Php help needed!! its urgent!! Please giv me a proper soln!

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
kingmaker
Forum Newbie
Posts: 6
Joined: Tue Jun 02, 2009 7:24 am

Php help needed!! its urgent!! Please giv me a proper soln!

Post by kingmaker »

Hii...!
i am designing a site.I created users registration and login forms and also created users database!
While i checkd the form whether its working or not.. the informations from the form is properly sent its show no sql or php error. while i checked my database the Form data is not updated..! the following is the simple code of my form:

Code: Select all

 
Name--> reg.php
 
<form action="process.php" method="post">
 
<table width="80%" border="0">
<tr>
<td><b>First Name *&nbsp;</b> <br><br></td>
<td><input type="text" name="fname"><br><br></td>
</tr>
<tr>
<td><b>Last  Name *&nbsp;</b> <br><br></td>
<td><input type="text" name="lname"><br><br></td>
</tr>
<tr>
<td><b>Username *&nbsp;</b> <br><br></td>
<td><input type="text" name="username"><br><br></td>
</tr>
<tr>
<td><b>Password *&nbsp;</b> <br><br></td>
<td><input type="password" name="pass"><br><p>minimum 6 charectors. "_ - . " are allowed</p></td>
</tr>
<tr>
<td><b>Re-type *&nbsp;</b> <br><br></td>
<td><input type="password" name="pass2"><br></td>
</tr>
<tr>
<tr>
<td><b>Email &nbsp;</b> <br><br></td>
<td><input type="text" name="email"><br><br></td>
</tr>
<tr>
<td><b>Phone &nbsp;</b> <br><br></td>
<td><input type="text" name="phone"><br><br></td>
</tr>
<--- etc including country, address, date of birth -->
<td>
<input type=submit value=submit>
<br><br>
<input type=reset value=reset></td>
</tr>
</form>
 
 
For --> process.php

Code: Select all

 
 
<?php
 
$fname=$_POST['fname'];
$lname=$_POST['lname'];
$username=$_POST['username'];
$password=$_POST['pass];
$email=$_POST['email'];
$address=$_POST['address'];
$city=$_POST['city'];
$state=$_POST['state'];
$country=$_POST['country'];
$phone=$_POST['phone'];
 
 
mysql_connect("localhost", "mydatabase", "(mypassword)") or die(mysql_error());
mysql_select_db("202457") or die(mysql_error());
mysql_query("INSERT INTO `forms` VALUES ('$fname', '$lname', '$email', '$address', '$city', '$state', '$phone','$country','$username,'$password')");
Print "Your information has been successfully added to the database. please click back to Home";
?> 
 
Then i created database for it..

Code: Select all

 
CREATE TABLE `forms` (
`fname` VARCHAR( 255 ) NOT NULL ,
`lname` VARCHAR( 255 ) NULL ,
`address` VARCHAR( 255 ) NULL ,
`city` VARCHAR( 255 ) NULL ,
`state` VARCHAR( 255 ) NULL ,
`phone` VARCHAR( 255 ) NULL ,
`email` MEDIUMINT( 255 ) NOT NULL ,
`country` VARCHAR( 255 ) NULL 
) ENGINE = MYISAM 
 
The form processing and sents the informations. but it wont update in my database
and cant process during login
My login code is:

Code: Select all

 
<?php
// Connects to your Database
mysql_connect("localhost", "my database", "my password") or die(mysql_error());
mysql_select_db("my database") or die(mysql_error());
 
//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))
 
//if there is, it logs you in and directes you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM forms WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
}
else
{
header("Location: members.php");
 
}
}
}
 
//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted
 
// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database
 
if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM forms WHERE username = '".$_POST['username']."'")or die(mysql_error());
 
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=reg.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);
 
 
//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
 
else
{
 
// if login is ok then we add a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['username'], $hour);
setcookie(Key_my_site, $_POST['pass'], $hour);
 
//then redirect them to the members area
header("Location: members.php");
}
}
}
else
{
// if they are not logged in
header("Location: reg.php");
 
}
?>
 
If my code is wrong please giv me full code with above informations.. please reply me to my email
ikingmaker@ymail.com and also reply here!! Send the code soon to mu email!! please its urgent
[/b]
mattpointblank
Forum Contributor
Posts: 304
Joined: Tue Dec 23, 2008 6:29 am

Re: Php help needed!! its urgent!! Please giv me a proper soln!

Post by mattpointblank »

You don't see any SQL errors because you didn't tell php to show you them. In your process.php file, change your INSERT query to look like this:

Code: Select all

 
$query = "INSERT INTO `forms` VALUES ('$fname', '$lname', '$email', '$address', '$city', '$state', '$phone', '$country', '$username', '$password')";
mysql_query($query) or die("Error: " . mysql_error() . "<br />" . $query );
 
This will show an error if the query fails, and you can see the query that was sent to the server. This should help you debug.

EDIT: Looks like you missed a single quote mark after $username which won't have helped either - it's fixed in my code above.
mattpointblank
Forum Contributor
Posts: 304
Joined: Tue Dec 23, 2008 6:29 am

Re: Php help needed!! its urgent!! Please giv me a proper soln!

Post by mattpointblank »

In reply to your email to me ("But what about login ? its shows Invalid password!") - this is probably because there aren't any records in your database if they're not inserting properly. Make sure the rows are there first before you try to log in.
mattpointblank
Forum Contributor
Posts: 304
Joined: Tue Dec 23, 2008 6:29 am

Re: Php help needed!! its urgent!! Please giv me a proper soln!

Post by mattpointblank »

Kingmaker, please post your replies here rather than emailing me - then other people can learn from the problem/solution:

Kingmaker's email:

"No frnd it is there! just see sql script in my post, and also tell me y the password script save in some other code? For example: the real password is "123456" but in my database it shows "594f803b380a41396ed63dca39503542"
Explain me pls!"

Your password is being encrypted using the md5() function on this part:

$_POST['pass'] = md5($_POST['pass']);

This means that in your database, it's stored in encrypted form for security. When a user logs in, the line above converts their password to md5 and compares it to the one in the database. When you add a new user to your site, you need to make sure the password that gets saved in the database also has the md5() function applied to it, so when they try to login, it compares correctly.
kingmaker
Forum Newbie
Posts: 6
Joined: Tue Jun 02, 2009 7:24 am

Re: Php help needed!! its urgent!! Please giv me a proper soln!

Post by kingmaker »

Can't i save there passwords without encrypt??
mattpointblank
Forum Contributor
Posts: 304
Joined: Tue Dec 23, 2008 6:29 am

Re: Php help needed!! its urgent!! Please giv me a proper soln!

Post by mattpointblank »

You can, but you shouldn't - it's a big security hole to store user password without encryption. If anyone ever got access to your database, they could do a lot of damage using your users' passwords.
kingmaker
Forum Newbie
Posts: 6
Joined: Tue Jun 02, 2009 7:24 am

Re: Php help needed!! its urgent!! Please giv me a proper soln!

Post by kingmaker »

ok! how can i decrypt and show the password of users when they forgot thier password?
mattpointblank
Forum Contributor
Posts: 304
Joined: Tue Dec 23, 2008 6:29 am

Re: Php help needed!! its urgent!! Please giv me a proper soln!

Post by mattpointblank »

That's the hard part. It's generally better to use one way encryption, eg, something you can't (easily) decrypt into its plaintext. The best option for forgetting password is to generate a temporary password for the user and reset their password to this value, then email them the new password to ensure only they can access it. They can change it when they log back in.

This method of storing/retrieving passwords is the most commonly used one. Some sites store passwords in plaintext and attract a lot of criticism when this is discovered.
kingmaker
Forum Newbie
Posts: 6
Joined: Tue Jun 02, 2009 7:24 am

Re: Php help needed!! its urgent!! Please giv me a proper soln!

Post by kingmaker »

brother! can you tell me the script how to convert password in encrypt one(as you told about md5()) and save in database! It is difficult to me! :cry:
mattpointblank
Forum Contributor
Posts: 304
Joined: Tue Dec 23, 2008 6:29 am

Re: Php help needed!! its urgent!! Please giv me a proper soln!

Post by mattpointblank »

Before you insert the data to your table, just run the md5() function on the password.

Code: Select all

 
$password = md5($password);
mysql_query("INSERT INTO `forms` VALUES ('$fname', '$lname', '$email', '$address', '$city', '$state', '$phone','$country','$username','$password')");
 
User avatar
mikemike
Forum Contributor
Posts: 355
Joined: Sun May 24, 2009 5:37 pm
Location: Chester, UK

Re: Php help needed!! its urgent!! Please giv me a proper soln!

Post by mikemike »

He's alreaqdy told you, simply use the md5 function: http://php.net/md5
kingmaker
Forum Newbie
Posts: 6
Joined: Tue Jun 02, 2009 7:24 am

Re: Php help needed!! its urgent!! Please giv me a proper soln!

Post by kingmaker »

I want a comment script in my site.. When user visited they can leave a comment in my site.. any script for that??
Post Reply