Thank you for all the helpful input so far!
I have now tried to implement the changes you suggested, but I unfortunately
keep getting an error in line 114, in {-bracket in the switch statement. I
know it is not very desirable to send all the code in a mail, but I think
this is the best solution
Hi guys!
I have now tried to take some of your hints into consideration, by
encrypting the password with md5 adding a salt.
As some of you pointed out, this code is the work of a newbie, that is
totally correct, so please bear with me ;)
I have tried to implement a cookie to remember the login
On Aug 14, 2011, at 8:23 AM, Alekto Antarctica wrote:
Hi guys!
I have now tried to take some of your hints into consideration, by
encrypting the password with md5 adding a salt.
As some of you pointed out, this code is the work of a newbie, that is
totally correct, so please bear with me ;)
On 14 Aug 2011 at 14:23, Alekto Antarctica alekto.antarct...@gmail.com wrote:
*function loggedin()*
*{*
* if (isset($_SESSIONS['username']) || isset($_COOKIE['username']))*
* {*
* $loggedin = true;*
* return $loggedin;*
* }*
*}*
Why not justreturn true;
And what happens if your if
On Sun, 14 Aug 2011, Alekto Antarctica wrote:
I have tried to implement a cookie to remember the login for 48 hours, but
it still logs the user out after the default 24min for a session like this:
* //We compare the submited password and the real one, and we
check if the user
Hello alekto,
I've got several notes to point out:
1. You can't do neither a header(), nor a SetCookie() after any echo on the
page. The out-of-php pieces of the page included.
2. Don't, please please don't store raw passwords in the database! Hash them,
better even adding a salt.
alekto wrote:
Hi,
I have implemented a remember me feature in my login-script, but I can't get
it to function!
If I might be so bold... then you haven't implemented the feature yet,
right? ;-)
I want to make it possible for the users to stay logged in for 30 days.
This is what I got
On Sun, Aug 7, 2011 at 10:03 PM, Donovan Brooke li...@euca.us wrote:
alekto wrote:
Hi,
I have implemented a remember me feature in my login-script, but I can't
get it to function!
If I might be so bold... then you haven't implemented the feature yet,
right? ;-)
I want to make it
On Mon, 2010-08-16 at 09:27 +0530, kranthi wrote:
i would configure apache to let php interpreter handle all kinds of
extensions ( http://httpd.apache.org/docs/2.0/mod/mod_mime.html#addhandler
)
even then u'll have go through all the steps pointed out by Ash.
the only advantage of this
On Sun, 2010-08-15 at 22:15 +0430, Ali Asghar Toraby Parizy wrote:
all files (web pages, pictures, and exe files) and folders in a directory
should be protected against anonymous users.
I create an application with php and mysql for registered users. when a user
registers it's information
i would configure apache to let php interpreter handle all kinds of
extensions ( http://httpd.apache.org/docs/2.0/mod/mod_mime.html#addhandler
)
even then u'll have go through all the steps pointed out by Ash.
the only advantage of this method is more user friendly URL
--
PHP General Mailing
Based off what your saying my guess is that the request is not hitting your
php script.
Is the php script in the protected directory? If so what is it's file name
and what url are you hitting for the test?
Chris.
On Fri, Aug 13, 2010 at 6:21 PM, Ali Asghar Toraby Parizy
On 08/07/10 17:53, Michael Calkins wrote:
I right now have a complete user login and registration system
however it uses cookies when you login to store information. Is this
a bad thing?$_COOKIE vs $_SESSION for login systems
Encrypt the cookie, make sure you don't store the password in
On 9 July 2010 16:42, Gary gp...@paulgdesigns.com wrote:
[snip]
Take a look at https://code.google.com/p/loginsystem-rd/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Richard Quadling rquadl...@gmail.com wrote in message
news:aanlktilbmyedd8paky9dwgn0q7t6kem4zzutu_49u...@mail.gmail.com...
On 9 July 2010 16:42, Gary gp...@paulgdesigns.com wrote:
[snip]
Take a look at https://code.google.com/p/loginsystem-rd/
Richard
Thank you for your quick reply and
On Fri, 2010-07-09 at 15:43 -0400, Gary wrote:
Richard Quadling rquadl...@gmail.com wrote in message
news:aanlktilbmyedd8paky9dwgn0q7t6kem4zzutu_49u...@mail.gmail.com...
On 9 July 2010 16:42, Gary gp...@paulgdesigns.com wrote:
[snip]
Take a look at
Ashley Sheridan a...@ashleysheridan.co.uk wrote in message
news:1278705035.2295.2.ca...@localhost...
On Fri, 2010-07-09 at 15:43 -0400, Gary wrote:
Richard Quadling rquadl...@gmail.com wrote in message
news:aanlktilbmyedd8paky9dwgn0q7t6kem4zzutu_49u...@mail.gmail.com...
On 9 July 2010
On Fri, 2010-07-09 at 15:58 -0400, Gary wrote:
Ashley Sheridan a...@ashleysheridan.co.uk wrote in message
news:1278705035.2295.2.ca...@localhost...
On Fri, 2010-07-09 at 15:43 -0400, Gary wrote:
Richard Quadling rquadl...@gmail.com wrote in message
Ashley Sheridan a...@ashleysheridan.co.uk wrote in message
news:1278705549.2295.4.ca...@localhost...
On Fri, 2010-07-09 at 15:58 -0400, Gary wrote:
Ashley Sheridan a...@ashleysheridan.co.uk wrote in message
news:1278705035.2295.2.ca...@localhost...
On Fri, 2010-07-09 at 15:43 -0400, Gary
On Fri, 2010-07-09 at 16:04 -0400, Gary wrote:
?
?php
That bit of the code has a newline in it, which counts as output :p
I've not looked over the rest yet, but see if that helps.
Thanks,
Ash
http://www.ashleysheridan.co.uk
Ashley Sheridan a...@ashleysheridan.co.uk wrote in message
news:1278706121.2295.5.ca...@localhost...
On Fri, 2010-07-09 at 16:04 -0400, Gary wrote:
?
?php
That bit of the code has a newline in it, which counts as output :p
I've not looked over the rest yet, but see if that helps.
Ashley Richard
I think I found the issue.
In loginGlobals.php, the error was pointing to line 281, when the code
stopped and 278. (I know most of the time this just means there is a missing
bracket or semi-colon in the code), however, what I did is put my curser on
link 281, backspaced to
On Thu, 2010-07-08 at 09:53 -0700, Michael Calkins wrote:
I right now have a complete user login and registration system however it
uses cookies when you login to store information. Is this a bad
thing?$_COOKIE vs $_SESSION for login systems
From,Michael
On Thu, Jul 8, 2010 at 1:00 PM, Ashley Sheridan
a...@ashleysheridan.co.ukwrote:
On Thu, 2010-07-08 at 09:53 -0700, Michael Calkins wrote:
I right now have a complete user login and registration system however it
uses cookies when you login to store information. Is this a bad
At 8:07 PM + 6/29/10, Carlos Sura wrote:
Thank you for your answer Ted, You are right, well, I do have my
login form, but what I do not understand is how to implement switch
statement.
switch ($level){
case 0:
include (admin.php);
break;
case 1:
include (sales.php);
break;
case 2:
At 7:46 PM + 6/29/10, Carlos Sura wrote:
Hello everyone.
I have this question: I'm developing a login system but what I need
is to do is access levels
I mean, in my database I have this users:
Admin
Superusers
sales
purchase
etc
So, What I do basically need is, when a user from sales
Hello Carlos,
Something like this (assuming that the field with the type of the user
- admin, sales, etc. - is called `Status`, and the table is called
`Users`):
$f=mysql_fetch_assoc(mysql_query(SELECT `Status`, COUNT(*) AS
`UserExists` FROM `Users` WHERE
`Name`='.$_POST['name'].' AND
: how do I get to london?, not how do I drive a
car?
Thanks.
Carlos Sura.
Date: Tue, 29 Jun 2010 15:58:10 -0400
To: carlos_s...@hotmail.com; php-general@lists.php.net
From: tedd.sperl...@gmail.com
Subject: Re: [PHP] Login form + User level access
At 7:46 PM + 6/29/10, Carlos Sura
On Fri, 2010-02-19 at 00:30 -0800, David Hutto wrote:
The following script is supposed to validate a username and password in a
mysql db. When entering the username and password of a preregistered user, I
get the following errors:
Warning: mysql_num_rows(): supplied argument is not a
--- On Fri, 2/19/10, Ashley Sheridan a...@ashleysheridan.co.uk wrote:
From: Ashley Sheridan a...@ashleysheridan.co.uk
Subject: Re: [PHP] Login Script: mysql_num_rows(): supplied argument is not a
valid MySQL result resource
To: David Hutto dwightdhu...@yahoo.com
Cc: php-general@lists.php.net
Use Database Online table for user sessions.
2009/8/27 Balasubramanyam A knowledge.wea...@gmail.com:
Hello,
I've written a simple application, where users need to login to access the
features of the application. I want to develop login system such that, if
user is already logged in, the
On Aug 27, 2009, at 8:01 AM, hack988 hack988 hack...@dev.htwap.com
wrote:
Use Database Online table for user sessions.
2009/8/27 Balasubramanyam A knowledge.wea...@gmail.com:
Hello,
I've written a simple application, where users need to login to
access the
features of the
On Thu, Oct 9, 2008 at 8:35 AM, Nathan Rixham [EMAIL PROTECTED] wrote:
Jason Pruim wrote:
On Oct 8, 2008, at 5:48 PM, Stut wrote:
On 8 Oct 2008, at 22:32, Ashley Sheridan wrote:
On Wed, 2008-10-08 at 22:15 +0100, Stut wrote:
Obviously, I'm a programmer, so I probably don't fall into the
Jason Pruim wrote:
On Oct 8, 2008, at 5:48 PM, Stut wrote:
On 8 Oct 2008, at 22:32, Ashley Sheridan wrote:
On Wed, 2008-10-08 at 22:15 +0100, Stut wrote:
Obviously, I'm a programmer, so I probably don't fall into the 'normal'
category for advertising ;)
You may think that but I've
-Original Message-
From: Ashley Sheridan [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 08, 2008 4:05 PM
To: Stut
Cc: Wolf; Richard Heyes; php-general@lists.php.net; Bernhard Kohl
Subject: Re: [PHP] Login
On Wed, 2008-10-08 at 21:45 +0100, Stut wrote:
On 8 Oct 2008, at 21:44
-Original Message-
From: Jason Pruim [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 09, 2008 6:01 AM
To: Stut
Cc: [EMAIL PROTECTED]; PHP LIST
Subject: Re: [PHP] Login
As someone who works in the advertising and marketing field, I can say
I have never seen stats that say
Kohl
Subject: Re: [PHP] Login
On Wed, 2008-10-08 at 21:45 +0100, Stut wrote:
On 8 Oct 2008, at 21:44, Ashley Sheridan wrote:
On Wed, 2008-10-08 at 16:33 -0400, Wolf wrote:
!-- SNIP --
Redirects make sense IMO. IIRC the Yahoo guidelines say not to
redirect after a form POST
Wolf [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
!-- SNIP --
Redirects make sense IMO. IIRC the Yahoo guidelines say not to
redirect after a form POST, but unless you have a ka-jillion page
views a second (or, a lot), then I don't think it's a concern.
Wait, Yahell has
On Oct 8, 2008, at 5:48 PM, Stut wrote:
On 8 Oct 2008, at 22:32, Ashley Sheridan wrote:
On Wed, 2008-10-08 at 22:15 +0100, Stut wrote:
Obviously, I'm a programmer, so I probably don't fall into the
'normal'
category for advertising ;)
You may think that but I've never come across any
I'd like to take this back to the heart of this message and state that
redirecting malicious usage to ratemypoo seems like a perfectly delightful
means of security.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Agreed, funniest
I'd like to take this back to the heart of this message and state that
redirecting malicious usage to ratemypoo seems like a perfectly delightful
means of security.
Agreed, funniest thing I've heard all week!
However if you're wrong, you would have redirected a valid user to
ratemypoo.com...
On Thu, 2008-10-09 at 19:02 +0100, Richard Heyes wrote:
I'd like to take this back to the heart of this message and state that
redirecting malicious usage to ratemypoo seems like a perfectly delightful
means of security.
Agreed, funniest thing I've heard all week!
However if you're
Unless that was the business you were in ;)
True enough, but what kind of business would that be...? :-)
--
Richard Heyes
HTML5 Graphing for FF, Chrome, Opera and Safari:
http://www.rgraph.org
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit:
Richard Heyes wrote:
Unless that was the business you were in ;)
True enough, but what kind of business would that be...? :-)
Rating poo, of course...
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Shawn McKenzie [EMAIL PROTECTED] wrote:
Richard Heyes wrote:
Unless that was the business you were in ;)
True enough, but what kind of business would that be...? :-)
Rating poo, of course...
It's a crappy job, but someone's got to do it... ;)
--
PHP General Mailing List
?php
# I would recommend using the include method. Redirects should always
be second choice, because they are just evil.
# Example code below
$password = md5('swordfish');
$user = 'Trucker Joe';
if ($_POST['user'] == $user md5($_POST['password']) == $password) {
On Wed, 2008-10-08 at 11:52 -0700, Bernhard Kohl wrote:
?php
# I would recommend using the include method. Redirects should always
be second choice, because they are just evil.
# Example code below
$password = md5('swordfish');
$user = 'Trucker Joe';
if ($_POST['user'] == $user
On 8 Oct 2008, at 19:52, Bernhard Kohl wrote:
?php
# I would recommend using the include method. Redirects should always
be second choice, because they are just evil.
In this case I would disagree. On successful login it's normal to
redirect to a useful page rather than just display a page
On Wed, 2008-10-08 at 20:02 +0100, Stut wrote:
On 8 Oct 2008, at 19:52, Bernhard Kohl wrote:
?php
# I would recommend using the include method. Redirects should always
be second choice, because they are just evil.
In this case I would disagree. On successful login it's normal to
I would recommend using the include method. Redirects should always
be second choice, because they are just evil.
In this case I would disagree. On successful login it's normal to redirect
to a useful page rather than just display a page that says congratulations,
you're a real user. In the
!-- SNIP --
Redirects make sense IMO. IIRC the Yahoo guidelines say not to
redirect after a form POST, but unless you have a ka-jillion page
views a second (or, a lot), then I don't think it's a concern.
Wait, Yahell has guidelines?!?!?
You always have to look at the User Experience. You
On Wed, 2008-10-08 at 16:33 -0400, Wolf wrote:
!-- SNIP --
Redirects make sense IMO. IIRC the Yahoo guidelines say not to
redirect after a form POST, but unless you have a ka-jillion page
views a second (or, a lot), then I don't think it's a concern.
Wait, Yahell has guidelines?!?!?
On 8 Oct 2008, at 21:44, Ashley Sheridan wrote:
On Wed, 2008-10-08 at 16:33 -0400, Wolf wrote:
!-- SNIP --
Redirects make sense IMO. IIRC the Yahoo guidelines say not to
redirect after a form POST, but unless you have a ka-jillion page
views a second (or, a lot), then I don't think it's a
On Wed, 2008-10-08 at 21:45 +0100, Stut wrote:
On 8 Oct 2008, at 21:44, Ashley Sheridan wrote:
On Wed, 2008-10-08 at 16:33 -0400, Wolf wrote:
!-- SNIP --
Redirects make sense IMO. IIRC the Yahoo guidelines say not to
redirect after a form POST, but unless you have a ka-jillion page
On 8 Oct 2008, at 22:05, Ashley Sheridan wrote:
On Wed, 2008-10-08 at 21:45 +0100, Stut wrote:
On 8 Oct 2008, at 21:44, Ashley Sheridan wrote:
The only redirects that have p!ssed me off before are those ones
that
big sites put in to make room for their adverts. On more than one
occassion
On Wed, 2008-10-08 at 22:15 +0100, Stut wrote:
I don't disagree that it's not the best model, but it is the best
paying
I have to disagree. Each and every time I've come across this, I've gone
elsewhere. The model doesn't work as far as I can tell. I think the
problem is the people who create
On 8 Oct 2008, at 22:32, Ashley Sheridan wrote:
On Wed, 2008-10-08 at 22:15 +0100, Stut wrote:
I don't disagree that it's not the best model, but it is the best
paying
I have to disagree. Each and every time I've come across this, I've
gone
elsewhere. The model doesn't work as far as I can
What do you mean by open?
You can redirect to a new page:
http://us.php.net/header
or
You can include a file:
http://us.php.net/include/
Thank you,
Micah Gersten
onShore Networks
Internal Developer
http://www.onshore.com
Terry J Daichendt wrote:
I want to open a page if a login is correct and
You can just use a header redirect. For example: if you are at
login.php and the user is authorized, you could use if($auth === true)
{ header(Location: authed_page.php);
} else { header(Location: denied.php); }
On Oct 7, 2008, at 5:44 PM, Terry J Daichendt
[EMAIL PROTECTED] wrote:
I
There is no such function! You have to write the code.
On Wed, Oct 8, 2008 at 6:14 AM, Terry J Daichendt
[EMAIL PROTECTED]wrote:
I want to open a page if a login is correct and another if not. What is the
function to open a page in PHP? Can you show me a simple example of the
syntax?
--
On Wednesday 08 October 2008 06:14:33 am Terry J Daichendt wrote:
I want to open a page if a login is correct and another if not. What is the
function to open a page in PHP? Can you show me a simple example of the
syntax?
There is no such function. You have many options like redirecting a
Quoting Shelley [EMAIL PROTECTED]:
Hi all,
What is your way to organize user login without Client Cookies being
disabled?
Sample code will be appreciated.
Waiting for your reply...
--
Regards,
Shelley
You can use sessions to store data on the server instead of the client.
[quote]
On Tue , Thijs Lensselink [EMAIL PROTECTED] sent:
Quoting Shelley [EMAIL PROTECTED]:
Hi all,
What is your way to organize user login without Client Cookies being
disabled?
Sample code will be appreciated.
Waiting for your reply...
--
Regards,
Shelley
You
Well, as I said the cookies are disabled at the clients.
Anybody any opinions?
On Tue, Jul 15, 2008 at 7:23 PM, Thijs Lensselink [EMAIL PROTECTED] wrote:
Quoting Shelley [EMAIL PROTECTED]:
Hi all,
What is your way to organize user login without Client Cookies being
disabled?
Sample
On Tue, Jul 15, 2008 at 10:15 AM, Shelley [EMAIL PROTECTED] wrote:
Well, as I said the cookies are disabled at the clients.
Anybody any opinions?
Yes, again, STFW before posting here.
Google PHPSESSID.
--
/Daniel P. Brown
Dedicated Servers - Intel 2.4GHz w/2TB bandwidth/mo. starting
Yes, again, STFW before posting here.
Google PHPSESSID.
Call to undefined function Google();
--
/Daniel P. Brown
:)
--
Thiago Henrique Pojda
On Jan 5, 2008 11:50 AM, Reese [EMAIL PROTECTED] wrote:
Daniel Brown wrote:
Do you expect the value of $key in this condition to be a literal zero?
$twoyears = array('alphanumeric_code1', 'alphanumeric_code2',
'alphanumeric_code3', 'alphanumeric_code4',
Daniel Brown wrote:
if(!isset($key=='1')) //caused parse error
That's because isset() isn't able to eval() an expression.
Got it, I see the mistake now.
Remove the !isset() part, or the =='1' part and that will remove
the parse error.
I changed it to if(!isset($key)) and
On Saturday 05 January 2008 22:06:47 Yui Hiroaki wrote:
HI!
I try to login and read ad email in server.
Does any one know how to do this?
Below does not run correctly.
right, the line:
if( !eregi(OK, $line) ) // login faile?if( !eregi(OK, $line) ) //ogin
faile?
it looks just like this?
On Jan 4, 2008 9:54 AM, Reese [EMAIL PROTECTED] wrote:
Greetings,
I've been lurking for several weeks, I thought I'd post to describe
a problem I've been having in the hope that a solution can be found.
And my thanks to Casey, for his offlist assistance with another,
unrelated issue earlier
Web Design Company wrote:
Someone?
Me31!1!1ONE
Please, if you do not need amplifying information or if you do
not intend to pose a suggestion, it is better to remain silent.
I wasn't helped by your Someone? post, no one else was either.
Reese
--
PHP General Mailing List
Someone?
-
http://ooyes.net Web design company | http://ooyes.net Graphic design
company | http://ooyes.net Outsourcing company
--
View this message in context:
http://www.nabble.com/Login-script-problem-tp14618073p14618942.html
Sent from the PHP - General mailing list archive at
Daniel Brown wrote:
[snip=all]
Reese,
While I noticed several areas for improvement in the code (such as
being sure to exit; after calling header(Location: ); ), two
things primarily come to mind:
Do you expect the value of $key in this condition to be a literal zero?
On Jan 4, 2008 11:55 AM, Reese [EMAIL PROTECTED] wrote:
Web Design Company wrote:
Someone?
Me31!1!1ONE
Please, if you do not need amplifying information or if you do
not intend to pose a suggestion, it is better to remain silent.
I wasn't helped by your Someone? post, no one else was
On Mon, June 11, 2007 9:28 pm, Humani Power wrote:
Hi! Im trying to make a login page. I have searched for examples that
makes
me check the user name with a database, and the one that suits better
is
this code.
// Perhaps you have a BLANK LINE right here?
// Even a BLANK LINE counts as
On Mon, 2007-06-11 at 21:28 -0500, Humani Power wrote:
[-- SNIIP --]
I have searched for possible answers, and all I have found is that I
should not send any output before the session_start(); But in this
code the session_start(); output is before anything else.
can you give
The error comes from having output before the session_start(). This
means that anything before the ? would be output. Even a single empty
space.
Janet
Humani Power wrote:
Hi! Im trying to make a login page. I have searched for examples that makes
me check the user name with a database, and
- Original Message -
From: Dave Carrera [EMAIL PROTECTED]
Hi All,
Having a grey brain moment here and need some advise on the logic of this,
should be simple, login script.
I am checking validity of
customer number
customer email
customer password (md5 in mysql)
So i have my form
Dave Carrera wrote:
Hi All,
Having a grey brain moment here and need some advise on the logic of
this, should be simple, login script.
I am checking validity of
customer number
customer email
customer password (md5 in mysql)
So i have my form with relevant fields
Now i am getting problems
Hi Stut,
I think i have found where i am going wrong.
Its in the comparison login for the db result.
So i select * from jfjfjfjf where custno=$_POST[number]
But now i am getting messed up with if cust no not found then all i get
is a blank page but hoping for an error
And i dont think
On p, 2007-02-02 at 12:10 +, Dave Carrera wrote:
Hi Stut,
I think i have found where i am going wrong.
Its in the comparison login for the db result.
So i select * from jfjfjfjf where custno=$_POST[number]
But now i am getting messed up with if cust no not found then all i get
Stut wrote:
I'm not totally clear what the question was in there. Personally I keep
this simple...
?php
$_POST['number'] =
(isset($_POST['number']) ? trim($_POST['number']) : '');
$_POST['email'] =
(isset($_POST['email']) ? trim($_POST['email']) : '');
if
On Fri, February 2, 2007 5:19 am, Dave Carrera wrote:
Having a grey brain moment here and need some advise on the logic of
this, should be simple, login script.
I am checking validity of
customer number
customer email
customer password (md5 in mysql)
So i have my form with relevant
On Fri, February 2, 2007 5:33 am, Satyam wrote:
In login scripts you usually don't tell which part of the login is
wrong,
otherwise, you are hinting at what is right. Once the customer is
logged
in, you are right to be as helpful as possible, but until the customer
proves who he/she is, you
If you are splicing $_POST directly into your SQL, you are DEFINITELY
doing it wrong, but not in the way that you think.
Start reading here:
http://phpsec.org
On Fri, February 2, 2007 6:10 am, Dave Carrera wrote:
Hi Stut,
I think i have found where i am going wrong.
Its in the
On Fri, February 2, 2007 7:05 am, Jürgen Wind wrote:
// Set up the session here, or however you're tracking the
// current customer/user/whatever
header('Location: /somewhere_else');
?
Hope that helps.
-Stut
be aware that you need a session_write_close(); before
header('Location...
Richard Lynch wrote:
And using a re-direct instead of an include is a shocking waste of
HTTP resources imho, but that may not matter if traffic is low.
I generally redirect there because on occasion the login process does
stuff like clear out potentially pre-existing session data from another
Ross wrote:
first how do I check two tables is it?
$sql = SELECT * FROM mytable, mytable2 WHERE username = '$username' AND
userpass = '$userpass';
That depends on what you are trying to achieve. Your example makes no
sense at all. What are you trying to get from each table? How are they
On 15/08/06, Ross [EMAIL PROTECTED] wrote:
Hello,
I have a couple of questions
first how do I check two tables is it?
$sql = SELECT * FROM mytable, mytable2 WHERE username = '$username' AND
userpass = '$userpass';
Secondly my table just sends and returns straight values from the db but I
I would hope that MD5 hashing is MD5 hashing no matter where it
originates. However, I think it's better to use the database server's
implementation. I believe it is less likely to be changed in future
versions, and it removes some processing time from the front end.
Additionally, if you ever
On Tue, August 15, 2006 5:37 am, Ross wrote:
I have a couple of questions
first how do I check two tables is it?
You probably should not have 2 tables at all.
Both username and password would normally be stored in a single record
in the same table
CREATE TABLE user (
user_id int(11)
On Tue, August 15, 2006 5:51 am, Dave Goodchild wrote:
I think the php and mysql md5 functions differ but I may be wrong!
You are wrong. :-)
The whole point of MD5 is that MD5 is MD5, no matter where you go.
Even ASP MD5 is the same as PHP MD5.
Except it probably sucks for being too slow or
Dear SK,
alternately, close previously opened A/C and allow current one. this is
similar to wat yahoo messenger does and is a good safety measure.
1. If u use this technique, ur problem of shutdown would be solved.
2. Alternately, maintain sessions (using session ID) in PHP.
2a. Or just
strange problem, but very similar to links in linux.
you must be maintaining a database or a record file. u can maintain all
links ('users' as u put it) for a given user. if a user logs in through any
of his accounts, check if he/she is logged in another A/C and stop this one.
else, allow log-in
You do know your code is open for sql injection attacks.
php.net search for sql injection and session spoofing
HTH
Andy
On Friday 14 October 2005 09:25, Jochem Maas wrote:
try some code indentation to make it more readable.
someone else pointed you to the 'user' 'name' mismatch already I
try some code indentation to make it more readable.
someone else pointed you to the 'user' 'name' mismatch already I see.
twistednetadmin wrote:
...
session_start();
switch (@$_GET['action']) // Gets set by the form action
{
case login:
$sql = SELECT name FROM DB
WHERE name='$_POST[user]';
[EMAIL PROTECTED] wrote:
I think this is the way I need to write my if statement.
if ( $min $user[ min ] == $min $user[ pin ] == $pin || $pin ==
'allow')
try a couple paretheses to make your intension explicit. your if statement might
work the way you want it but I have no idea - and
William Stokes wrote:
Hello,
I need to create solution for user authentication/recognition in my web
page. I think it would be a good idea to use mysql database for storing the
user info because the user info is later used to determine what parts of
site the recognized user is allowed to update.
I need to create solution for user authentication/recognition in my web
page. I think it would be a good idea to use mysql database for storing the
user info because the user info is later used to determine what parts of
site the recognized user is allowed to update.
William,
Take a look at
OK. Thanks a lot. So I need to studu the $_Session more closely.
Jamie Alessio [EMAIL PROTECTED] kirjoitti
viestissä:[EMAIL PROTECTED]
I need to create solution for user authentication/recognition in my web
page. I think it would be a good idea to use mysql database for storing
the user
1 - 100 of 230 matches
Mail list logo
