Ad:

PHP Discussion Thread
Marked Solved
Views: 3495

Page 1
2
Next

You are currently viewing page 1 of this multi-page discussion thread

Jun 26th, 2008

very simple login script (checking 2 variables before writing cookie)

Expand Post »

Hi all,

I have just put together a simple log in script from various tutorials on the web and at the moment it is only checking the username entered by the user against what is in my database.
I cant find any infromation about any kind of AND function or any other check the password as well as the username so thats what i need help with

here is what i have already:

PHP Syntax (Toggle Plain Text)
<?php
// Connects to your Database
mysql_connect("", "", "") or die(mysql_error());
mysql_select_db("") or die(mysql_error());;
 
$uname = $_POST['uname'];
$pword = $_POST['pword'];
//gets username and password from uname and pword fields on previous page
 
$result = mysql_query("SELECT * FROM logins WHERE uname='$uname'");
 
if($row = mysql_fetch_array($result))
  {
  setcookie("loggedin", "$uname", time()+3600);
  echo "logged in as: ";
  echo $row['uname'];
  echo "<br />and cookie written.";
  echo "<br />";
  echo 'click <a href="cookie.php">here</a> to view cookie information.<br/><a href="login.php">Back to login page.</a>';
  }
else
{
echo "wrong login information";
}
?>
<?php
// Connects to your Database
mysql_connect("", "", "") or die(mysql_error());
mysql_select_db("") or die(mysql_error());;

$uname = $_POST['uname'];
$pword = $_POST['pword'];
//gets username and password from uname and pword fields on previous page

$result = mysql_query("SELECT * FROM logins WHERE uname='$uname'");

if($row = mysql_fetch_array($result))
  {
  setcookie("loggedin", "$uname", time()+3600);
  echo "logged in as: ";
  echo $row['uname'];
  echo "<br />and cookie written.";
  echo "<br />";
  echo 'click <a href="cookie.php">here</a> to view cookie information.<br/><a href="login.php">Back to login page.</a>';
  }
else
{
echo "wrong login information";
}
?>

Thanks guyyys

Max

MaxMumford

Reputation Points: 32

Solved Threads: 3

Posting Whiz in Training

Offline

228 posts
since Oct 2006

Permalink

Jun 26th, 2008

Re: very simple login script (checking 2 variables before writing cookie)

make sure sanatize your inputs to protect against sql injection.

as for the login, just change your query to:

PHP Syntax (Toggle Plain Text)

SELECT * FROM logins WHERE uname='$uname' AND password='$pword'

also, a better way to do a login script is to see the number of results returned from the query.

ex.

PHP Syntax (Toggle Plain Text)
//run query here
if (mysql_num_rows($result) == 1) {
  //then log the person in
}
else {
  //they have invalid credentials
}
//run query here
if (mysql_num_rows($result) == 1) {
  //then log the person in
}
else {
  //they have invalid credentials
}

Last edited by kkeith29; Jun 26th, 2008 at 11:50 pm.

kkeith29

Reputation Points: 235

Solved Threads: 193

Nearly a Posting Virtuoso

Offline

1,315 posts
since Jun 2007

Permalink

Jun 26th, 2008

Re: very simple login script (checking 2 variables before writing cookie)

you can change your query like this to validate a username with its password.

(let us say pword is your password table in db...)

replace this:

php Syntax (Toggle Plain Text)
$result = mysql_query("SELECT * FROM logins WHERE uname='$uname'");
$result = mysql_query("SELECT * FROM logins WHERE uname='$uname'");

with something like this:

php Syntax (Toggle Plain Text)
$result = mysql_query("SELECT * FROM logins WHERE uname='$uname' and pword='$pword'");
$result = mysql_query("SELECT * FROM logins WHERE uname='$uname' and pword='$pword'");

ryan_vietnow

Reputation Points: 28

Solved Threads: 71

Posting Pro

Offline

578 posts
since Aug 2007

Permalink

Jun 26th, 2008

Re: very simple login script (checking 2 variables before writing cookie)

Ahh! keith is faster than me

ryan_vietnow

Reputation Points: 28

Solved Threads: 71

Posting Pro

Offline

578 posts
since Aug 2007

Permalink

Jun 27th, 2008

Re: very simple login script (checking 2 variables before writing cookie)

ha xD Thanks guys

i swear i tried that

oh wells thanks for the help guys. and ill def. include the protection against mysql injection

now just to find out what it actually is.....

Thanks again.

MaxMumford

Reputation Points: 32

Solved Threads: 3

Posting Whiz in Training

Offline

228 posts
since Oct 2006

Permalink

Jun 29th, 2008

Re: very simple login script (checking 2 variables before writing cookie)

May I ask related question in here?
I was just reading around, found this thread and remembered that I always wanted to know if it's possible to query database only once, at first visit, to confirm login/pwd is correct.

Basicaly, is there a way to let user browse protected area without checking the database on every page view? (saving id in cookies is not a way

)

Spaiz

Reputation Points: 14

Solved Threads: 0

Newbie Poster

Offline

18 posts
since May 2007

Permalink

Jun 29th, 2008

Re: very simple login script (checking 2 variables before writing cookie)

yes, use sessions.

kkeith29

Reputation Points: 235

Solved Threads: 193

Nearly a Posting Virtuoso

Offline

1,315 posts
since Jun 2007

Permalink

Jun 29th, 2008

Re: very simple login script (checking 2 variables before writing cookie)

Well, yes, sessions, but is there way to save user identification for long time? (except session in database/files/cookies)

Maybe some new clever way? I know the ordinary one's.

Spaiz

Reputation Points: 14

Solved Threads: 0

Newbie Poster

Offline

18 posts
since May 2007

Permalink

Jun 29th, 2008

Re: very simple login script (checking 2 variables before writing cookie)

Click to Expand / Collapse Quote originally posted by Spaiz ...

Well, yes, sessions, but is there way to save user identification for long time? (except session in database/files/cookies)

Maybe some new clever way? I know the ordinary one's.

I don't think so..

nav33n

Moderator

Featured Poster

Reputation Points: 524

Solved Threads: 356

Purple hazed!

Offline

3,878 posts
since Nov 2007

Permalink

Jun 29th, 2008

Re: very simple login script (checking 2 variables before writing cookie)

Click to Expand / Collapse Quote originally posted by Spaiz ...

Well, yes, sessions, but is there way to save user identification for long time? (except session in database/files/cookies)

Maybe some new clever way? I know the ordinary one's.

Try to store the ipaddress of the user and date into a new table then have a timeline for how many days/months etc. on how the id will be saved in that ipadd by subtracting current date from the stored date login...Just my idea...

ryan_vietnow

Reputation Points: 28

Solved Threads: 71

Posting Pro

Offline

578 posts
since Aug 2007

Page 1
2
Next

This thread is solved

Either the thread starter or a moderator has marked this thread as solved. You can most likely trust the responses and answers given. There is most likely no reason for any further responses to be posted here. If you have a related question, please start a new thread in this forum instead.

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.

Previous Thread in PHP Forum Timeline: Creation of Dynamic Menu for Web pages

Next Thread in PHP Forum Timeline: help please, displaying content problem

DaniWeb Message

Cancel Changes

User Name
Password