Jump to content

averagecoder

New Members
  • Content Count

    4
  • Joined

  • Last visited

Community Reputation

0 Neutral

About averagecoder

  • Rank
    Newbie
  1. I'm starting with an empty database. I want to provide 10 users credentials to a web front end. I'm going to create tables. I want the users to have access to the new tables I create. They probably should not have access to the system tables. I don't want anonymous people on the internet to be able to access the database through this web page. Please let me know if you need more details on the requirements.
  2. I have PHP, Apache and Postgres all running on one CentOS 7 server. I want a web front end that requests a username and password. If authentication works, I want the application (web front end) to allow the user to retrieve database records. How do I create a PHP web page that performs authentication (and tests if the credentials that were entered valid or not)?
  3. I want to know which users modified the database tables. I have a website that allows users to log in from anywhere in the world. I cannot let anyone access the database and delete records. How do I make sure reporting is turned all the way up? Which logs do I look in?
  4. I have Apache, PHP, and Postgres all installed on one CentOS 7.3. I have a .PHP script that does not use interactive user input that successfully connects to the Postgres database. So I know PHP and Postgres work. I now want to create new .PHP files for front end web development. I want a web page that accepts user input then uses that input as credentials to log into the database. I am trying to get the PHP page to take the credentials to then authenticate to a Postgres database. I use this PHP script (called a.php) to request the credentials from the front end: <!DOCTYPE HTML> <html> <body> <form action="welcome.php" method="post"> Name: <input type="text" name="name"><br> E-mail: <input type="text" name="email"><br> <input type="submit"> </form> <!DOCTYPE HTML> <html> <body> I use this PHP script named welcome.php (it was based on a TutorialsPoint example so "email" will be the password in this code): echo "Favorite name is " . $_POST["name"] . ".<br>"; echo "Favorite email is " . $_POST["email"] . "."; $host = "host=poda"; $port = "port=5432"; $dbname = "dbname=foobar"; $credentials = "user=" . $_POST["name"] . " password=" . $_POST["email"]; echo " "; echo $credentials; //I am certain the correct credentials are being used. echo " "; $db = pg_connect( "$host $port $dbname $credentials" ); if(!$db){ echo "Error : Unable to open database\n"; } else { echo "Opened database successfully\n"; } $sql =<<<EOF CREATE TABLE COMPANY (ID INT PRIMARY KEY NOT NULL, NAME TEXT NOT NULL, AGE INT NOT NULL, ADDRESS CHAR(50), SALARY REAL); EOF; $ret = pg_query($db, $sql); if(!$ret){ echo pg_last_error($db); } else { echo "Table created successfully\n"; } pg_close($db); echo $name ?> I have now posted the first PHP file (a.php) and the subsequent welcome.php file. Therefore my code is all on this post that I want to get to work. The credentials I input into the web page work when I use those credentials hard-coded into this PHP script.Here is the standalone script that does not accept user input; it works on the back end from a Linux prompt with "php standalone.php": <?php $host = "host=poda"; $port = "port=5432"; $dbname = "dbname=foobar"; $credentials = "user=jdoe password=jdoe@so.com"; $db = pg_connect( "$host $port $dbname $credentials" ); if(!$db){ echo "Error : Unable to open database\n"; } else { echo "Opened database successfully\n"; } $sql =<<<EOF CREATE TABLE COMPANY (ID INT PRIMARY KEY NOT NULL, NAME TEXT NOT NULL, AGE INT NOT NULL, ADDRESS CHAR(50), SALARY REAL); EOF; $ret = pg_query($db, $sql); if(!$ret){ echo pg_last_error($db); } else { echo "Table created successfully\n"; } pg_close($db); ?> (Whenever I run the script above, I subsequently drop the table that it created.) Ports 80 and 5432 are open on the CentOS server between the Windows computer with a web browser. I tested the port and the IP address. I created a firewall rule to block it. Then I unblocked it. I can say that the relevant ports are open between the web browser and the CentOS server that runs Apache, PHP, and Postgres. When I open a web browser on a Windows computer and go to the PHP page, I enter the correct credentials into the PHP page. I see this error after I click submit What can I do to have the "welcome page" show a successful authentication to the Postgres database? The credentials are known to work.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.