William Stokes wrote:
Hello,
I need to create solution for user authentication/recognition in my web
page. I think it would be a good idea to use mysql database for storing the
user info because the user info is later used to determine what parts of
site the recognized user is allowed to update.
I need to create solution for user authentication/recognition in my web
page. I think it would be a good idea to use mysql database for storing the
user info because the user info is later used to determine what parts of
site the recognized user is allowed to update.
William,
Take a look at
OK. Thanks a lot. So I need to studu the $_Session more closely.
Jamie Alessio [EMAIL PROTECTED] kirjoitti
viestissä:[EMAIL PROTECTED]
I need to create solution for user authentication/recognition in my web
page. I think it would be a good idea to use mysql database for storing
the user
Chuck [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Could anyone let me know or point me to where I could find out how to
setup
a login for my php site. I've been looking around and found plenty of
stuff
for PHP/Apache, but nothing for just PHP.
Any help or info about this would
Hi,
You've sent this email to a mailing list with a couple of thousand users.
I'm probably not alone when I say what on earth are you talking about?.
I don't know what PHP-Login is, if you have a problem using whatever
software that may be - please contact them about it.
You can find the PEAR
[snip]
please note this will only catch invalid queries. To catch the event
of the query being perfectly fine, but nothing coming back, just check
the values of num_rows or affected_rows (depending on the query).
[/snip]
um?? this way doesnt work for some strange reason... testing
Hello Andy,
Thursday, March 25, 2004, 9:53:05 AM, you wrote:
AB um?? this way doesnt work for some strange reason... testing
AB affected_rows returns always with 0 so:
AB if(mysql_affected_rows()==0){...}
It depends on your query. If you are doing a SELECT query then you
cannot use
So, just for the sake of me getting this right, it would be better code if i
had the code like this:
?
$UserExists=mysql_query(select * from users where
username='$_POST[username]' and pwd=md5($_POST[password]));
//since query is done see if the user exists
if($UserExists) {
Hello Andy,
Thursday, March 25, 2004, 10:43:54 AM, you wrote:
AB So, just for the sake of me getting this right, it would be better code if i
AB had the code like this:
AB ?
AB $UserExists=mysql_query(select * from users where
AB username='$_POST[username]' and pwd=md5($_POST[password]));
AB
Do you actually need to bring back the user data? What I mean is,
you're selecting * from the users table and doing nothing with it other than
worrying if the query was successful or not.
ops!! I forgot to mention that the username is used elsewhere in a different
file somewhere (to verify the
Hello Andy,
Thursday, March 25, 2004, 11:57:09 AM, you wrote:
AB SELECT COUNT(username) AS hits FROM users WHERE ...
AB dont know because then how would i verify that the valid user was logged in
AB or if they typed the wrong stuff in??
Because it works like this:
SELECT COUNT(username) AS
if ($result)
{
echo Valid user;
} else {
echo Error?;
}
?
/body
/html
-- End here --
Now if what you're saying is correct, the final if result() block
should only print valid user if the user exists in the database,
right?
yup and
Hello Andy,
Thursday, March 25, 2004, 1:17:54 PM, you wrote:
AB yup and believe it or not if($result) only returns true if a valid
AB username/password row can be found otherwise it returns a non existing
AB resource
Absolutely fascinating, I have never seen a MySQL server behave like
this.
Absolutely fascinating, I have never seen a MySQL server behave like
this. Could you post which version of MySQL you're using and perhaps
the MySQL part of phpinfo()? There must be something *somewhere* that
controls this behaviour.
PHP Version 4.0.4pl1
Linux noir.propagation.net 2.0.36 #5 Wed
Hello Andy,
Thursday, March 25, 2004, 5:45:52 PM, you wrote:
AB PHP Version 4.0.4pl1
Wow, that's an old version of PHP! It could be the cause of this,
there's nothing in you phpinfo to give anything else away (i.e. it's
identical to mine).
--
Best regards,
Richard Davey
[snip]
There is no way to inject any kind of data to the super-global Arrays at all
[snip]
duhhh...how come i didnt think of that... well..guess its long nights
without coffee.. tnx...
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
$user = $HTTP_GET_VARS[user];
$pass = $HTTP_GET_VARS[pass];
$real = superduperunlieklytobeguesedpass;
if($user == $validuser $pass == $real)
{
echo thank you for logging in here is the page;
?
HTML
etc
?php } else {
die(You supid idiot thats not a valid login);
?
and call the page as
Depending on how secure the login information needs to be, you could just
store it in a text file, maybe using password() to encrypt passwords. You
could then access it using fopen() and save the contents of the file in an
array.
I'm not too hot on login and authentication though myself! I did
18 matches
Mail list logo