Page 1 of 1

password setting and verification with PHP?

Posted: Mon May 26, 2008 4:16 pm
by josh22x
Ok, I am having trouble visualizing how to perform this...

What I want to do is set my site so that users have to login on a certain page with a password. I want them to be able to set that password, have that saved to the database, and then next time they log in, that password can be used. I assume that I could do this with a comparison statement of some sort and have a unique id in my table that would correspond to that user. How would I go about doing this? Could someone give me an example of the way the code would be arranged?

Thanks!

Re: password setting and verification with PHP?

Posted: Mon May 26, 2008 5:41 pm
by whiterabbit
In order to store a password in your database, you should use the md5() function. This is both a PHP and MySQL function. So, when a user initially signs up for an account, you would want to store the md5() value of the password in the database associated with that user's userid. Then, when the user comes back to the site and has to log back in, you would compare the md5() value of the password they typed into the login form with the value from the database since it is already stored encrypted. If they match, then they typed in the same password, if they don't match, they typed it in wrong.

Hope that helps.

Re: password setting and verification with PHP?

Posted: Mon May 26, 2008 9:24 pm
by josh22x
Yes, that does help. However, could you give me an idea of how I would set up the code for that? I assume it would be something like:

if username = password with id of user_id

execute

Code: Select all

Is my logic correct or am I leaving something out?

Re: password setting and verification with PHP?

Posted: Tue May 27, 2008 2:22 am
by Conect - Dev
First of all i'll assume that :
1 - you are using PHP 5 with mysql 4 or greater .
2 - you have some knowledge about HTML , PHP , Mysql .

So lets start :)

we have 3 pages :

1 - login.php // to allow users enter their Username & pass word .
2 - check.php // to check the username and password and create session .
3 - hello.php // the page requires Permissions to get viewed .

The Data base side has a table with 3 columns :

1 - Username column(Field) .
2 - Password column(Field) .
3 - UserID column(Field) .

This is a form for login.php which contains username & pass word text area :

Code: Select all

<form method="POST" action="check.php">
 <p align="left">
  Username :<input name="T1" size="20" style="float: left"></p>
  <p>&nbsp;</p>
  <p align="left">Password :</p>
  <p><input name="T2" size="20" style="float: left"></p>
  <p align="left">&nbsp;</p>
  <p align="left"><input type="submit" value="Submit" name="B1"><input type="reset" value="Reset" name="B2"></p>
  <p>&nbsp;</p>
</form>
now lets assume the user enters his username and password . . . .

so we have to get them in the check.php page and compare them with the saved username and pass word in the Database .

we will use
$_post['T1'];
to get the entered username
and
$_post['T2'];
to get the entered password .

so in the check.php put this code :

Code: Select all

 
$Entered_username = $_POST['T1'];
$Entered_password = $_POST['T2'];
 
Then we will Create a Mysql Connection to get the stored usernames and password using this code :

Code: Select all

// Establish a connection with Mysql DataBase
 
mysql_connect ('localhost','root',''); // DataBase Username = root & Database password = Nothing
 
mysql_select_db('users'); // Our database name = users 
 
// Establish a connection with Mysql DataBase
now we have the entered username and password and we r connected to the Mysql database .

to get the usernames and password we use this SQL query :

Code: Select all

$query = "Select * from users";
$result = mysql_query($query);
Then we will go throw usernames and passwords we got from the database (stored in $result)
& compare them with our entered username & pass word using this code :

Code: Select all

while ($row = mysql_fetch_array($result))
{
    extrat($row);
    if ($Entered_password == $Username && $Entered_password == $Password )
    {
        session_start();
        echo "<a href=hello.php>Loged in Successfully Press Here to go to the next page</a>";
    }
}
 
if (!session_start())
{
    echo "Username or Password is incorrect press back button and try again later";
}
now it's all done just we need to check if the user is loged in or no when he want to enter hello.php page we will do it using this code :

Code: Select all

 
if (!session_start())
{
    echo "Username or Password is incorrect press back button and try again later";
}
// Get The username & passwords
 
// Check
 
if (session_start())
{
    echo "Welcome :D";
}
else
{
    echo "Please login using this page : login.php";
}
Hope i helped u enough :)

sorry for my bad language <<< English is not my mother tongue :) .

Best Wishes
Tarek Nagi
http://www.tareknagi.com
Conect - Dev Team