On 2/6/2013 8:01 PM, Ron Piggott wrote:
Hi Everyone

When I login to PayPal a total of 3 web pages are used:

1 – A screen for the user to type in their user name & password
2 – A screen saying “ Logging in “*
3 – My Welcome / Personalized Account Summary Screen

* During the 2nd web page my PHP script is going to be accessing the mySQL 
database to check the login credentials.

- I would like to know how this is done
- I would like to know how to re-direct the user to a “incorrect password” 
screen if this is the case
- I would like to know how to re-direct to a “security question” screen as a 
secondary step for those users who want this additional security (such as what 
I am offered through my online banking sign in process)

I don’t know what an effective search query is on Google.  I don’t mind (nor 
will I take offense) on being directed to a tutorial.  I want to ensure what I 
am putting into production is high quality and not hap hazard.

Thank you for any help you are able to provide me with.

Ron Piggott


There are so many MANY ways of accomplishing this, it's hard to begin. Since you seem to be unaware of this whole process, I imagine the simple, most-straight forward way would be the best.

YOu can do this with one script - if you are not wanting to be too fancy.

Upon first call - you display the login page and wait for a submit button to call your script again.

Upon the second call you gather the inputs and validate them, returning error messages if they are not present or not in the proper formats. If inputs are acceptable, per se, then you perform your db check and respond accordingly (failure message or success message with a different target in your <form> tag). The output from this second call can be the same as the first call's if there's an error, or completely different if success was achieved - just change what html you send to the client.

If you want to prompt them for a security question before checking the database, that is just as easy. In the "second call" you send back a different set of html prompting the user for the answer to the question that you display. Then you do the above paragraph as the "third" call. Of course you need to store the inputs received somewhere - probably not in hidden field, but rather session vars. On the third call you collect the answer to the question, the session vars with the uid and pswd, and then do the db check.

As I said - you can do this with one script. You simply have different chunks of html that your script outputs, depending upon the step you are in. That 'step' is some indicator of your making that you hide in the html so that your script knows where it is in the conversation with the user. You also have different chunks of php code to handle the different steps.

Piece of cake!

PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to