PHP RSS PHP RSS

very simple login script (checking 2 variables before writing cookie)

Thread Solved
1 2

Join Date: Oct 2006
Posts: 198
Reputation: MaxMumford is an unknown quantity at this point 
Solved Threads: 1
MaxMumford's Avatar
MaxMumford MaxMumford is offline Offline
Junior Poster

very simple login script (checking 2 variables before writing cookie)

 
0
  #1
Jun 26th, 2008
Hi all,

I have just put together a simple log in script from various tutorials on the web and at the moment it is only checking the username entered by the user against what is in my database.
I cant find any infromation about any kind of AND function or any other check the password as well as the username so thats what i need help with

here is what i have already:

PHP Syntax (Toggle Plain Text) 
  1. <?php
  2. // Connects to your Database
  3. mysql_connect("", "", "") or die(mysql_error());
  4. mysql_select_db("") or die(mysql_error());;
  5.  
  6. $uname = $_POST['uname'];
  7. $pword = $_POST['pword'];
  8. //gets username and password from uname and pword fields on previous page
  9.  
  10. $result = mysql_query("SELECT * FROM logins WHERE uname='$uname'");
  11.  
  12. if($row = mysql_fetch_array($result))
  13.   {
  14.   setcookie("loggedin", "$uname", time()+3600);
  15.   echo "logged in as: ";
  16.   echo $row['uname'];
  17.   echo "<br />and cookie written.";
  18.   echo "<br />";
  19.   echo 'click <a href="cookie.php">here</a> to view cookie information.<br/><a href="login.php">Back to login page.</a>';
  20.   }
  21. else
  22. {
  23. echo "wrong login information";
  24. }
  25. ?>

Thanks guyyys

Max
Ill solve somebody's thread someday! xD
Reply With Quote Quick reply to this message  
Join Date: Jun 2007
Posts: 1,227
Reputation: kkeith29 has a spectacular aura about kkeith29 has a spectacular aura about kkeith29 has a spectacular aura about 
Solved Threads: 167
kkeith29's Avatar
kkeith29 kkeith29 is offline Offline
Nearly a Posting Virtuoso

Re: very simple login script (checking 2 variables before writing cookie)

 
0
  #2
Jun 26th, 2008
make sure sanatize your inputs to protect against sql injection.

as for the login, just change your query to:

PHP Syntax (Toggle Plain Text) 
  1. SELECT * FROM logins WHERE uname='$uname' AND password='$pword'

also, a better way to do a login script is to see the number of results returned from the query.

ex.

PHP Syntax (Toggle Plain Text) 
  1. //run query here
  2. if (mysql_num_rows($result) == 1) {
  3.   //then log the person in
  4. }
  5. else {
  6.   //they have invalid credentials
  7. }
Last edited by kkeith29; Jun 26th, 2008 at 11:50 pm.
Reply With Quote Quick reply to this message  
Join Date: Aug 2007
Posts: 561
Reputation: ryan_vietnow is an unknown quantity at this point 
Solved Threads: 71
ryan_vietnow's Avatar
ryan_vietnow ryan_vietnow is offline Offline
Posting Pro

Re: very simple login script (checking 2 variables before writing cookie)

 
0
  #3
Jun 26th, 2008
you can change your query like this to validate a username with its password.

(let us say pword is your password table in db...)

replace this:
php Syntax (Toggle Plain Text) 
  1. $result = mysql_query("SELECT * FROM logins WHERE uname='$uname'");

with something like this:
php Syntax (Toggle Plain Text) 
  1. $result = mysql_query("SELECT * FROM logins WHERE uname='$uname' and pword='$pword'");
http://www.ryantetek.com/
Reply With Quote Quick reply to this message  
Join Date: Aug 2007
Posts: 561
Reputation: ryan_vietnow is an unknown quantity at this point 
Solved Threads: 71
ryan_vietnow's Avatar
ryan_vietnow ryan_vietnow is offline Offline
Posting Pro

Re: very simple login script (checking 2 variables before writing cookie)

 
0
  #4
Jun 26th, 2008
Ahh! keith is faster than me
http://www.ryantetek.com/
Reply With Quote Quick reply to this message  
Join Date: Oct 2006
Posts: 198
Reputation: MaxMumford is an unknown quantity at this point 
Solved Threads: 1
MaxMumford's Avatar
MaxMumford MaxMumford is offline Offline
Junior Poster

Re: very simple login script (checking 2 variables before writing cookie)

 
0
  #5
Jun 27th, 2008
ha xD Thanks guys i swear i tried that

oh wells thanks for the help guys. and ill def. include the protection against mysql injection

now just to find out what it actually is.....

Thanks again.
Ill solve somebody's thread someday! xD
Reply With Quote Quick reply to this message  
Join Date: May 2007
Posts: 14
Reputation: Spaiz is an unknown quantity at this point 
Solved Threads: 0
Spaiz Spaiz is offline Offline
Newbie Poster

Re: very simple login script (checking 2 variables before writing cookie)

 
0
  #6
Jun 29th, 2008
May I ask related question in here?
I was just reading around, found this thread and remembered that I always wanted to know if it's possible to query database only once, at first visit, to confirm login/pwd is correct.

Basicaly, is there a way to let user browse protected area without checking the database on every page view? (saving id in cookies is not a way )
Reply With Quote Quick reply to this message  
Join Date: Jun 2007
Posts: 1,227
Reputation: kkeith29 has a spectacular aura about kkeith29 has a spectacular aura about kkeith29 has a spectacular aura about 
Solved Threads: 167
kkeith29's Avatar
kkeith29 kkeith29 is offline Offline
Nearly a Posting Virtuoso

Re: very simple login script (checking 2 variables before writing cookie)

 
0
  #7
Jun 29th, 2008
yes, use sessions.
Reply With Quote Quick reply to this message  
Join Date: May 2007
Posts: 14
Reputation: Spaiz is an unknown quantity at this point 
Solved Threads: 0
Spaiz Spaiz is offline Offline
Newbie Poster

Re: very simple login script (checking 2 variables before writing cookie)

 
0
  #8
Jun 29th, 2008
Well, yes, sessions, but is there way to save user identification for long time? (except session in database/files/cookies)

Maybe some new clever way? I know the ordinary one's.
Reply With Quote Quick reply to this message  
Join Date: Nov 2007
Posts: 3,744
Reputation: nav33n is a jewel in the rough nav33n is a jewel in the rough nav33n is a jewel in the rough 
Solved Threads: 330
Moderator
Featured Poster
nav33n's Avatar
nav33n nav33n is offline Offline
Senior Poster

Re: very simple login script (checking 2 variables before writing cookie)

 
0
  #9
Jun 29th, 2008
Originally Posted by Spaiz View Post
Well, yes, sessions, but is there way to save user identification for long time? (except session in database/files/cookies)

Maybe some new clever way? I know the ordinary one's.
I don't think so..
Ignorance is definitely not bliss!

*PM asking for help will be ignored*
Reply With Quote Quick reply to this message  
Join Date: Aug 2007
Posts: 561
Reputation: ryan_vietnow is an unknown quantity at this point 
Solved Threads: 71
ryan_vietnow's Avatar
ryan_vietnow ryan_vietnow is offline Offline
Posting Pro

Re: very simple login script (checking 2 variables before writing cookie)

 
0
  #10
Jun 29th, 2008
Originally Posted by Spaiz View Post
Well, yes, sessions, but is there way to save user identification for long time? (except session in database/files/cookies)

Maybe some new clever way? I know the ordinary one's.
Try to store the ipaddress of the user and date into a new table then have a timeline for how many days/months etc. on how the id will be saved in that ipadd by subtracting current date from the stored date login...Just my idea...
http://www.ryantetek.com/
Reply With Quote Quick reply to this message  
Reply
1 2

Quick Reply to Thread
This thread has been marked solved.
Perhaps start a new thread instead?
Message:



Other Threads in the PHP Forum
Thread Tools Search this Thread



apache api array basic beginner binary body broken cakephp checkbox class cms code computing cron curl database date date/time delete display dynamic echo email error file files filter folder form forms function functions gc_maxlifetime global google host href htaccess html image include insert ip javascript joomla limit link list login mail memmory memory menu mlm msqli_multi_query multiple mycodeisbad mysql navigation oop parameter parsing paypal pdf php problem query radio random recourse recursion regex remote script search seo server sessions sms snippet source space sql static syntax system table thesishelp tutorial update upload url validator variable video web webdesign xml youtube
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC