very simple login script (checking 2 variables before writing cookie)

Thread Solved
1 2

Join Date: Oct 2006
Posts: 215
Reputation: MaxMumford is an unknown quantity at this point 
Solved Threads: 2
MaxMumford's Avatar
MaxMumford MaxMumford is offline Offline
Posting Whiz in Training

very simple login script (checking 2 variables before writing cookie)

 
0
  #1
Jun 26th, 2008
Hi all,

I have just put together a simple log in script from various tutorials on the web and at the moment it is only checking the username entered by the user against what is in my database.
I cant find any infromation about any kind of AND function or any other check the password as well as the username so thats what i need help with

here is what i have already:

PHP Syntax (Toggle Plain Text) 
  1. <?php
  2. // Connects to your Database
  3. mysql_connect("", "", "") or die(mysql_error());
  4. mysql_select_db("") or die(mysql_error());;
  5.  
  6. $uname = $_POST['uname'];
  7. $pword = $_POST['pword'];
  8. //gets username and password from uname and pword fields on previous page
  9.  
  10. $result = mysql_query("SELECT * FROM logins WHERE uname='$uname'");
  11.  
  12. if($row = mysql_fetch_array($result))
  13.   {
  14.   setcookie("loggedin", "$uname", time()+3600);
  15.   echo "logged in as: ";
  16.   echo $row['uname'];
  17.   echo "<br />and cookie written.";
  18.   echo "<br />";
  19.   echo 'click <a href="cookie.php">here</a> to view cookie information.<br/><a href="login.php">Back to login page.</a>';
  20.   }
  21. else
  22. {
  23. echo "wrong login information";
  24. }
  25. ?>

Thanks guyyys

Max
| IPCopy |
The only google chrome extension that lets you copy your IP to the clipboard with one click.
https://chrome.google.com/extensions...ogchjmmgjjfola
Reply With Quote Quick reply to this message  
Join Date: Jun 2007
Posts: 1,233
Reputation: kkeith29 has a spectacular aura about kkeith29 has a spectacular aura about kkeith29 has a spectacular aura about 
Solved Threads: 169
kkeith29's Avatar
kkeith29 kkeith29 is offline Offline
Nearly a Posting Virtuoso

Re: very simple login script (checking 2 variables before writing cookie)

 
0
  #2
Jun 26th, 2008
make sure sanatize your inputs to protect against sql injection.

as for the login, just change your query to:

PHP Syntax (Toggle Plain Text) 
  1. SELECT * FROM logins WHERE uname='$uname' AND password='$pword'

also, a better way to do a login script is to see the number of results returned from the query.

ex.

PHP Syntax (Toggle Plain Text) 
  1. //run query here
  2. if (mysql_num_rows($result) == 1) {
  3.   //then log the person in
  4. }
  5. else {
  6.   //they have invalid credentials
  7. }
Last edited by kkeith29; Jun 26th, 2008 at 10:50 pm.
Reply With Quote Quick reply to this message  
Join Date: Aug 2007
Posts: 573
Reputation: ryan_vietnow is an unknown quantity at this point 
Solved Threads: 71
ryan_vietnow's Avatar
ryan_vietnow ryan_vietnow is offline Offline
Posting Pro

Re: very simple login script (checking 2 variables before writing cookie)

 
0
  #3
Jun 26th, 2008
you can change your query like this to validate a username with its password.

(let us say pword is your password table in db...)

replace this:
php Syntax (Toggle Plain Text) 
  1. $result = mysql_query("SELECT * FROM logins WHERE uname='$uname'");

with something like this:
php Syntax (Toggle Plain Text) 
  1. $result = mysql_query("SELECT * FROM logins WHERE uname='$uname' and pword='$pword'");
PHP,Javascript and AJAX tutorials.
I am currently accepting CodeIgniter,JQuery,WordPress ,PSD->XHTML jobs.Contact Me.
Reply With Quote Quick reply to this message  
Join Date: Aug 2007
Posts: 573
Reputation: ryan_vietnow is an unknown quantity at this point 
Solved Threads: 71
ryan_vietnow's Avatar
ryan_vietnow ryan_vietnow is offline Offline
Posting Pro

Re: very simple login script (checking 2 variables before writing cookie)

 
0
  #4
Jun 26th, 2008
Ahh! keith is faster than me
PHP,Javascript and AJAX tutorials.
I am currently accepting CodeIgniter,JQuery,WordPress ,PSD->XHTML jobs.Contact Me.
Reply With Quote Quick reply to this message  
Join Date: Oct 2006
Posts: 215
Reputation: MaxMumford is an unknown quantity at this point 
Solved Threads: 2
MaxMumford's Avatar
MaxMumford MaxMumford is offline Offline
Posting Whiz in Training

Re: very simple login script (checking 2 variables before writing cookie)

 
0
  #5
Jun 27th, 2008
ha xD Thanks guys i swear i tried that

oh wells thanks for the help guys. and ill def. include the protection against mysql injection

now just to find out what it actually is.....

Thanks again.
| IPCopy |
The only google chrome extension that lets you copy your IP to the clipboard with one click.
https://chrome.google.com/extensions...ogchjmmgjjfola
Reply With Quote Quick reply to this message  
Join Date: May 2007
Posts: 14
Reputation: Spaiz is an unknown quantity at this point 
Solved Threads: 0
Spaiz Spaiz is offline Offline
Newbie Poster

Re: very simple login script (checking 2 variables before writing cookie)

 
0
  #6
Jun 29th, 2008
May I ask related question in here?
I was just reading around, found this thread and remembered that I always wanted to know if it's possible to query database only once, at first visit, to confirm login/pwd is correct.

Basicaly, is there a way to let user browse protected area without checking the database on every page view? (saving id in cookies is not a way )
Reply With Quote Quick reply to this message  
Join Date: Jun 2007
Posts: 1,233
Reputation: kkeith29 has a spectacular aura about kkeith29 has a spectacular aura about kkeith29 has a spectacular aura about 
Solved Threads: 169
kkeith29's Avatar
kkeith29 kkeith29 is offline Offline
Nearly a Posting Virtuoso

Re: very simple login script (checking 2 variables before writing cookie)

 
0
  #7
Jun 29th, 2008
yes, use sessions.
Reply With Quote Quick reply to this message  
Join Date: May 2007
Posts: 14
Reputation: Spaiz is an unknown quantity at this point 
Solved Threads: 0
Spaiz Spaiz is offline Offline
Newbie Poster

Re: very simple login script (checking 2 variables before writing cookie)

 
0
  #8
Jun 29th, 2008
Well, yes, sessions, but is there way to save user identification for long time? (except session in database/files/cookies)

Maybe some new clever way? I know the ordinary one's.
Reply With Quote Quick reply to this message  
Join Date: Nov 2007
Posts: 3,833
Reputation: nav33n is a jewel in the rough nav33n is a jewel in the rough nav33n is a jewel in the rough nav33n is a jewel in the rough 
Solved Threads: 344
Moderator
Featured Poster
nav33n's Avatar
nav33n nav33n is offline Offline
Senior Poster

Re: very simple login script (checking 2 variables before writing cookie)

 
0
  #9
Jun 29th, 2008
Originally Posted by Spaiz View Post
Well, yes, sessions, but is there way to save user identification for long time? (except session in database/files/cookies)

Maybe some new clever way? I know the ordinary one's.
I don't think so..
Ignorance is definitely not bliss!

*PM asking for help will be ignored*
Reply With Quote Quick reply to this message  
Join Date: Aug 2007
Posts: 573
Reputation: ryan_vietnow is an unknown quantity at this point 
Solved Threads: 71
ryan_vietnow's Avatar
ryan_vietnow ryan_vietnow is offline Offline
Posting Pro

Re: very simple login script (checking 2 variables before writing cookie)

 
0
  #10
Jun 29th, 2008
Originally Posted by Spaiz View Post
Well, yes, sessions, but is there way to save user identification for long time? (except session in database/files/cookies)

Maybe some new clever way? I know the ordinary one's.
Try to store the ipaddress of the user and date into a new table then have a timeline for how many days/months etc. on how the id will be saved in that ipadd by subtracting current date from the stored date login...Just my idea...
PHP,Javascript and AJAX tutorials.
I am currently accepting CodeIgniter,JQuery,WordPress ,PSD->XHTML jobs.Contact Me.
Reply With Quote Quick reply to this message  
Reply
1 2

Quick Reply to Thread
This thread has been marked solved.
Perhaps start a new thread instead?
Message:



Other Threads in the PHP Forum


Views: 2649 | Replies: 10
Thread Tools Search this Thread



Tag cloud for PHP
access ajax apache api archive array arrays auto beginner binary box buttons cakephp check checkbox class cms code database date development directory display download dropdown dynamic echo email error file files form forms function functions header href htaccess html image images include insert ip java javascript joomla jquery limit link list login loop mail mlm mod_rewrite multiple mysql order parse paypal pdf php problem query radio redirect regex remote rewrite script search select server session shopping soap sort source sql storage string structure syntax system table tutorial update upload url user validate validation validator variable video web website wordpress xml
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2010 DaniWeb® LLC