Re: [PHP] Case sensitive password
В сообщении от Friday 20 June 2008 23:05:55 Andrew Ballard написал(а): if(preg_match('/^'.$_SESSION['userpass'].'$/i',$login)) { So, why you use /i ? :-) -- === С уважением, Манылов Павел aka [R-k] icq: 949-388-0 mailto:[EMAIL PROTECTED] === А ещё говорят так: The higher the higher-ups are who have come to see your demo, the lower your chances are of giving a successful one -- Fundamental Law of Thermodynamics n?4 [fortune]
Re: [PHP] Case sensitive password
On Thu, Jun 19, 2008 at 7:29 PM, Kyle Browning [EMAIL PROTECTED] wrote: Why not md5 the password, and store the md5 encryption. Then when they type something in, md5 it and compare the md5 strings. That will ensure that it is Case Sensitive On Thu, Jun 19, 2008 at 2:04 PM, R.C. [EMAIL PROTECTED] wrote: Thank you Daniel, I think that did the trick. Am checking this out now... Best R.C. Daniel Brown [EMAIL PROTECTED] wrote in message session_start(); $_SESSION ['userpass'] = $_POST ['pass']; $_SESSION ['authuser'] = 0; $login = VIDEO; $login2 = video; if (($_SESSION['userpass'] == $login) or ($_SESSION['userpass'] == $login2)) { $_SESSION['authuser'] = 1; ? Try this: ?php if(preg_match('/^'.$_SESSION['userpass'].'$/i',$login)) { echo Good.\n; } else { echo Bad.\n; } ? Because that would make the password comparison case-sensitive (as one might reasonably infer from the subject of the message). However, the OP wanted the password to be case-INsensitive. Andrew -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Case sensitive password
At 9:36 PM -0700 6/18/08, R.C. wrote: I have coded a php page that accepts a password. What is the code to make sure the password entered is NOT case-sensitive? Thanks much R.C. Why? If a user has selected a password, then leave it alone and don't change it -- it's their password. If a user has difficulty remembering their password, then make sure there's a forgot password option in the sign on. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Case sensitive password
On Thu, Jun 19, 2008 at 12:45 AM, Nathan Nobbe [EMAIL PROTECTED] wrote: i hate posting the same answer to a given question thats already been posted, but i had this all typed in when chris submitted his answer, so here it is again.. One of the very, very few things that pisses me off about Gmail, in fact. You take the time to type out a long, well-thought-out response, only to see that damned yellow box pop up in the bottom right indicating that someone else just responded to the thread. You'd swear we were getting paid to be the first to respond sometimes. ;-P -- /Daniel P. Brown Dedicated Servers - Intel 2.4GHz w/2TB bandwidth/mo. starting at just $59.99/mo. with no contract! Dedicated servers, VPS, and hosting from $2.50/mo. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Case sensitive password
Chris, Thank you. That worked good. Appreciate the assistance. Best R.C. Chris [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] R.C. wrote: Thank you for your reply. The password is not stored, actually, like in a databse. We're only dealing with one password. When the user inputs the password, he/she should be able to input either in lower or upper case or both abd they should have access to the protected file in this case. As Nathan mentioned, just compare them in the same way. $stored_password = strtolower($stored_password); $user_password = strtolower($user_password); if ($stored_password == $user_password) { echo Yay!; } else { echo No :(; } -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Case sensitive password
Nathan, Thank you ... very thorough. Best R.C. Nathan Nobbe [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] i hate posting the same answer to a given question thats already been posted, but i had this all typed in when chris submitted his answer, so here it is again.. On Wed, Jun 18, 2008 at 10:36 PM, R.C. [EMAIL PROTECTED] wrote: I have coded a php page that accepts a password. What is the code to make sure the password entered is NOT case-sensitive? when you store the password, you can store it as all upper or all lowercase, then when comparing against the stored value, do the same operation to the value supplied from the user, and compare those. and you dont have to modify the original value if you dont want to, when you store it. just remember to alter both the stored value and the user-supplied value when doing comparisons. /// here is an example comparison // get password value from db for user, put it in $storedPassword // suppose the value the user supplied in a form is in variable $userSuppliedPassword // now for the case insensitive comparison if(strtolower($storedPassword) == strtolower($userSuppliedPassword)) // passwords are the same else // passwords are different also note in the above example, there is no encryption of the password, which you almost certainly want to have ;) -nathan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Case sensitive password
Tedd, thank you for your input but it's the site client who wants the user to input this ONE password either upper or lower case...it's for accessing a protected page... nothing major. But generally I agree... if the user has selected a password, that is what he/she wants and it should be left alone. BTW: I used Chris' and Nathan's code and it's working fine. Best R.C. tedd [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Why? If a user has selected a password, then leave it alone and don't change it -- it's their password. If a user has difficulty remembering their password, then make sure there's a forgot password option in the sign on. Cheers, tedd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Case sensitive password
I've tried some of the methods mentioned in earlier posts, but I don't understand this correctly. Here is the code I have to validate a hard corded password to access a page, which is in upper case WHERE do I input the code to make sure that whatever case a user inputs this word, it will still validate? Thank you for your patience. I'm learning Best R.C. ?php session_start(); $_SESSION ['userpass'] = $_POST ['pass']; $_SESSION ['authuser'] = 0; $login = VIDEOS; if (($_SESSION['userpass'] == $login)) { $_SESSION['authuser'] = 1; ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Case sensitive password
At 8:59 AM -0700 6/19/08, R.C. wrote: Tedd, thank you for your input but it's the site client who wants the user to input this ONE password either upper or lower case...it's for accessing a protected page... nothing major. Nothing major until it is. As for the client, I always said Everyone has the right to be wrong. Ask the client this -- if two users have Cat and cAt for their passwords, what do you think the client's lability would be for changing them both to be identical when neither user approved? As I get older, I think about how to avoid lability more. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Case sensitive password
Hi Tedd, It is NOT the user who determines this ONE password, it's the client... he gives it out to selected folks to input For example: he says to a few people: use video to access this page okay? He would like to make this word case-insensitive so the few people can type in either Video or VIDEO or video. Now in the below code auth snippet WHERE do I input some code to make this one word case-insensitive UPON INPUT. thanks R.C. ?php session_start(); $_SESSION ['userpass'] = $_POST ['pass']; $_SESSION ['authuser'] = 0; $login = VIDEO; if (($_SESSION['userpass'] == $login)) { $_SESSION['authuser'] = 1; tedd [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] At 8:59 AM -0700 6/19/08, R.C. wrote: Tedd, thank you for your input but it's the site client who wants the user to input this ONE password either upper or lower case...it's for accessing a protected page... nothing major. Nothing major until it is. As for the client, I always said Everyone has the right to be wrong. Ask the client this -- if two users have Cat and cAt for their passwords, what do you think the client's lability would be for changing them both to be identical when neither user approved? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Case sensitive password
On Thu, Jun 19, 2008 at 3:11 PM, tedd [EMAIL PROTECTED] wrote: At 8:59 AM -0700 6/19/08, R.C. wrote: Tedd, thank you for your input but it's the site client who wants the user to input this ONE password either upper or lower case...it's for accessing a protected page... nothing major. Nothing major until it is. As for the client, I always said Everyone has the right to be wrong. Ask the client this -- if two users have Cat and cAt for their passwords, what do you think the client's lability would be for changing them both to be identical when neither user approved? As I get older, I think about how to avoid lability more. Cheers, tedd I could be wrong, but I didn't see anything about a username. It sounds to me more like it is a single password shared with all the people who should have access to a specific, non-personalized area of the site. It certainly wouldn't be my preferred way to set up security, but depending on the level of risk involved it may be sufficient. Andrew -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Case sensitive password
Andrew, That is correct. Only ONE password to access a restricted page for selected people. But... they want to make that ONE password case-insensitive. I added the following code with 2 variables now, one being upper case, one being lower case but that, of course, doesn't cover all the variatons on the video word. I'm looking for the code to make this whole word case-insensitive, no matter which letter is cap or not can you add to this code below please? Thanks much R.C. session_start(); $_SESSION ['userpass'] = $_POST ['pass']; $_SESSION ['authuser'] = 0; $login = VIDEO; $login2 = video; if (($_SESSION['userpass'] == $login) or ($_SESSION['userpass'] == $login2)) { $_SESSION['authuser'] = 1; ? Andrew Ballard [EMAIL PROTECTED] wrote in message I could be wrong, but I didn't see anything about a username. It sounds to me more like it is a single password shared with all the people who should have access to a specific, non-personalized area of the site. It certainly wouldn't be my preferred way to set up security, but depending on the level of risk involved it may be sufficient. Andrew -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Case sensitive password
On Thu, Jun 19, 2008 at 4:18 PM, R.C. [EMAIL PROTECTED] wrote: Andrew, That is correct. Only ONE password to access a restricted page for selected people. But... they want to make that ONE password case-insensitive. I added the following code with 2 variables now, one being upper case, one being lower case but that, of course, doesn't cover all the variatons on the video word. I'm looking for the code to make this whole word case-insensitive, no matter which letter is cap or not can you add to this code below please? session_start(); $_SESSION ['userpass'] = $_POST ['pass']; $_SESSION ['authuser'] = 0; $login = VIDEO; $login2 = video; if (($_SESSION['userpass'] == $login) or ($_SESSION['userpass'] == $login2)) { $_SESSION['authuser'] = 1; ? Try this: ?php if(preg_match('/^'.$_SESSION['userpass'].'$/i',$login)) { echo Good.\n; } else { echo Bad.\n; } ? -- /Daniel P. Brown Dedicated Servers - Intel 2.4GHz w/2TB bandwidth/mo. starting at just $59.99/mo. with no contract! Dedicated servers, VPS, and hosting from $2.50/mo. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Case sensitive password
Thank you Daniel, I think that did the trick. Am checking this out now... Best R.C. Daniel Brown [EMAIL PROTECTED] wrote in message session_start(); $_SESSION ['userpass'] = $_POST ['pass']; $_SESSION ['authuser'] = 0; $login = VIDEO; $login2 = video; if (($_SESSION['userpass'] == $login) or ($_SESSION['userpass'] == $login2)) { $_SESSION['authuser'] = 1; ? Try this: ?php if(preg_match('/^'.$_SESSION['userpass'].'$/i',$login)) { echo Good.\n; } else { echo Bad.\n; } ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Case sensitive password
Why not md5 the password, and store the md5 encryption. Then when they type something in, md5 it and compare the md5 strings. That will ensure that it is Case Sensitive On Thu, Jun 19, 2008 at 2:04 PM, R.C. [EMAIL PROTECTED] wrote: Thank you Daniel, I think that did the trick. Am checking this out now... Best R.C. Daniel Brown [EMAIL PROTECTED] wrote in message session_start(); $_SESSION ['userpass'] = $_POST ['pass']; $_SESSION ['authuser'] = 0; $login = VIDEO; $login2 = video; if (($_SESSION['userpass'] == $login) or ($_SESSION['userpass'] == $login2)) { $_SESSION['authuser'] = 1; ? Try this: ?php if(preg_match('/^'.$_SESSION['userpass'].'$/i',$login)) { echo Good.\n; } else { echo Bad.\n; } ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Case sensitive password
At 4:06 PM -0400 6/19/08, Andrew Ballard wrote: I could be wrong, but I didn't see anything about a username. It sounds to me more like it is a single password shared with all the people who should have access to a specific, non-personalized area of the site. It certainly wouldn't be my preferred way to set up security, but depending on the level of risk involved it may be sufficient. Andrew Andrew: I had the exact same case with a client. My client teaches classes and wanted to provide the attendees with a url where they could download PDF files for the class. In this case, they only needed a password AND the password was identical for everyone. Sure attendees could distribute the url and password, but requiring a password makes it just a bit harder than just giving out the url and allowing everyone/thing to download the files. The file were delivered to the user by a password protected script, so no one could bookmark the files. And doing it this way required no effort by my client to keep track of user names. He just taught the class, gave out the url/password, and the software did the rest. So, in this case it made sense. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Case sensitive password
I have coded a php page that accepts a password. What is the code to make sure the password entered is NOT case-sensitive? Thanks much R.C. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Case sensitive password
R.C. wrote: I have coded a php page that accepts a password. What is the code to make sure the password entered is NOT case-sensitive? Before you store the password, make it all lowercase (or uppercase, whatever you prefer). $password = strtolower($password); When you compare the passwords, turn it all to lower (or upper) case before you compare it. -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Case sensitive password
i hate posting the same answer to a given question thats already been posted, but i had this all typed in when chris submitted his answer, so here it is again.. On Wed, Jun 18, 2008 at 10:36 PM, R.C. [EMAIL PROTECTED] wrote: I have coded a php page that accepts a password. What is the code to make sure the password entered is NOT case-sensitive? when you store the password, you can store it as all upper or all lowercase, then when comparing against the stored value, do the same operation to the value supplied from the user, and compare those. and you dont have to modify the original value if you dont want to, when you store it. just remember to alter both the stored value and the user-supplied value when doing comparisons. /// here is an example comparison // get password value from db for user, put it in $storedPassword // suppose the value the user supplied in a form is in variable $userSuppliedPassword // now for the case insensitive comparison if(strtolower($storedPassword) == strtolower($userSuppliedPassword)) // passwords are the same else // passwords are different also note in the above example, there is no encryption of the password, which you almost certainly want to have ;) -nathan
Re: [PHP] Case sensitive password
Thank you for your reply. The password is not stored, actually, like in a databse. We're only dealing with one password. When the user inputs the password, he/she should be able to input either in lower or upper case or both abd they should have access to the protected file in this case. Is this what you are recommending below? Best R.C. Chris [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] R.C. wrote: I have coded a php page that accepts a password. What is the code to make sure the password entered is NOT case-sensitive? Before you store the password, make it all lowercase (or uppercase, whatever you prefer). $password = strtolower($password); When you compare the passwords, turn it all to lower (or upper) case before you compare it. -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Case sensitive password
R.C. wrote: Thank you for your reply. The password is not stored, actually, like in a databse. We're only dealing with one password. When the user inputs the password, he/she should be able to input either in lower or upper case or both abd they should have access to the protected file in this case. As Nathan mentioned, just compare them in the same way. $stored_password = strtolower($stored_password); $user_password = strtolower($user_password); if ($stored_password == $user_password) { echo Yay!; } else { echo No :(; } -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] == case-sensitive?
I've never really payed attention to this before, but now I noticed that == is case-sensitive, how do I make it == with different cases ? Håkan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] == case-sensitive?
I've never really payed attention to this before, but now I noticed that == is case-sensitive, how do I make it == with different cases ? if(strtolower($a) == strtolower($b)) -- Krzysztof Dziekiewicz -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] == case-sensitive?
Hi Hawk, I've never really payed attention to this before, but now I noticed that == is case-sensitive, how do I make it == with different cases ? Just force the case while you're comparing the two: if (strtolower($a) == strtolower($b)) { echo case-insensitive match; } else { echo no match; } Cheers Jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] == case-sensitive?
-Original Message- From: Hawk [mailto:[EMAIL PROTECTED]] Sent: 23 September 2002 12:33 To: [EMAIL PROTECTED] Subject: [PHP] == case-sensitive? I've never really payed attention to this before, but now I noticed that == is case-sensitive, how do I make it == with different cases ? Use strcasecmp(): strcasecmp($a, $b) // returns 0 if strings match case-insensitive // non-zero if not This is slightly unfortunate in that the test you have to do is counter-intuitive: if (strcasecmp($a, $b)): // strings DON'T match else: // strings match case-insensitively endif; Nonetheless, I'd prefer this over case-converting both strings and then comparing, as you're only making a single function call to do a comparison with in-line conversion, as opposed to two function calls for the conversions and then a comparison as well. (I guess I ought to benchmark that -- although it seems obvious, sometimes the obvious isn't!) Cheers! Mike - Mike Ford, Electronic Information Services Adviser, Learning Support Services, Learning Information Services, JG125, James Graham Building, Leeds Metropolitan University, Beckett Park, LEEDS, LS6 3QS, United Kingdom Email: [EMAIL PROTECTED] Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] case sensitive
hi, is there a little thingy that - put into a script - tells php within a mysql query to not care about cases? problem is a mailing script, that always stops, when a mailaddress contains uppercase letters. thanks - u. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] case sensitive
MySQL, on non binary comparisons, is case insensitive. I'm not sure what your problem is, though. Could you try and explain in a little more detail? /* Chris Lambert, CTO - [EMAIL PROTECTED] WhiteCrown Networks - More Than White Hats Web Application Security - www.whitecrown.net */ - Original Message - From: prosite [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, July 08, 2001 1:47 PM Subject: [PHP] case sensitive | hi, | is there a little thingy that - put into a script - tells php within a mysql | query to not care about cases? problem is a mailing script, that always | stops, when a mailaddress contains uppercase letters. | thanks - u. | | | -- | PHP General Mailing List (http://www.php.net/) | To unsubscribe, e-mail: [EMAIL PROTECTED] | For additional commands, e-mail: [EMAIL PROTECTED] | To contact the list administrators, e-mail: [EMAIL PROTECTED] | | | -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]