Cut down word and Password encryption...

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
partiallynothing
Forum Commoner
Posts: 61
Joined: Fri Nov 21, 2003 5:02 pm
Location: connecticut, usa

Cut down word and Password encryption...

Post by partiallynothing »

I want to know if there is any way I can assign a variable as something, like

Code: Select all

<?php
$var = var
?>
and then cut if down to just v. Essentially I want to extract the username, firstname, and lastname of a person from the database and be able to say: "The newest member [username] is Firstname L."

Along with that, I would like to add password encryption to my login and register script but I have no clue how to do it with the way I wrote the scripts.

Here is the register script:

Code: Select all

<?php
//include files
include('db.inc.php');

//check for post submission
if (isSet($_POST['submit'])) {

	//check that both fields have something in them
   if (empty($_POST['username']) || empty($_POST['password1']) || empty($_POST['password2']) || empty($_POST['firstname']) || empty($_POST['lastname']) || empty($_POST['email'])) {
        echo "<head><meta http-equiv=refresh content="2;
        URL=register.php"></head><b>You did not fill in all fields!</b><BR>Please wait.  You will be redirected in two seconds.";
        exit;
   }
   if (($_POST['password1']) != ($_POST['password2'])) {
   		echo "<head><meta http-equiv=refresh content="2;
        URL=register.php"></head><b>Your passwords do not match!</b><BR>Please wait.  You will be redirected in two seconds.";
        exit;
   }
	
      //mysql query
      $query = "SELECT * FROM users WHERE username ='{$_POST['username']}'";
      $result = mysql_query($query) or die(mysql_error());
	  
	  //check for username already in database
      if (mysql_num_rows($result) == "0" || mysql_num_rows($result) > 1) {
	  	
		//submit information
		$query = "INSERT INTO users VALUES ('', '{$_POST['username']}', '{$_POST['password1']}', '{$_POST['firstname']}', '{$_POST['lastname']}', '{$_POST['email']}', '00-00-0000', '00-00-0000', '1', '1', '1', '1', '1')";
	    $result = mysql_query($query) or die(mysql_error());
		
		//display confirmation and redirect
        echo "<head><meta http-equiv=refresh content="2;
        URL=index.php"></head><b>Registration Successful!</b><BR>Please wait.  You will be redirected in two seconds.";
	
	} else {
		echo "<head><meta http-equiv=refresh content="2;
        URL=register.php"></head><b>Username Already Taken!</b><BR>Please wait.  You will be redirected in two seconds.";
		exit;
		}

} else {

//print login forum
echo <<< FORM

<style type="text/css"> .style9 {font-family: Verdana; font-size: 10px; color: #333333; } </style>
<form action="{$_SERVER['PHP_SELF']}" method="post">
   <table align="center" border="0" cellspacing="0" cellpadding="3">
      <tr>
         <td><span class="style9">Desired Username:</span></td>
         <td><input type="text" name="username" maxlength="40"></td>
      </tr>
	  <tr>
         <td><span class="style9">Password:</span></td>
         <td><input type="password" name="password1" maxlength="40"></td>
      </tr>
	  <tr>
         <td><span class="style9">Confirm Password:</span></td>
         <td><input type="password" name="password2" maxlength="40"></td>
      </tr>
      <tr>
         <td><span class="style9">First Name:</span></td>
         <td><input type="test" name="firstname" maxlength="50"></td>
      </tr>
	  <tr>
         <td><span class="style9">Last Name:</span></td>
         <td><input type="test" name="lastname" maxlength="50"></td>
      </tr>
	  <tr>
         <td><span class="style9">E-mail Address:</span></td>
         <td><input type="test" name="email" maxlength="50"></td>
      </tr>
      <tr>
         <td colspan="2" align="center"><input type="submit" name="submit" value="Register">
         <input type="hidden" name="submit" value="submitted" /></td>
      </tr>
   </table>
</form>
FORM;
?>
And my login script is:

Code: Select all

<?php
//include files
include('db.inc.php');

//check for post submission
if(isSet($_POST['submit'])) {

//check that both fields have something in them
   if(empty($_POST['username']) || empty($_POST['password'])) {
          echo "<head><meta http-equiv=refresh content="2;
        URL=index.php"></head><b>Login Invalid</b><BR>Please wait.  You will be redirected in two seconds.";
      exit;
   }

	//mysql query
   $query = "SELECT * FROM users WHERE username ='{$_POST['username']}' AND password = '{$_POST['password']}'";
   $result = mysql_query($query) or die(mysql_error());
	  
	  //check for results
      if(mysql_num_rows($result) == "0" || mysql_num_rows($result) > 1) {
                 echo "<head><meta http-equiv=refresh content="2;
        URL=index.php"></head><b>Login Invalid</b><BR>Please wait.  You will be redirected in two seconds.";
      
	  //define session variables
	  } else {
	    $row = mysql_fetch_row($result);
        $_SESSION['auth'] = "1";
		$_SESSION['id'] = $row['0'];
        $_SESSION['username'] = $row['1'];
        $_SESSION['password'] = $row['2'];
		$_SESSION['firstname'] = $row['3'];
		$_SESSION['lastname'] = $row['4'];
        $_SESSION['email'] = $row['5'];
		$_SESSION['dateofbirth'] = $row['6'];
		$_SESSION['datecreated'] = $row['7'];
		$_SESSION['userlevel'] = $row['8'];
        $_SESSION['pref_backcolor'] = $row['9'];
        $_SESSION['pref_top'] = $row['10'];
        $_SESSION['pref_middle'] = $row['11'];
		$_SESSION['pref_bottom'] = $row['12'];
        echo "<head><meta http-equiv=refresh content="2;
        URL=index1.php"></head><b>Login Successful!</b><BR>Please wait.  You will be redirected in two seconds.";
      }

} else {

//print login forum
echo <<< FORM

<style type="text/css">
<!--
.style9 {font-family: Verdana; font-size: 10px; color: #333333; }
-->
</style>

<form action="{$_SERVER['PHP_SELF']}" method="post">
   <table align="center" border="0" cellspacing="0" cellpadding="3">
      <tr>
         <td><span class="style9">Username:</span></td>
         <td><input type="text" name="username" maxlength="40"></td>
      </tr>
      <tr>
         <td><span class="style9">Password:</span></td>
         <td><input type="password" name="password" maxlength="50"></td>
      </tr>
      <tr>
         <td colspan="2" align="center"><input type="submit" name="submit" value="Signin">
         <input type="hidden" name="submit" value="submitted" /></td>
      </tr>
   </table>
</form>
FORM;
?>
Thanks for all and any help!
User avatar
uberpolak
Forum Contributor
Posts: 261
Joined: Thu Jan 02, 2003 10:37 am
Location: Next to the bar

Post by uberpolak »

Every element in a string variable is assigned a number, which can be accessed with square brackets.

So, if

Code: Select all

<?php
$var = 'var';
?>
Then

Code: Select all

<?php
$var[0] == 'v';
$var[1] == 'a';
$var[2] == 'r';
?>
So if you want to get just the first letter of a string, do this:

Code: Select all

<?php
echo $var[0];
?>
As for the passwords thing read "Sessions With A Minor In User Logins" in the Tutorials forum on this site. It's a bit of a lengthy read, but you should be able to find what you need there.
User avatar
partiallynothing
Forum Commoner
Posts: 61
Joined: Fri Nov 21, 2003 5:02 pm
Location: connecticut, usa

Still got a question...

Post by partiallynothing »

Thanks a lot, but I still have a question. How can I do that rigth after I get info from a database.

Code: Select all

<?php
echo "<b><u>N e w M e m b e r s</u></b><BR><BR>";
$query = "SELECT username, firstname, lastname FROM users ORDER BY id DESC LIMIT 0 , 4";
$result = mysql_query($query) or die(mysql_error());
while ($row = mysql_fetch_assoc($result)) {
	echo "{$row['username']} - {$row['firstname']} {$row['lastname['0']']}<BR>"; }

?>
The above doesn't work. Is there another way?!
I also tried this:

Code: Select all

<?php
echo "<b><u>N e w M e m b e r s</u></b><BR><BR>";
$query = "SELECT username, firstname, lastname FROM users ORDER BY id DESC LIMIT 0 , 4";
$result = mysql_query($query) or die(mysql_error());
while ($row = mysql_fetch_assoc($result)) {
	$row['lastname'] = $lastname;
	echo "{$row['username']} - {$row['firstname']} {$lastname['0']}<BR>"; }
?>
but it didn't work either.

Can anyone come up with anything?

Thanks!
User avatar
uberpolak
Forum Contributor
Posts: 261
Joined: Thu Jan 02, 2003 10:37 am
Location: Next to the bar

Post by uberpolak »

Code as if each string were an array.

Replace this:

Code: Select all

<?php
echo "{$row['username']} - {$row['firstname']} {$row['lastname['0']']}<BR>"; }
?>
With this:

Code: Select all

<?php
echo $row['username'] . ' - ' . $row['firstname'] . ' ' . $row['lastname'][0];
?>
That should get the effect you want.
Post Reply