Please support our PHP advertiser: Lunarpages PHP Web Hosting
 |
•
•
Join Date: Aug 2007
Posts: 64
Reputation: 
Rep Power: 0
Solved Threads: 0
Junior Poster in Training
Hello friends,
I've a user login system......user's name & password are saved in the database.......suppose i've an user "admin". At the time of login if he enters "admin" he can login also if enters "ADMIN" or "AdMiN" he can login too.....how can I stop this thing........PLZZZZZZZ show me the way......
thank you...
I've a user login system......user's name & password are saved in the database.......suppose i've an user "admin". At the time of login if he enters "admin" he can login also if enters "ADMIN" or "AdMiN" he can login too.....how can I stop this thing........PLZZZZZZZ show me the way......
thank you...
•
•
Join Date: Sep 2007
Posts: 177
Reputation:
Rep Power: 2
Solved Threads: 20
Junior Poster
For that you could just convert both values to lower case with strtolower(); So try the following and I have included the form.
<?
//mysql connections
$username='Admin'; //from mysql in your script
$username=strtolower($username);
if (isset($_POST['username']))
{
$_POST['username']=strtolower($_POST['username']);
if ($_POST['username']==$username)
{
//login
}
}
?>
<form method='post'>
<input type='text' value='adMiN' name='username'>
<input type='submit' value='submit'>
</form> Signature note:
Do not edit the registry just because someone on the forum says so. Do some research on the internet before editing the registry.
Do not edit the registry just because someone on the forum says so. Do some research on the internet before editing the registry.
•
•
Join Date: Aug 2007
Posts: 64
Reputation:
Rep Power: 0
Solved Threads: 0
Junior Poster in Training
sorry man this is not that i want ......actually i want to check the string insterted case sensitive way......
•
•
Join Date: Sep 2007
Posts: 177
Reputation:
Rep Power: 2
Solved Threads: 20
Junior Poster
If you want it case sensitive then because php is case sensitive, just get php to check if the 2 values = each other. So use the following:
php Syntax (Toggle Plain Text)
Signature note:
Do not edit the registry just because someone on the forum says so. Do some research on the internet before editing the registry.
Do not edit the registry just because someone on the forum says so. Do some research on the internet before editing the registry.
•
•
Join Date: Aug 2007
Posts: 64
Reputation:
Rep Power: 0
Solved Threads: 0
Junior Poster in Training
according to your solution if I have 1,00,00,000 user will I define those user in that number of veriables ?????????? is this thing feasible ?????????
•
•
Join Date: Sep 2007
Posts: 177
Reputation:
Rep Power: 2
Solved Threads: 20
Junior Poster
•
•
•
•
Originally Posted by nil_gh_80 
according to your solution if I have 1,00,00,000 user will I define those user in that number of veriables ?????????? is this thing feasible ?????????
Yes because all you need to do is check that the username (which should be unique from all the others) is correct and that at option, the password for security reasons is correct. So just to explain, I shall write a basic login system for you.
Below is login.php
php Syntax (Toggle Plain Text)
index.php (at top)
php Syntax (Toggle Plain Text)
Signature note:
Do not edit the registry just because someone on the forum says so. Do some research on the internet before editing the registry.
Do not edit the registry just because someone on the forum says so. Do some research on the internet before editing the registry.
•
•
Join Date: Nov 2008
Location: Dumaguete, Philippines
Posts: 24
Reputation:
Rep Power: 1
Solved Threads: 1
Newbie Poster
@cwarn23 yeah, I agree with your code also.. I use it the same way.. just add htmlentities to make sure that there will be no sql injections.. 
:: xarz ::
•
•
Join Date: Apr 2008
Posts: 171
Reputation:
Rep Power: 0
Solved Threads: 5
Junior Poster
here you can use md5 encrypted password....
login.php
when use register or save data in mysql / databse
you have to insert data like...
i think this solves your problem.......
when you use md5 you got this value in database admin= 21232f297a57a5a743894a0e4a801fc3 ADMIN= 73acd9a5972130b75066c82595a1fae3 AdMiN= 2714cba6c6d58e587565cf4e6b275078
login.php
$con = mysql_connect("localhost","root","");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
else
{
// echo('Connected with Mysql');
}
@mysql_select_db("db_login", $con);
if (isset($_POST['Submit']))
{
$user_uname=$_POST["user_uname"];
$user_pass=md5($_POST["user_pass"]);
$sql=mysql_query("SELECT * FROM table WHERE user_uname='$user_uname' AND user_pass='$user_pass'");
if (mysql_num_rows($sql)==0 || mysql_num_rows($sql)>1)
{
echo "<script>alert('Username/password pair is invalid.Please try again.')</script>";
echo"<script language='javascript'>window.location.href='login.php'</script>";
}
while($row = mysql_fetch_array($sql))
{
if($user_pass==$row['user_pass'] and $user_uname==$row['user_uname'])
{
//here use go to your new page echo"<script language='javascript'>window.location.href='newprofile.php'</script>";
}
else
{
echo"<script language='javascript'>window.location.href='login.php'</script>";
}
}
}
echo"<script language='javascript'>window.location.href='login.php'</script>";
}
}
when use register or save data in mysql / databse
you have to insert data like...
$sql="INSERT INTO table ( user_uname, user_pass) VALUES('$_POST[user_uname]','md5($_POST[user_pass])')";
i think this solves your problem.......
Last edited by Aamit : Dec 2nd, 2008 at 6:11 am.
|
Similar Threads
Other Threads in the PHP Forum
- How do you minimize a user login? (Windows NT / 2000 / XP / 2003)
- Login Problem (Java)
- Login Problem (IT Professionals' Lounge)
- User login Check (ASP)
- prompted to select user to login, but no users listed (Windows NT / 2000 / XP / 2003)
- Windows 2000 login Problem (Windows NT / 2000 / XP / 2003)
Other Threads in the PHP Forum
- Previous Thread: Initial Values
- Next Thread: PHP+Ajax Help
•
•
•
•
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Linear Mode
