login validation

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
mainakvn
Forum Newbie
Posts: 2
Joined: Tue Mar 23, 2010 4:56 am

login validation

Post by mainakvn »

can anyone tell me why the test bolded below is not working can anyone help!!!!
<?php
include("config.php");
?>
<?php
//retrieve data from POST
$username = $_POST['username'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
if($pass1 != $pass2)
{
header('Location: register.php');
}
elseif(strlen($username) > 30){
header('Location: register.php');
}
else{
$hash = sha1($pass1);
function createSalt()
{
$string = md5(uniqid(rand(),true));
return substr($string, 0, 3);
}
$salt = createSalt();

$hash = sha1($salt . $hash);
$conn = mysql_connect($dbhost, $dbuser, $dbpassword);
//if(!$conn){echo "Error in connection";}
//else{echo "connection successful";}
mysql_select_db($dbname, $conn);

//sanitize username
$username = mysql_real_escape_string($username);

$query = "INSERT INTO users (username, password, salt) VALUES('$username', '$hash', '$salt');";
mysql_query($query);

//make sure was inserted successifully
//if(!mysql_insert_id())
//{
//die("Error: user not added to database");
//}
//else {echo "successiful register";}
Header('Location: register.php');
mysql_close();
}
mhdryz
Forum Newbie
Posts: 2
Joined: Mon Oct 05, 2009 10:54 am

Re: login validation

Post by mhdryz »

what type of method you are using for sending data? post or get method?

after that display $pass1 and $pass2.

echo $_REQUEST["pass1"];

echo $_REQUEST["pass2"];
mainakvn
Forum Newbie
Posts: 2
Joined: Tue Mar 23, 2010 4:56 am

Re: login validation

Post by mainakvn »

Am using post
User avatar
flying_circus
Forum Regular
Posts: 732
Joined: Wed Mar 05, 2008 10:23 pm
Location: Sunriver, OR

Re: login validation

Post by flying_circus »

mainakvn wrote:can anyone tell me why the test bolded below is not working can anyone help!!!!
You'll need to post your HTML form that was used to get to this page. Asking why a comparison operator doesnt behave the way you expect, tells me that there is a problem with the way you are handling input.

Code: Select all

<?php
include("config.php");
?>
<?php
# Verify we arrived here through a POST
  if(isset($_SERVER['REQUEST_METHOD']) && mb_strtolower($_SERVER['REQUEST_METHOD']) == "post") {
  # Retrieve data from POST
    $username = (isset($_POST['username'])) ? $_POST['username'] : '';
    $pass1 = (isset($_POST['pass1'])) ? $_POST['pass1'] : '';
    $pass2 = (isset($_POST['pass2'])) ? $_POST['pass2'] : '';
    
  # Validation
    if($pass1 != $pass2) {
      header('Location: register.php');
      exit();
    }
    
    if(strlen($username) > 30){
      header('Location: register.php');
      exit();
    }
    
  # Prepare Data
    $salt = substr(md5(uniqid(rand(),true)), 0, 3);
    $hash = sha1($salt . sha1($pass1));
    
  # Connect to the database
    $conn = mysql_connect($dbhost, $dbuser, $dbpassword);
    mysql_select_db($dbname, $conn);
 
  # Sanitize username
    $username = mysql_real_escape_string($username);
    
  # Execute Query
    $query = "INSERT INTO `users` (`username`, `password`, `salt`) VALUES ('$username', '$hash', '$salt');";
    mysql_query($query);
    
  # Close Database Connection
    mysql_close();
    
  # Redirect
    header('Location: register.php');
    exit();
  }
?>
Post Reply