Page 1 of 2

User registration

Posted: Wed Jul 16, 2008 12:02 am
by pritam79
Hi everyone,

I have a registration form, which gives error messages through alert boxes on wrong input. But every time there is a wrong input, on submission of the form, i am directed to the "do_register.php" page along with the alert box. The new page says "Connection successful Could not execute query".

What i want is that on clicking the submit button, if there are any wrong inputs, i want only the alert box with the message but on the same "register.php" page, so that i don't have to return back every time. Also the user can send the corrected inputs to the database.

This is "register.php"

Code: Select all

 
<?php
 include "header1.php";
 ?>
 <div id="content">
    <div id="left" style="left: 0px; top: 0px">
     <ul>
       <li>Email address :</li>
       <li>Preferred username :</li>
       <li>Password :</li>
       <li>Confirm password :</li>
     </ul>
    </div>
    <div id="right">
     <p style="left: -1px; top: 0px"><font size="4.5px">REGISTER</font></p>
     <form action="do_register.php">
     <input type="text" size="20" name="email"><br><br>
     <input type="text" size="20" name="username"> (max 16 chars)<br><br>
     <input type="password" size="20" name="passwd"> (6 to 16 chars)<br><br>
     <input type="password" size="20" name="passwd2"><br><br>
     <input type="submit" name="Submit" value="submit">
     <input type="reset" name="Reset" value="reset">
     </form>
     </div>
 </div>
 <?php
 include "footer.php";
 ?>
And this is "do_register.php"

Code: Select all

 
<?php
include "header1.php";
?>  
<div id="content">
<?php  
  //include function files for this application
  require("PDMS_fns.php");
 
  // start session which may be needed later
  // start it now because it must go before headers
  session_start();
 
  // email address not valid
  if (!valid_email($email))
  {
    print("<script language = 'javascript'>alert('Not a valid email address');</script>");
    exit();
  }
 
  // check username length
   if(($username == "" ) || strlen($username)>16)
   {
    print("<script language = 'javascript'>alert('Username must be from 1 to 16 characters');</script>");
    exit();
  }
 
  // passwords not same
   if($passwd != $passwd2)
   {
    print("<script language = 'javascript'>alert('Passwords donot match');</script>");
    exit();
   }
   
// check password length is ok
// ok if username truncates, but passwords will get munged if they are too long.
 
if (strlen($passwd)<6 || strlen($passwd) >16)
   {
    print("<script language = 'javascript'>alert('Password must be between 6 to 16 characters');</script>");
    exit();
   }
   
// attempt to register
 $reg_result = register($username, $email, $passwd);
 if($reg_result == "true")
  {
   // register session variable
   $valid_user = $username;
   session_register("valid_user");
   
   // provide link to members page
   
   echo "You have been registered as $valid_user -go to members page and start";
   
   }
  else
  {
   // otherwise, provide link back,  tell them to try again
   echo $reg_result;
   exit();
  }
?>  
</div>  
<?php
include "footer.php";
?>

Re: User registration

Posted: Wed Jul 16, 2008 5:00 am
by bouncer
hi pritam79.

Code: Select all

 
if($passwd != $passwd2)
 
first of all i notice that you are comparing two string with '!=', i think this isnt the best way to do it. use this instead,

Code: Select all

 
if(strcmp($passwd, $passwd2) == 0)
 
this must be the reason for the alert message. but i recommend that you create a javascript function in "register.php", something like this,

Code: Select all

 
<script language="javascript">
function validate_form() {
 
    if ( document.your_form_name.username.length == 0 || document.your_form_name.username.length > 16 ) {
        alert ( 'Username must be from 1 to 16 characters' );
        return false;
    }
 
//(...) other validations
 
}
</script>
 
and then in here you do,

Code: Select all

 
<form action="do_register.php" onSubmit="validate_form();">
 
and you dont have to do those validations inside the "do_register.php" script.

Re: User registration

Posted: Wed Jul 16, 2008 8:50 am
by pritam79
Thanks a lot bouncer, things are working fine now. But the password comparison you have suggested " if(strcmp($passwd, $passwd2) == 0) " is not workin. Will this go into the javascript as well? In that case what about the dollar $ sign before the variables? Also i would like to know if it is possible to validate the email address in the javascript itself before sending it to the server? I have used ereg in "do_register.php" to do so. Can this be done using javascript in " register.php" ?

Re: User registration

Posted: Wed Jul 16, 2008 9:09 am
by bouncer
pritam79 wrote:Thanks a lot bouncer, everything is working fine now. But is it possible to validate the email address in the javascript itself before sending it to the server? I have used ereg in "do_register.php" to do so. Can this be done using javascript?
yes, is possible.

you can try this one,

Code: Select all

 
function validate_email() {
   var email = document.getElementById(’email_field’);
   var filter = /^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;
 
   if (!filter.test(email.value)) {
      alert(’Please provide a valid email address’);
   
   email.focus
   return false;
}
 
how to use,

Code: Select all

 
<input type="text" size="20" name="email" id="email_field" onblur="validate_email()">
 
But the password comparison you have suggested " if(strcmp($passwd, $passwd2) == 0) " is not workin. Will this go into the javascript as well?
you can compare the two field in javascript as well, in validate_form() function add this,

Code: Select all

 
if(passwd == passwd2) {
   alert("Retyped, password did not match)";
   return false;
}
 
now you dont need that compare in the 2do_register.php" script, because you are validating all the field before sending the info to server.

regards

Re: User registration

Posted: Wed Jul 16, 2008 9:49 am
by Stryks
I understand the logic behind what you are saying, and a javascript validation layer when done right can be a beautiful thing, but seriously ...
bouncer wrote: now you dont need that compare in the 2do_register.php" script, because you are validating all the field before sending the info to server.
Horrible advice, no disrespect intended.

You've just made a form that allows a single email to be entered if a user has javascript disabled (or turned off for this purpose).

ALWAYS do FULL checking server side and consider ALL client side validation as simply window dressing. You cannot trust that javascript is enabled, or returning what you expect.

Also, you're using javascript .... why are you posting the form to a server side script which then outputs alerts. Shouldn't the alerts come BEFORE the submit?

Re: User registration

Posted: Wed Jul 16, 2008 10:14 am
by Stryks
Oh ... another thing, try not to use globals to access your $_POST or $_GET data (form or url arguments).

When you're trying to get form data, always go for ...

Code: Select all

echo $_POST['email'];
// not
echo $email;
 
While it may work (in your current server environment at least) it's not considered good practice, and as such is often not available on production servers.

Oh ... and try

Code: Select all

if($_POST['passwd'] !== $_POST['$passwd2'])
Cheers

Re: User registration

Posted: Wed Jul 16, 2008 11:46 am
by bouncer
Stryks wrote:I understand the logic behind what you are saying, and a javascript validation layer when done right can be a beautiful thing, but seriously ...
bouncer wrote: now you dont need that compare in the 2do_register.php" script, because you are validating all the field before sending the info to server.
Horrible advice, no disrespect intended.

You've just made a form that allows a single email to be entered if a user has javascript disabled (or turned off for this purpose).

ALWAYS do FULL checking server side and consider ALL client side validation as simply window dressing. You cannot trust that javascript is enabled, or returning what you expect.

Also, you're using javascript .... why are you posting the form to a server side script which then outputs alerts. Shouldn't the alerts come BEFORE the submit?
we are always learning ... i'm still learning, i take seriously, all comments to my posts with them i can learn alot. so fell free to comment any of my posts that i appreciate, whenever i'm wrong or less wrong. :D

regards

Re: User registration

Posted: Thu Jul 17, 2008 12:39 am
by pritam79
Stryks wrote: ALWAYS do FULL checking server side and consider ALL client side validation as simply window dressing.
Would not that mean extra overhead on the server? And what do you mean by window dressing?

stryks wrote: Also, you're using javascript .... why are you posting the form to a server side script which then outputs alerts. Shouldn't the alerts come BEFORE the submit?
Do i need to change onsubmit to onclick?

I dont get as to what changes I should make to both the scripts. Should I not use javascript at all in "register.php" for validation and include all the checking in "do_register.php" as i did earlier? Please help.

Re: User registration

Posted: Thu Jul 17, 2008 1:09 am
by Stryks
I would consider data validation and error handling one of the core reasons for using a server side scripting language in the first place. You put a form out there with the knowledge that no matter what you put in place, YOU CANNOT TRUST DATA FROM THE CLIENT SIDE.

Before client side data comes anywhere near your site (especially database) you really need to check that the data is what is expected. Then you either redisplay the form with an error and allow the user to fix, or it passes validation and you can feel (relatively) safe to process the information.

The javascript should usually just be considered something that is there for the user, not for the developer. If the user can have javascript tell them that the form is incorrect before they submit, then it saves them wait for a page reload (which WOULD save server load) and can make the site seem more professional.

But as I said above, you just cannot predict if the data you are getting has been validated by your javascript or not. As such, you really should assume it is not and perform data validation on the back end with PHP.

What I recommend, is that you build a validation procedure using PHP only first, and then come back and add the javascript layer afterwards.

But more on topic, all the validation javascript should be on register.php and not do_register.php. And as per a previous thread of yours that I responded to, you should consider having the form post to itself ... it makes re-displaying the form much easier and keeps all the display and process code together.

Cheers

Re: User registration

Posted: Thu Jul 17, 2008 1:24 am
by Stryks
Sorry, I'm sounding hypercritical here. I'm right in the middle of securing one of my biggest apps, so I'm taking security very seriously .... as I should have done from the start.

What I think bouncer was suggesting is something like ...

Code: Select all

<?php
 include "header1.php";
 ?>
 
<script language="javascript">
function validate_form() {
 
    if ( document.your_form_name.username.length == 0 || document.your_form_name.username.length > 16 ) {
        alert ( 'Username must be from 1 to 16 characters' );
        return false;
    }
 
//(...) other validations
 
}
</script>
 
 
 <div id="content">
    <div id="left" style="left: 0px; top: 0px">
     <ul>
       <li>Email address :</li>
       <li>Preferred username :</li>
       <li>Password :</li>
       <li>Confirm password :</li>
     </ul>
    </div>
    <div id="right">
     <p style="left: -1px; top: 0px"><font size="4.5px">REGISTER</font></p>
     <form action="do_register.php" onsubmit="validate_form();">
     <input type="text" size="20" name="email"><br><br>
     <input type="text" size="20" name="username"> (max 16 chars)<br><br>
     <input type="password" size="20" name="passwd"> (6 to 16 chars)<br><br>
     <input type="password" size="20" name="passwd2"><br><br>
     <input type="submit" name="Submit" value="submit">
     <input type="reset" name="Reset" value="reset">
     </form>
     </div>
 </div>
 <?php
 include "footer.php";
 ?>
 
Though I'd be happier to see that javascript in the head tags, but that risks making your header less portable.

But take a look at the link I dropped in your other post to see an example of single page PHP form processing with redisplay on error. If you added this javascript layer to it, the user would be promped before submission of errors, but users with no javascript or people trying to bypass it would get the form re-issued in a friendly and professional manner (instead of being dumped on another page an needing to re-enter all the form info).

Cheers.

Re: User registration

Posted: Tue Jul 22, 2008 5:05 am
by pritam79
Hi there,
The scripts I have for my application are as follow- the user needs to register and then login to the system. I have been able to register and my registration details get into the database. But when I try to login after I register, I get the error message that’s in do_login.php on line no-22. Why is it so? Please help


PDMS_fns.php

Code: Select all

<?php
  // we can include this file in all other files, so that every file will contain all our functions
  require("db_connect.php");
  require("valid_fns.php");  
  require("user_auth_fns.php");
?>
 
do_register.php

Code: Select all

<?php
include "header1.php";
?>  
<div id="content">
<?php  
  //include function files for this application
  require("PDMS_fns.php");  
  // start session which may be needed later
  // start it now because it must go before headers
  session_start();
    // all validatio go here  if ok put in db
    
     $result = mysql_query("insert into users values('', '$username', password('$password'), '$email')");
  $reg_result = register($username, $email, $passwd);
 if($reg_result == "true")
  {
   // register session variable
   $valid_user = $username;
   session_register("valid_user");
   // provide link to members page
   echo "<p><br><br><center>You have been registered as $valid_user -go to <a href='login.php'>login</a> page to start</center></p>";
   }
  else
  {
   // otherwise, provide link back,  tell them to try again
   echo "<p><br><br><center>Registration failed- <a href='register.php'>Retry</a></center></p>";
   exit();
  }
?>
</div>  
<?php
include "footer.php";
?>
 
Do_login.php

Code: Select all

<?php
include "header1.php";
?>
<div id="content">
<?php
 // include function files for this application
 require("PDMS_fns.php");
 session_start();
  if($username && $password)
  // they have just tried logging in
  {
     if(login($username, $password))
      {
       // if they are in the database, register the user id
       $valid_user = $username;
       session_register("valid_user");
      }
      else
      {
       // unsuccessful login
       echo "<br><br><center>You could not be logged in-<a href='login.php'>retry</a></center><br>";
       exit;
      } 
  }
   check_valid_user();
?>
</div>
<?php
include "footer.php";
?>
 
User_auth_fns.php

Code: Select all

<?php
 
// this function checks a user's details against the database
function login($username, $password)
 
// check username and password with database
// if yes, return true else return false
  {
   $conn = db_connect();
   if(!$conn)
   return 0;
   //  check if username is unique
     $result = mysql_query("select * from users where username ='$username' and password  =      password('$password')"); 
  
    if(!$result)
     return 0;
     if(mysql_num_rows($result)>0)
     return 1;
    return 0;
 
  }
 // the below function will be needed to verify if a user has a session already running  
 function check_valid_user()
    {
    // see if somebody is logged in and notify them if not
     global $valid_user;
     if(session_is_registered("valid_user"))
      {
        echo "<br><br><center>Logged in as $valid_user, go to your <a href='home.php'>home</a> page</center><br>";
      }
      else
      {
         // they are not logged in
         echo "You are not logged in- <a href='login.php'>Retry</a><br>";
         exit;
      }      
      }    
  }
?>  
 

Re: User registration

Posted: Tue Jul 22, 2008 7:24 am
by Stryks
Is there any reason why you have ignored my advice to process the form on the same page that displays it?

It's really quite simple.

Also, in order to help you, we'll need to know the EXACT error message and possibly the code for login.php would help also.

8)

Re: User registration

Posted: Tue Jul 22, 2008 7:44 am
by pritam79
Stryks wrote:Is there any reason why you have ignored my advice to process the form on the same page that displays it?
Ya your advice to process the form on the same page was the thing i wanted to do even before posting, but to be very frank i could not make out as to how to combine the codes of both the pages and make a single page alhthough you gave a link to such a script.

Stryks wrote:Also, in order to help you, we'll need to know the EXACT error message and possibly the code for login.php would help also.
This is the login.php page

Code: Select all

<?php
include "header1.php";
?>
<div id="content">
<div id="left" style="left: 0px; top: 0px"><br>
      <ul>
        <li>Username :</li>
        <li>Password :</li>
      </ul>
    </div>
    <div id="right">
    <p style="left: -1px; top: 0px"><font size="4.5px">LOGIN FORM</font></p>
    <form action="do_login.php" method="post">
    <input type="text" size="20" name="username"><br><br>
    <input type="password" size="20" name="password">&nbsp;&nbsp;
    <span style="color: #FF0000"><a href="forgot_form.php">forgot password</a></span><br><br>
    <input type="submit" name="submit" value="Submit">
    <input type="reset" name="reset" value="Reset">
    </form>
    </div>
</div>
<?php
include "footer.php";
?>
 
The error that i get is - You could not be logged in-retry


If this doesnot help, i can provide all the other files also. Also i need to solve my problem as early as possible-please help

Re: User registration

Posted: Tue Jul 22, 2008 8:29 pm
by Stryks
I want to help, I really do ... but it's really a big task. There is much that needs revising.

My first thought in Do_login.php is that you need to move the session_start(); to the top of the page. It should be at the top of every page where you will require sessions and have no HTML output before it. I assume this is what header.php does.

Surest way is to put it right after the opening tags on each page. eg.

Code: Select all

<?php
session_start();
 
// start the rest of the page processing
 
?>
 
Now ... I'm not too sure what the register() function is (called on line 14 of do_register.php) but unless it is calling the database to see if the user was created, then it would seem there is no way of knowing if register has worked or not.

Also in all locations where form content is being processed, you are still relying on REGISTER_GLOBALS being on, where most production servers have it turned off.

Because of this, it is possible that the login function is just getting a null $username and $password. To clarify ... in most situations you need to access form data with $_POST['field_name'] and not $field_name.

So a form with a textbox named 'username', you *should* be using this to retrieve that data ...

Code: Select all

// The form information is stored in $_POST
// So look in $_POST for my form variable
 
echo $_POST['username'];
 
// The following cannot be relied upon to work
echo $username;
 
 


Make these changes and then let us know what you're getting.

Cheers

Re: User registration

Posted: Wed Jul 23, 2008 10:23 am
by pritam79
Hi stryks,
The problem i was having where I was getting an error message in do_login is now solved. The problem was that my registration script was inserting the user password after encrypting it, but when i tried logging in i was given an error message because the password was retrieved in the encrypted form from mysql and compared with the login password which was not encrypted and hence the error message on comparison between the encrypted and decrypted password. I guess i am right because when i remove the encryption stuff and store the passwords in mysql as plain text i donot get any error and everything is fine.

The things that are not solved are 1) The one page registration you had suggested earlier and 2) The passwords stored as plain text, where as i want them to be stored in an encrypted format and later have a method to decrypt it.

Also, i have included a function where the user is emailed his forgotten password. But the function is not working



This is register.php

Code: Select all

<?php
include "header1.php";
?>  
<div id="content">
  <div id="left" style="left: 0px; top: 0px">
    <ul>
      <li>Email address :</li>
      <li>Preferred username :</li>
      <li>Password :</li>
      <li>Confirm password :</li>
    </ul>
   </div>
   <div id="right">
    <p style="left: -1px; top: 0px"><font size="4.5px">REGISTER</font></p>
    <form action="do_register.php" name="register_form">
    <input type="text" size="20" name="email"><br><br>
    <input type="text" size="20" name="username"> (6 to 16 chars)<br><br>
    <input type="password" size="20" name="password"> (6 to 16 chars)<br><br>
    <input type="password" size="20" name="password2"><br><br>
    <input type="submit"  name="Submit" value="submit">
    <input type="reset" name="Reset" value="reset">
    </form>
    </div>
</div>
 
This is do_register.php

Code: Select all

<?php
include "header1.php";
?>  
<div id="content">
<?php  
  //include function files for this application
  require("PDMS_fns.php");
  
  // start session which may be needed later
  // start it now because it must go before headers
  session_start();
 
  if (!valid_email($email))
  {
    print("<script type = 'text/javascript'>alert('Not a valid email address');</script>");
    exit();
  }
  
  // check username length
   if(( strlen($username) < 6 ) || (strlen($username) > 16))
   {
    print("<script language = 'javascript'>alert('Username must be between 6 to 16 characters');</script>");
    exit();
  }
 
  // passwords not same
   if($password != $password2)
   {
    print("<script language = 'javascript'>alert('Passwords donot match');</script>");
    exit();
   }
   
// check password length is ok
// ok if username truncates, but passwords will get munged if they are too long.
 
if (strlen($password) < 6 || strlen($password) > 16)
   {
    print("<script language = 'javascript'>alert('Password must be between 6 to 16 characters');</script>");
    exit();
   }
  
  // attempt to register after all validation is done
function register($username, $email, $password)
    // register new person with db
    // return true or error message
   {
   
    // connect to database
     $conn = db_connect();
     if(!$conn)
       {
         print("<script language = 'javascript'>alert('Could not connect to database server- retry');</script>");
         exit();
        }
 
     // check if username is unique
     $result = mysql_query("select * from users where username='$username'");
       if(!$result)
        {
         print("<script language = 'javascript'>alert('Could not execute query');</script>");
         exit();
        }
       if(mysql_num_rows($result)>0)
        {
         print("<script language = 'javascript'>alert('You are already registered');</script>");
         exit();
        }
    // if ok put in db
     
     $result = mysql_query("insert into users values('', '$username', '$password', '$email')");
     
       if(!$result)
        {
         print("<script language = 'javascript'>alert('Could not register-try again');</script>");  // see pg-337 from pdf tutorial for password() function above
         exit();
        }
    return true;
    }  
 $reg_result = register($username, $email, $password);
 if($reg_result == "true")
  {
   // register session variable
   $valid_user = $username;
   session_register("valid_user");
   
   // provide link to members page
   
   echo "<p><br><br><center>You have been registered as $valid_user -go to <a href='login.php'>login</a> page to start</center></p>";
   
   }
  else
  {
   // otherwise, provide link back,  tell them to try again
   echo "<p><br><br><center>Regiatration failed- <a href='register.php'>Retry</a></center></p>";
   exit();
  }
?>
</div>  
<?php
include "footer.php";
?>
 
This is user_auth_fns

Code: Select all

<?php
 
// this function checks a user's details against the database
function login($username, $password)
 
// check username and password with database
// if yes, return true else return false
  {
   $conn = db_connect();
   if(!$conn)
     return 0;
   // check if username is unique
     $result = mysql_query("select * from users where username ='$username' && password = '$password'");
  
  if(!$result)
     return 0;
    
  if(mysql_num_rows($result)>0)
      return 1;
    else
      return 0;
 
  }
  
    
// the below function will be needed to verify if a user has a session already running  
  
function check_valid_user()
    {
    // see if somebody is logged in and notify them if not
     global $valid_user;
     if(session_is_registered("valid_user"))
      {
        echo "<br><br><center>Logged in as $valid_user, go to your <a href='home.php'>home</a> page</center><br>";
      }
      else
      {
         // they are not logged in
         echo "<br><br><center>You are not logged in- <a href='login.php'>Retry</a></center><br>";
         exit;
      }      
    }
 
 
function change_password($username, $old_password, $new_password)
 // change password for username/old_password to new_password
 // return true or false
  {
    // if old password is right, change password to new_password and return true else return false
    if(login($username, $old_password))
     {
       if(!($conn = db_connect()))
        return false;
       $result = mysql_query("update users set password = '$new_password' where username = '$username'");
       if(!$result)
         return false;  // not changed
       else 
         return true;  //changed successfully
     }
    else return false;  // old password was strong
  }
  
function change_username($username, $old_username, $new_username)
 // change username for username/old_username to new_username
 // return true or false
  {
    // if old username is right, change username to new_username and return true else return false
    if(login($username, $old_password))
     {
       if(!($conn = db_connect()))
        return false;
       $result = mysql_query("update users set username = '$new_username' where username = '$username'");
       if(!$result)
         return false;  // not changed
       else 
         return true;  //changed successfully
     }
    else return false;  // old username was strong
   } 
  
function get_password($username)
    {
    if(!($conn = db_connect()))
       return false;  // not retrived
    else
      {   
       $new_password = mysql_query("select password from users where username = '$username'");
       return $new_password;   // successfully retrieved
      }
     } 
function notify_password($username, $password)
 
  {  
     $conn=db_connect();
     if(!$conn)
       return 0;
     $result = mysql_query("select email from users where username='$username'");
     if(!$result)
       return 0;  // not changed
     else if (mysql_num_rows($result)==0)
       return 0;  // user not in db
     else
      {
        $email = mysql_result($result, 0, "email");
        $from = "From: support@PDMS \r\n";
        $mesg = "Your PDMS password is $password \r\n";
        if (mail($email, "PHPBookmark login information", $mesg, $from))
          return 1;
        else
          return 0;
      }    
  }
?>  
 
Thi is forgot_form.php

Code: Select all

<?php
include "header1.php";
?>
<div id="content">
  <div id="left" style="left: 0px; top: -5px"><br>
      <ul>
        <li>Enter your username : </li>
      </ul>
  </div>
  <div id="right">
    <p style="left: -1px; top: 0px"><font size="4.5px">Recover password</font></p>
    <form method="post" action="forgot_password.php">
    <input type="text" name="username"><br><br>
    <input type="submit" name="get_password" value="Get password">
    </form>
  </div>
</div>  
<?php
include "footer.php";
?>
 
This is forgot_password.php

Code: Select all

<?php
include "header1.php";
?>
<div id="content">
<?php
  require("PDMS_fns.php");
    if($password = get_password($username))
    {
     if(notify_password($username, $password))
         echo "<br><br><center>Your password has been mailed to you.</center><br>";
     else
         echo "<br><br><center>Your password could not be mailed to you-try pressing refresh</center><br>";
    }
    else
      echo "<br><br><center>Your password could not be retrieved-<a href='forgot_form.php'>retry</a></center><br>";
?>
</div>
<?php
include "footer.php";
?>
This is PDMS_fns.php

Code: Select all

<?php
  // we can include this file in all other files, so that every file will contain all our functions
  require("db_connect.php");
  require("valid_fns.php");  
  require("user_auth_fns.php");
?>
This is db_connect.php

Code: Select all

<?php
  function db_connect()
    {
     $result = mysql_pconnect("localhost","root","");
      if(!$result)
         return 0;
      if(!mysql_select_db("PDMS"))
         return 0;
      return $result;      
    }
?>