joshspringsteen
-
Posts
3 -
Joined
-
Last visited
Never
Posts posted by joshspringsteen
-
-
hi guys
im building a registration and login system for my site...i've read about the md5 but however i put it in my code i cant seem to get it to work...is md5 the best out there, or would something stronger be better...anyway, here is my code --> where do i put in the bit for encrypting the passwords...
===========================
[code]<?php
include("config.php");
// connect to the mysql server
$link = mysql_connect($server, $db_user, $db_pass)
or die ("Could not connect to mysql because ".mysql_error());
// select the database
mysql_select_db($database)
or die ("Could not select database because ".mysql_error());
// Define post fields into simple variables
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
$realname = $_POST['realname'];
$location = $_POST['location'];
$usertatts = $_POST['usertatts'];
$usercomments = $_POST['usercomments'];
// Do some error checking on the form posted fields
if((!$username) || (!$password) || (!$email) || (!$realname)){
echo 'You did not submit the following required information! <br />';
if(!$username){
echo "username is a required field. Please enter it below.<br />";
}
if(!$password){
echo "password is a required field. Please enter it below.<br />";
}
if(!$email){
echo "Email Address is a required field. Please enter it below.<br />";
}
if(!$realname){
echo "realname is a required field. Please enter it below.<br />";
}
include 'register.html'; // Show the form again!
exit(); // if the error checking has failed, we'll exit the script!
}
// Let's do some checking
$sql_email_check = mysql_query("SELECT email FROM users
WHERE email='$email'");
$sql_username_check = mysql_query("SELECT username FROM users
WHERE username='$username'");
$email_check = mysql_num_rows($sql_email_check);
$username_check = mysql_num_rows($sql_username_check);
if(($email_check > 0) || ($username_check > 0)){
echo "Please fix the following errors: <br />";
if($email_check > 0){
echo "<strong>Your email address has already been used by another member
in our database. Please submit a different Email address!<br />";
unset($email);
}
if($username_check > 0){
echo "The username you have selected has already been used by another member
in our database. Please choose a different Username!<br />";
unset($username);
}
include 'register.html'; // Show the form again!
exit(); // exit the script so that we do not create this account!
} else {
// insert the data
$insert = mysql_query("insert into $table values ('NULL', '".$_POST['username']."', '".$_POST['password']."', '".$_POST['email']."', '".$_POST['realname']."', '".$_POST['location']."', '".$_POST['usertatts']."', '".$_POST['usercomments']."')")
or die("Could not insert data because ".mysql_error());
// print a success message
echo "Your user account has been created!<br>";
echo "Now you can <a href=login.html>log in</a>";
}
?>
[/code]
===========================
thanks guys, marty -
Hi guys,
Just a question. Shortly, I will be setting up a national website with paying members for services rendered. The members will have their own login/password and membership area.
Im trying to decide between PHP and ASP. I know how to program PHP/MySQL so I wanna stick to this. Is this going to be safe enough on the web to avoid hackers etc, or is ASP safer?
Thanks for your help,
Josh.
simple, i know but im new!! password help
in PHP Coding Help
Posted
THanks again!