Thanks for the reply,  this is the only output before and after the
$_POST....

              array(0) { } ......that's it

I still have the two Notice's from PHP.
But the program works otherwise, in checking the DB for the hashed
password...
that matches the typed in username ...
that is then hashed itself
in the login.php program.  
It works and doesn't 'auth' for incorrect user/pass combinations.
However, I do not like running programs that kick out 'errors' of any kind.  
It seems to always lead to unpredictable situations that are a problem.
Any other ideas?
Thanks,
Chetanji



Chetanji wrote:
> 
> I corrected a small spelling error to make the situation more
> understandable.  Everything is the same I am stuck!
> Thanks in Advance, Chetanji
> 
> Chetanji wrote:
>> 
>> 
>> 
>> All the errors are gone but this nagging one.  I am running a login
>> script and getting this error...
>> 
>> To bring the username and password into the processing script I am doing
>> it this way, and having trouble.
>> I have spent too many hours working on this one issue.  Please help
>> someone.
>> Blessings, Chetan
>> 
>> $myusername=$_POST["myusername"];
>> $mypassword=$_POST["mypassword"];
>> 
>> ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
>> Notice: Undefined index: myusername in
>> C:\Inetpub\wwwroot\AimsSite\docproedit\login.php on line 13
>> 
>> Notice: Undefined index: mypassword in
>> C:\Inetpub\wwwroot\AimsSite\docproedit\login.php on line 13
>> ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
>> The login script is simple HTML using..... 
>> 
>> 
>> 
>> 
>> 
>> 
>> Note: "Flogin.html is where you log on; login.php, the script below,
>> processes the password and username."
>> 
>> Here is the Code...
>> 
>> <?php
>> ob_start();session_start();
>> /************************************************
>> *********Login.php Begin End************  
>> ************************************************/
>> /**
>> ** Process username 1st by md5, then Encrypt,
>> ** then compare with appropiate password in DB.                             
>> **/
>> 
>> session_register("myusername"); session_register("mypassword");
>> $db_name='aims site'; $tbl_name='docproedit'; $db_server='localhost';
>> $db_user='root';
>> $db_pass='somepass';$myusername=$_POST["myusername"];$mypassword=$_POST["mypassword"];
>> $auth = false;
>> 
>> //----Encrypting begins for username and password
>> //----entered by the user on login page.
>> $uname=$myusername;
>> $pname=$mypassword;
>> hashinput($uname,$pname);
>> 
>> //----The hash function, which includes the encrypt function.
>> function hashinput($uname,$pname){
>> global $user; global $pass; global $uname; global $pname; global $p;
>> $usrname=md5($uname);
>> $passname=md5($pname);
>> 
>> //----the Encrypt function.
>> function Encrypt($string) {$Encryption = crypt(md5($string),
>> md5($string));return $Encryption;} 
>> $user = encrypt($usrname);
>> $p = encrypt($passname);
>> }
>> 
>> //----Connecting with DB, selecting array from DB to analyze.
>> $linkID = mysql_connect($db_server, $db_user, $db_pass);
>> mysql_select_db("$db_name", $linkID);
>> $result = mysql_query("SELECT password FROM docproedit WHERE username =
>> '$user'", $linkID);
>> $pass = mysql_fetch_row($result);
>> mysql_close($linkID);
>> 
>> //----Based on the comparision of encryped "login" username
>> //----against the permanent DB password, $auth is 1 if 'good' login, and
>> 0 if 'bad'.
>> if ($pass[0] === $p) {
>> $auth = true;
>> if ($auth = 1) { 
>> echo ""; return;
>> }
>> }
>> return $auth;
>> 
>> ob_end_flush();
>> 
>> /************************************************
>> *************Login.php End***************  
>> ************************************************/
>> 
>> 
>> 
> 
> 

-- 
View this message in context: 
http://www.nabble.com/PHP-to-md5-the-%24var-before-it-reaches-MySQL%27s-gen-query-log-tf3731340.html#a10606352
Sent from the Php - Database mailing list archive at Nabble.com.

Reply via email to