chunkymonkey11

Thanks ChristianF. "Life is 1% fun, and 99% learning how to have fun"

I guess I have no other option. Studying the concept it is :'( ... Thanks all for the help (even though we never reached my second question)

ChristianF thanks for the article it helped a lot (even tho it was a bit too advance for me). To be fully honest with you the coding stuff flew right over me, but the purpose behind the article was something I could understand. Now I am not a mathematical genius, so the likely hood of me making an algorithm for securing the passwords are slim. So I started to play around with the concepts of the article and other sources to develop this code (please keep in mind that I am still new at PHP so this script most likely is laden with problems, and reading an article will not make me an expert ) : <?php function enc($string) { $salt = "@x2p"; $hash = shal(md5($salt.$string)).md5($string).shal(md5(md5($string))); return $hash; } echo md5("$dbpassword"); echo "<br />"; echo enc("$dbpassword"); ?> It seems like nobody has answered the profile.php question as well as my second main question. So any answers would be great!

Hey MMDE thanks for being involved. So for clarification I don't have to install Salt or anything, right? So instead of this: $query = mysql_query("SELECT * FROM member WHERE username='$username'"); $numrows = mysql_num_rows($query); I should put this $query = mysql_query("SELECT * FROM member WHERE username='$username'"); if(mysql_num_rows($result)==1){ // logged in } and since you are in this topic, any clue how to make a profile.php like ialsoagree said? And if ANYONE knows how to tackle the second question their help would be great

I think I know where you are coming from, so your saying (please correct me if I'm wrong): The login script will fail because the script does not account for the encrypted passwords that are stored in the database? So lets say I tell my registration script to encrypt the passwords in MD5. Would I do something like this? $dbusername = $row['username']; $dbpassword = $row['username']; } if ($username==$dbusername&&$password==$enc_password) Because if I were using MD5 in my registration script I would put $enc_password = md5($password Now for the profile.php. How would you write the code for this file? I know you are big on data safety so how would you write this file so that nobody can just put the specific url and have access the the users specific page? Also, do you have any idea's on how to approach the second question?

I appreciated the response,and concern, but this is not a registration script, my registration script tells my users database to store their passwords and email in a MD6 algorithm, and then stores it in a configuration file (which only the database can un-encrypt). This login script does not store data to my database (except maybe for last sign in date) only verifies the users existence. The registration page checks for existing individuals with the same username, so no more than one individual can have that same username. My issue was regarding the the direction all users are sent when they are verified. They will be sent to (as the code says) "Click here to enter members area". I don't want that. I want to be able to assign each user their own page (i guess much how each Facebook user has their own profile page), and I want to store that link in the id section of the database. The more I am thinking about it, the more I believe this has to do with my registration script. How would I (in PHP language) assign each user their own page using the id field in my database, and how would I tell my login script to direct the user to their specific page. Also, if somebody can please help me tackle the second question that would be great

Hey guys! It seems like the only thing I do on this forum is ask for help, but yet again Steve Jobs said that the only way one can be successful is to ask for help I will be as detailed as possible for you guys, but if you need more just let me know So, I need two question to be solved I have a XAMPP server with a database called members with the following field: id, businessname, username, password, sign_up_date, email, taxnumber, account_permissions, email_activation I am going to create a new database table called: Registered with the following fields: picture,discription,location,keywords,latest news so I created a login and register script and they work fine, but the unforutnate part is that all registered users that login end up on the same dang webpage. I am trying to allow each user to login to their own profile page, but use a unviersial template. Luckly, I was smart enough to create a id field in the member table, but dumb enough not really know what to do with it. Each new user will be assigned a new id starting with 01 and going up. Can I uses that to allow each user to create their own profile, and when they login the php script directs them to that user id? Below is the script: <?php session_start(); $username = $_POST['username']; $password = $_POST['password']; if($username&&$password) { $connect = mysql_connect("127.0.0.1","root","") or die ("Couldnt connect to database"); mysql_select_db("test_database") or die ("Couldnt find database"); $query = mysql_query("SELECT * FROM member WHERE username='$username'"); $numrows = mysql_num_rows($query); if($numrows !=0) { while ($row = mysql_fetch_assoc($query)) { $dbusername = $row['username']; $dbpassword = $row['username']; } if ($username==$dbusername&&$password==$dbpassword) { echo "Login successful. <a href=''>Click here to enter members area</a"; $_SESSION['username']=$dbusername; } else echo "Incorrect password"; } else die ("That username doesnt exist"); } else die ("Please enter a username and password"); ?> Now to my second question. Once each user has their own profile (thanks to your help ), I want to create a database search engine that one (a non-registred) user can use to search through all the users profiles and then list the searches by most relavent keyword hits and by location. So for example, if they searched cars the engine would go through all the registered users data in the Registered table and then list by relevance using two fields in that database:location, and keywords. The non-registred user types in the desired keywords in one search box and location in another and then the engine lists the searches in a diffrent page by most hits down to some what relevant. To be honest with you this one is WAY out of my knowledge league, so it would be great if you could walk me through it.Since you know my whole database architecture giving some step by steps would be awesome. I really appricate your guys help in helping me create this project. I was helping my Uncle creata a website for his conslting company but i guess my mind got a lot more curious.

jesirose & krash11554 you guys ROCK!! I spent soo much time trying to fix this issue that I thought of just giving up!!! Thanks for the help! This case is solved

I am sorry guys, but I am honestly confused about what's wrong (newbie at it's finest). I put the = by the value, but I lost you guys at naming the submit button. How would you do that? Also thanks again for responding and helping me, the other forums I went to only gave me one answer: "give up".

Hey krash11554, thanks for replying. When I put the } above else } } else echo "All fields are required"; and reload the page; the page says All fields are required when I have not clicked Create Account (I want that message to appear if somebody has not filled out the required fields and clicked Create Account), also for some reason when I put two passwords that are not the same it should say: Passwords must match Also I have been looking at some PHP books and there seems to be PHP tags in the html like: <form action="register.php" method="POST"> Business Name: <input type="text" name="businessname" value="<?php echo "$businessname"; ?>"> <p> Username: <input type="text" name="username" value"<?php echo "$username"; ?>"> Any help on identifying the issues on this script would be appreciated

Hey Guys! I have ran into a problem that is above my level of PHP knowledge. I have been working on a registration script. My database is XAMPP and my table name is member. The fields inside member are as follow: id, businessname, username, password, sign_up_date, email, taxnumber, account_permissions, email_activation (I am working on helping my Uncle create a website for his consulting company, and he said he needs these fields) Anyways, I went on to create this php file (code below) called register.php it has html in it and I saved the file in htdocs. When I saved it, I went on to test it, and for some strange reason when I put nothing in the fields is should say: All fields are required, but for some strange reason when I click Create Account nothing happens. Just seems like it takes a second to refresh and that's it. It does not even tell me: All fields are required. Any help would be appreciated, and I'm a newbie so an explanation would also be great. <?php error_reporting(0); if($_POST['submit']) { $businessname= $_POST['businessname']; $username = $_POST['username']; $password = $_POST['password']; $password1 = $_POST['password1']; $email = $_POST['email']; $taxnumber = $_POST['taxnumber']; $enc_password = md5($password); if($businessname && $username && $password && $password1 && $email && $taxnumber) { if(strlen($businessname)>40) { echo "Your Business Name is too long"; } if(strlen($username)>15) { echo "Your username is too long"; } else { if(strlen($password)>15 || strlen($password)<6) { echo "Your password must be between 6 and 15 characters"; } if($password == $password1) { $connect = mysql_connect("127.0.0.1","root","") or die ("Couldnt connect to database"); mysql_select_db("test_database") or die ("Couldnt find database"); $query = mysql_query ("INSERT INTO member VALUES ('','$businessname','$usersname','$enc_password','$email','taxnumber')"); die("Registration Complete! <a href='index.html'>Click here to login</a>"); } else { echo "Passwords must match"; } } } else echo "All fields are required"; } ?> <style type="text/css"> #apDiv1 { position:absolute; left:739px; top:79px; width:313px; height:325px; z-index:1; } </style> <div id="apDiv1"> <form action="register.php" method="POST"> Business Name: <input type="text" name="businessname" value=""> <p> Username: <input type="text" name="username" value""> <p> Password: <input type="password" name="password"> <p> Re-Enter Password: <input type="password1" name="password1"> <p> Email: <input type"text" name="email"> <p> Federal Tax ID: <input type="text" name="taxnumber" value=""> <p> <input type="submit" value="Create Account"> <p> </form> </div>

Sorry for the mistake ChristianF. Thanks for all the help, I think this case is closed I'm off to the Editors thread

That would make sense, I guess I will try that out. Now regarding the color coding: I think there might be something wrong with my Dreamweaver since I saved the file as a PHP file and I go into the files code environment so I guess it could be the preferences that causes it. One last thing that I have a question about is on my desktop my html files looks like explorer (because explorer opens it) but my PHP file looks like a text document. It opens with Dreamweaver though. Could that have something to do with why instead of executing the PHP script it thinks its a text file and asks me to save or open it, or it that how its supposed to be and keeping it in the htdocs should causes that to not happen? Also towards ChristianF: Since you recommend a WYSIWYG editor, any you would recommend? Thanks again guys!

I see what ChristianF is saying (and I will most likely have to end up doing that), but I am still confused on why Dreamweaver does not color coordinate the PHP code (tried to call Adobe but the hold time was 1.5+ hours); when I first got my Dreamweaver it would color coordinate PHP like everybody else, but now it does not. Another question that pops up in my mind is what is the color coordination for (is it commands that need to be color oriented for the server to understand)? Example: tags: red, echo: green, ect Porl123: No, I was considering do that, but I was a bit confused: htdocs are for both php and html, or do I put html in htdocs, and PHP in another XAMPP root folder? I appreciate the quick responses from you guys! You guys sure beat Adobe by a lot!

Hi guys, I am new to using PHP and HTML and any help would be appreciated. I am trying to make a website for my business, and I bought Dreamweaver and Installed XAMPP on my Win 7 computer. The HTML design was simple to make, but when I tried making a login system I was told to create a PHP script. I went online I found some great videos on how to script PHP in Dreamweaver. The first problem I encounter is when I start typing PHP inside Dreamweaver; the starting (<?php) don't turn red, the whole script stays normal text black. My HTML and PHP login files are not saved in my XAMPP htdocs, they are saved in a folder on my desktop. When I finished my PHP script (still in normal text color) and click on the html file to test it out, my html does not execute the login that my PHP script tells it to do. When I type in username and password then click submit (in my html file), a dialog box opens telling me to save or open the php login file. I tried to give you as much information as possible, and any help would be great! I thought starting a business was the hard part, but I was mistaken.