General Programming Help
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
 
User Name:
Password:
Remember me
 



Go Back   Dev Articles Community ForumsProgrammingGeneral Programming Help

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
Thread Tools Search this Thread Display Modes
 
Unread Dev Articles Community Forums Sponsor:
  #1  
Old January 8th, 2003, 08:40 PM
sara_lauren sara_lauren is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Jan 2003
Location: UK
Posts: 32 sara_lauren User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
Login page help

Hiya people.

I'm having trouble doing this login page. What do these errors mean?

Warning: Cannot send session cookie - headers already sent by (output started at c:\program files\apache group\apache\htdocs\validate.php:6) in c:\program files\apache group\apache\htdocs\validate.php on line 14

Warning: Cannot send session cache limiter - headers already sent (output started at c:\program files\apache group\apache\htdocs\validate.php:6) in c:\program files\apache group\apache\htdocs\validate.php on line 14

Thanx
__________________

Reply With Quote
  #2  
Old January 8th, 2003, 08:49 PM
Attila Attila is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Aug 2002
Posts: 67 Attila User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 17
This has been discused here alot...Try this link if it dosen't help ask here again and we will do our best
Check this post
__________________
Thanks,
Attila
http://www.glorynaspiration.com
http://www.abitofthings.com

Reply With Quote
  #3  
Old January 8th, 2003, 10:02 PM
Ben Rowe
Guest
Dev Articles Newbie (0 - 499 posts)
 
Posts: n/a  
Time spent in forums:
Reputation Power:
your headers are being outputted early, so to stop this, you should use

ob_start();

at the very beggining of each page that is called in the browser.

Reply With Quote
  #4  
Old January 9th, 2003, 01:15 AM
sara_lauren sara_lauren is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Jan 2003
Location: UK
Posts: 32 sara_lauren User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
Unhappy

Hiya,

I tried everything but it still won't work. I'm not even sure where the ob_start(); functions should be put in.
Can u please tell me what's wrong with the code??


Thanx
Attached Files
File Type: txt validate.txt (1.5 KB, 763 views)

Reply With Quote
  #5  
Old January 9th, 2003, 02:33 AM
Taelo Taelo is offline
5B's
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Oct 2002
Location: PC, FL
Posts: 366 Taelo User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 30 m 59 sec
Reputation Power: 17
here is one of my login scripts. use it if you like

PHP Code:
<?php

include('../config.inc.php');
include(
'functions.inc.php');

if(
$_POST['submit'])
{
    
$errors '';
    
    if(empty(
$_POST['username']) || empty($_POST['password']))
        
$errors "Please Specify both a Username and a Password";
    
    
$check_user mysql_query("SELECT a_id, uName, password FROM admin WHERE uName = '{$_POST['username']}' AND password = '{$_POST['password']}'");
    if(
mysql_num_rows($check_user) == 0)
        
$errors "Incorrect Login Information";
    
    if(
$errors != '')
    {
?>
        <script language="javascript">
            alert("<?php echo $errors?>");
        </script>
    <?}
    else
    {
        
$user mysql_fetch_row($check_user);
        
        
$check_user_rights mysql_query("SELECT * FROM admin_rights WHERE FK_a_id = '$user[0]'");
        
$user_rights mysql_fetch_row($check_user_rights);
        
        
$_SESSION['a_id'] = $user[0];
        
$_SESSION['uName'] = $user[1];
        
        
$_SESSION['add_user'] = $user_rights[1];
        
$_SESSION['edit_user'] = $user_rights[2];
        
$_SESSION['delete_user'] = $user_rights[3];
        
$_SESSION['view_logs'] = $user_rights[4];
        
        
logit($_SESSION['uName'], $_CONF['datetime'], $_CONF['user_ip'], $_CONF['function'][1]);
        
        
header("Location: index.php");
    }
}

?>



Kepp in mind sara_lauren that this all happens before any html gets output.
__________________
-- Jason

Reply With Quote
  #6  
Old January 9th, 2003, 08:24 PM
sara_lauren sara_lauren is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Jan 2003
Location: UK
Posts: 32 sara_lauren User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
Hiya!

Thanx a lot Taelo for the login code but I got these error messages though.What exactly should config.inc.php and functions.inc.php have in them? And why do I always get these errors when the include command is used?


Warning: Failed opening '../config.inc.php' for inclusion (include_path='.;c:\php4\pear') in c:\program files\apache group\apache\htdocs\alogin.php on line 3

Warning: Failed opening 'functions.inc.php' for inclusion (include_path='.;c:\php4\pear') in c:\program files\apache group\apache\htdocs\alogin.php on line 4

PS Oh and just wanna make sure bout this but the php.ini file...where exactly is it supposed to be?Does it have to be where I put the MSVCRT.DLL file( in system32) or can it be placed anywhere?

Reply With Quote
  #7  
Old January 9th, 2003, 08:36 PM
Taelo Taelo is offline
5B's
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Oct 2002
Location: PC, FL
Posts: 366 Taelo User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 30 m 59 sec
Reputation Power: 17
ok,...you are getting the first 2 errors cause you don't have the files,

config.inc.php and
functions.inc.php

I have all my user selectable stuff, and my database connection code in config.inc.php.

so Just remove those 2 lines

As for the php.ini. Mine is in C:\WINNT\php.ini

Hope that helps

Reply With Quote
  #8  
Old January 9th, 2003, 09:01 PM
Ben Rowe
Guest
Dev Articles Newbie (0 - 499 posts)
 
Posts: n/a  
Time spent in forums:
Reputation Power:
Quote:
Originally posted by sara_lauren
Hiya,

I tried everything but it still won't work. I'm not even sure where the ob_start(); functions should be put in.
Can u please tell me what's wrong with the code??


Thanx


As i said before, you need to place that function at the START of each page.

Reply With Quote
  #9  
Old January 10th, 2003, 03:31 AM
sara_lauren sara_lauren is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Jan 2003
Location: UK
Posts: 32 sara_lauren User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
Question

Hiya!

Okay I stopped getting any errors...but I don't have anything showing on the screen...

is this code correct?


<?php



$connection = @mysql_connect("localhost", "root", "")
or die(mysql_error());

if ($connection) {

$msg = "SUCCESS!";

}



if($_POST['submit'])
{
$errors = '';

if(empty($_POST['username']) || empty($_POST['password']))
$errors = "Please Specify both a Username and a Password";

$check_user = mysql_query("SELECT a_id, uName, password FROM admin WHERE uName = '{$_POST['username']}' AND password = '{$_POST['password']}'");
if(mysql_num_rows($check_user) == 0)
$errors = "Incorrect Login Information";

if($errors != '')
{?>
<script language="javascript">
alert("<?php echo $errors; ?>");
</script>
<?}
else
{
$user = mysql_fetch_row($check_user);

$check_user_rights = mysql_query("SELECT * FROM admin_rights WHERE FK_a_id = '$user[0]'");
$user_rights = mysql_fetch_row($check_user_rights);

$_SESSION['a_id'] = $user[0];
$_SESSION['uName'] = $user[1];

$_SESSION['add_user'] = $user_rights[1];
$_SESSION['edit_user'] = $user_rights[2];
$_SESSION['delete_user'] = $user_rights[3];
$_SESSION['view_logs'] = $user_rights[4];

logit($_SESSION['uName'], $_CONF['datetime'], $_CONF['user_ip'], $_CONF['function'][1]);

header("Location: index.php");
}
}

?>

Reply With Quote
  #10  
Old January 10th, 2003, 11:03 AM
Taelo Taelo is offline
5B's
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Oct 2002
Location: PC, FL
Posts: 366 Taelo User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 30 m 59 sec
Reputation Power: 17
well a couple of things,...I offered that up as instructional/sample code

if you wanna use it, you are going to have to modify it to suit your needs.

like my 'logit' function won't work cause you don't have my functions file.

and unless you set your tables and fields up like mine, that won't work at all.


Reply With Quote
  #11  
Old January 11th, 2003, 06:37 AM
Jeb. Jeb. is offline
"l33t? What's l33t?"
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Aug 2002
Posts: 51 Jeb. User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 17
Send a message via AIM to Jeb.
Sara, the reason your first script wouldn't work (validate.php) was because you sent HTML tags to the browser before you opened the script (<?php). After you do this, you can't send any more headers.

Just a quick warning to those who don't already know: whitespace counts as browser output.

So, if you have blank lines or spaces, tabs, etc before your PHP opening tag, you can't send headers - because you've already outputted text to the browser. ob_start() won't fix this.

Make sure you've no gaps between the start of your document and the <?php. The first character in your document should be the <, if you intend to send headers.
__________________
Jeb.

AIM: JebediahMc - PM Me - E-Mail Me


Last edited by Jeb. : January 11th, 2003 at 06:40 AM.

Reply With Quote
  #12  
Old January 12th, 2003, 09:14 PM
sara_lauren sara_lauren is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Jan 2003
Location: UK
Posts: 32 sara_lauren User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
Hi all!
I started again with a login form but I don't know what's wrong with it!!

Not matter what values I enter it still won't go through...
PLEASE tell me what's wrong with my script.I'm getting really desperate in my project.

[show_login.html]

<HTML>
<HEAD>
<TITLE>Login</TITLE>
</HEAD>
<BODY>
<H1>Login to secret area</H1>
<FORM METHOD="POST" ACTION="do_authuser.php">
<P><STRONG>Username:</STRONG><BR>
<INPUT TYPE="text" NAME="username" SIZE=25 MAXLENGTH=25></p>
<P><STRONG>Password:</STRONG><BR>
<INPUT TYPE="password" NAME="password" SIZE=25 MAXLENGTH=25></p>
<P><INPUT TYPE="SUBMIT" NAME="submit" VALUE="Login"></P>
</FORM>
</BODY>
</HTML>

[do_authuser.php]

<?php

if ( (!$_POST[username]) || (!$_POST[password]) )
{ header("Location: http://localhost/show_login.html");
exit;}

$db_name = "testDB";
$table_name = "auth_users";

$connection = @mysql_connect("localhost", "root", "") or die(mysql_error());

$db = @mysql_select_db($db_name, $connection) or die(mysql_error());

$sql = "SELECT * FROM $table_name WHERE username = '$_POST[username]' AND password = password('$_POST[password]')";

$result = @mysql_query($sql,$connection) or die(mysql_error());

$num = mysql_num_rows($result);

if ($num != 0) {
$msg = "<P>Congratulations, you're authorized!</p>";
} else {
header("Location: http://localhost/show_login.html");
exit;
}

?>

<HTML>
<HEAD>
<TITLE>Secret Area</TITLE>
</HEAD>
<BODY>
<?php echo "$msg"; ?>
</BODY>
</HTML>

Reply With Quote
  #13  
Old January 12th, 2003, 09:48 PM
jpenn jpenn is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Oct 2002
Location: Washington, DC
Posts: 317 jpenn User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 m 3 sec
Reputation Power: 17
Are you getting errors? If so, which I believe you are, post them. I believe you are getting errors because this is wrong ->
PHP Code:
if ( (!$_POST[username]) || (!$_POST[password]) )
/*********************
Change the above to ->
*********************/
if ( ( !$_POST['username'] ) || ( !$_POST['password'] ) ) 

Now, if your script still isn't working, remove the error supression ( @ ) from your mysql function calls and see what the error is and post the errors here so we can give you a quick fix...
__________________
~ Joe Penn

We work for free to help make this a valuable resource on the internet. Do you appreciate the help - did we provide help that will help you prosper and help that has contributed to sharpening your current skill set?

Show your appreciation and purchase something from our Amazon Wishlist's - it's simple and a great way to say thank you.




Reply With Quote
  #14  
Old January 14th, 2003, 01:31 AM
sara_lauren sara_lauren is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Jan 2003
Location: UK
Posts: 32 sara_lauren User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
Hi all!
I did what u told me to do and I got this error:

Parse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in c:\program files\apache group\apache\htdocs\do_authuser.php on line 13


Line 13 is this:
$sql = "SELECT * FROM $table_name WHERE username = '$_POST['username']' AND password = password('$_POST['password']')";

What's wrong with the code above?? Thanx

Reply With Quote
  #15  
Old January 14th, 2003, 02:47 AM
vlasblom vlasblom is offline
Registered User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Oct 2002
Location: Netherlands
Posts: 14 vlasblom User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 8 m 45 sec
Reputation Power: 0
Hi sara_lauren,

Change your line 13 to:

$sql = "SELECT * FROM $table_name WHERE username = '$_POST[username]' AND password = password('$_POST[password]')";

In other words remove the quotes inside the brackets of the $_POST array.

Regards

Reply With Quote
  #16  
Old January 14th, 2003, 02:13 PM
sara_lauren sara_lauren is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Jan 2003
Location: UK
Posts: 32 sara_lauren User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
Hi all!

I did that as well and guess what......it still doesn't work!
I don't know what's wrong...


does anyone have ANY idea why the code isn't working???
Thanx

Reply With Quote
  #17  
Old January 14th, 2003, 06:39 PM
FrankieShakes FrankieShakes is offline
Frank The Tank!
Dev Articles Beginner (1000 - 1499 posts)
 
Join Date: Jun 2002
Location: Toronto, Canada
Posts: 1,240 FrankieShakes User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 18
Send a message via ICQ to FrankieShakes Send a message via MSN to FrankieShakes
Sara_lauren,

Are you receiving any error messages now? If not, take JPenn's advice, and remove the @ in front of your mysql query executions...
__________________
____________________________________________
Developer Shed Weekly Writer | DevArticles Forum Moderator
Build Your Own KlipFolio Klip With PHP
FrankManno.com - Under Construction
Design Interactive Group - Under Construction

Reply With Quote
  #18  
Old January 14th, 2003, 08:24 PM
sara_lauren sara_lauren is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Jan 2003
Location: UK
Posts: 32 sara_lauren User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
That's the problem....there r no error messages even though I took off all the @s. Is there something wrong with the code or could it be the configuration??

Reply With Quote
  #19  
Old January 14th, 2003, 09:28 PM
FrankieShakes FrankieShakes is offline
Frank The Tank!
Dev Articles Beginner (1000 - 1499 posts)
 
Join Date: Jun 2002
Location: Toronto, Canada
Posts: 1,240 FrankieShakes User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 18
Send a message via ICQ to FrankieShakes Send a message via MSN to FrankieShakes
Here's a suggestion... For debugging purposes, take out the lines where you have the header() commands, and use output debug statements:

PHP Code:
if ( (!$_POST[username]) || (!$_POST[password]) ) { 
  
//header("Location: [url]http://localhost/show_login.html[/url]");
  
echo("Form Not completed");
  exit();
}

$db_name "testDB";
$table_name "auth_users";

$connection = @mysql_connect("localhost""root""") or die(mysql_error());

$db = @mysql_select_db($db_name$connection) or die(mysql_error());

$sql "SELECT * FROM $table_name WHERE username = '$_POST[username]' AND password = password('$_POST[password]')";

$result = @mysql_query($sql,$connection) or die(mysql_error());

$num mysql_num_rows($result);

if (
$num != 0) {
  
$msg "<P>Congratulations, you're authorized!</p>";
} else {
  
//header("Location: [url]http://localhost/show_login.html[/url]");
  
echo("Not authorized");
  exit();



I'm wondering if there may be a problem somewhere in your if/else blocks.... Try that out, and let me know which message is displayed.

Reply With Quote
  #20  
Old January 15th, 2003, 12:40 AM
sara_lauren sara_lauren is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Jan 2003
Location: UK
Posts: 32 sara_lauren User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
Smile

Hi all!!

I solved it!! I was writing
if ($num != 0)
instead of
if ($num =! 0)
and it's working now!!

But it's still not working properly....it allows me to go to login with ANY name and password even if it's not in the tables
How do I make sure that BOTH the username and coressponding password are correct??

Reply With Quote
  #21  
Old January 16th, 2003, 07:38 AM
sara_lauren sara_lauren is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Jan 2003
Location: UK
Posts: 32 sara_lauren User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
Unhappy PLEASE help

Hi All! Hey FrankieShakes!

I tried out ur code and it gives me this error message:
Not authorized

I'm so confused!
When I put in $num != 0 it doesn't work on even the correct usernames and passwords but when I put in $num =! 0 it works on any usernames and passwords(even if they're not correct!!)

I'm at my wit's end here.I can't find the problem in the code.Please help me out people!

Reply With Quote
  #22  
Old January 16th, 2003, 07:46 AM
vlasblom vlasblom is offline
Registered User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Oct 2002
Location: Netherlands
Posts: 14 vlasblom User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 8 m 45 sec
Reputation Power: 0
Exclamation

sara_lauren,


Quote:
I solved it!! I was writing
if ($num != 0)
instead of
if ($num =! 0)
and it's working now!!

By writing your comparisment this way it will always pass.

What is happening is priority in execution.
First, will the value '!0' be assigned to '$num', which in turn is evaluated for the 'if-statement' and always pass, because

!0 == 1

Change the evaluation statement back to the original statement or write

if( $num > 0 )

instead.

I think you should concentrate upon the values stored in the database for user and password.
A possible cause could be that the password entered by the user on the form is plain text, while the password stored in the database is encoded (e.g. md5).

regards,

Last edited by vlasblom : January 16th, 2003 at 07:54 AM.

Reply With Quote
  #23  
Old January 16th, 2003, 09:31 PM
ramz ramz is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Jan 2003
Location: Juiz de Fora - MG- Brazil
Posts: 93 ramz User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
Send a message via ICQ to ramz Send a message via MSN to ramz
Solve the problem

Put this line as the 1st line of your code:

ob_start();

And put this one as the last one:

ob_flush();
__________________
Regards,
Ramiro Varandas Jr.

Reply With Quote
  #24  
Old January 17th, 2003, 11:39 AM
sara_lauren sara_lauren is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Jan 2003
Location: UK
Posts: 32 sara_lauren User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
Smile

Oh my God!Thank u so much vlasblom!

I changed my login form so that when the password is entered it's sent as 'text' instead of stars.And it worked!
I haven't tried ur suggestion yet ramz but I don't think I'll need to now.
Is there anyway that I can send the password as text and still not show it as text when it's filled in the form?

Thanx people!U really saved me!

Reply With Quote
  #25  
Old January 17th, 2003, 08:30 PM
ramz ramz is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Jan 2003
Location: Juiz de Fora - MG- Brazil
Posts: 93 ramz User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
Send a message via ICQ to ramz Send a message via MSN to ramz
Look Sara, when you put a field in your form to act as a password field, you put like this:

<input type="password" name="field_name">

When PHP receive this value, it receives it as text, this is so true that if you do:

<?=$field_name;?>

Will print the password as text on the screen.
But if you want to use:

<input type="text" name="field_name">

As your password field and not show the password, I think that you could use JavaScript, so I've created a function that will change the typed character for another one that you can pick (to pick them, change the JavaScript lines where is writen "Change This Line 1" and "Change This Line 2" to the character you want, in the case of my test I used #).

------- Put this JavaScript at your HTML Header Code -----------

<script language="JavaScript">
var final_string;
final_string = "";
function dontShow() {
var typed_value, found_char, string_size, last_char, i, response_string;
response_string = "";
// Change the line below to your form name and field name
typed_value = document.myForm.field_name.value;
found_char = typed_value.indexOf("#"); // Change This Line 1
if(found_char != -1) {
string_size = typed_value.length;
string_size = string_size - 1;
last_char = typed_value.substring(string_size,1);
} else {
string_size = typed_value.length;
string_size = string_size - 1;
last_char = typed_value;
}
final_string += last_char;
string_size = string_size + 1;
for(i = 0; i < string_size; i++) {
response_string += "#"; // Change This Line 2
}
// Change the line below to your form name and field name
document.myForm.field_name.value = response_string;
return true;
}
</script>

------ To use this function in your HTML, take a look below -------

<form name="myForm" method="post" action="">
<input type="text" name="field_name" onKeyUp="dontShow();">
<input type="submit" value="Submit">
</form>


I don't know if it's this what you're looking for, but I hope that this helps.

Reply With Quote
  #26  
Old January 18th, 2003, 11:35 AM
sara_lauren sara_lauren is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Jan 2003
Location: UK
Posts: 32 sara_lauren User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
Hi all! Hi ramz!
Do u know how to do it without any javascript?As in using only php?I don't think my supervisor wants me to use any other languages.
Thanx anyway

Reply With Quote
  #27  
Old January 18th, 2003, 02:22 PM
FrankieShakes FrankieShakes is offline
Frank The Tank!
Dev Articles Beginner (1000 - 1499 posts)
 
Join Date: Jun 2002
Location: Toronto, Canada
Posts: 1,240 FrankieShakes User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 18
Send a message via ICQ to FrankieShakes Send a message via MSN to FrankieShakes
Sara_lauren,

How are you storing the passwords in the database? Are you using the MD5 or the Password method?

What you need to do is ensure that you're comparing the password the user enters in the form to the password that is stored in the database, using the same algorithm; otherwise, you will never have an authorized login.

Here's an example, assuming MD5 is being used:
PHP Code:
 $password MD5($_POST['password']);
.
.
.
$sql "SELECT * FROM $table_name WHERE username = '$_POST[username]' AND password = $password"


As I said, make sure you're converting the password in the same manner for storing and verifying. What script are you using to store user information?

Reply With Quote
  #28  
Old January 18th, 2003, 06:11 PM
ramz ramz is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Jan 2003
Location: Juiz de Fora - MG- Brazil
Posts: 93 ramz User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
Send a message via ICQ to ramz Send a message via MSN to ramz
Hum... now it's getting hard...

Hi Sara.
Hum, doing that without using JavaScript will be dificult, because you want to use a normal text field for the user to type a password and not to show the typed password. JavaScript and vbScript would be the only languages to perform a live action on the client side, with PHP would be impossible, because PHP is server-side.

Reply With Quote
  #29  
Old January 19th, 2003, 11:35 AM
sara_lauren sara_lauren is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Jan 2003
Location: UK
Posts: 32 sara_lauren User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
Hi all!
Ok basically I'm storing the passwords in the mysql table as plain text...what can I do then?

Reply With Quote
  #30  
Old January 19th, 2003, 04:17 PM
ramz ramz is offline
Contributing User
Dev Articles Newbie (0 - 499 posts)
 
Join Date: Jan 2003
Location: Juiz de Fora - MG- Brazil
Posts: 93 ramz User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 16
Send a message via ICQ to ramz Send a message via MSN to ramz
How to store passwords in MySQL

Hi Sara.
You can store passwords in MySQL in a more secure way.
To do that, when you insert the password at MySQL, use the command PASSWORD(''), like in the example below:

INSERT INTO table (pass_field) VALUES (PASSWORD('$pass_field'));

This will make the password to be stored in an encrypted way, so that when you make a select, just use this:

SELECT * FROM table WHERE pass_field = PASSWORD('$pass_field');

Using this makes your data more secure and unreadable by humans.

Reply With Quote
Reply

Viewing: Dev Articles Community ForumsProgrammingGeneral Programming Help > Login page help


Developer Shed Advertisers and Affiliates


Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump

Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 


Powered by: vBulletin Version 3.0.5
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.

© 2003-2018 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap