as this will be the <strong>ONLY</strong> opportunity you have, then click below to validate and claim your account information. Once validated you will be able to log in, however you will <strong>NOT</strong> be able to use this screen again to find out your temporary password, so make sure you write it down.";
echo "<br><br>";
echo "<center><a href='-----.php?id=".$acct."'><img src='-----' border='0'></a></center><br/></div>";
}
}
else{
echo "<div class='cbb red'><p><strong>Your account id must start with a number.</strong></p></div>";
}
}
}
?>