-
Posts
439 -
Joined
-
Last visited
Everything posted by I-AM-OBODO
-
Wow! after much playing around. Got it <?php $stmt = $pdo->query("SELECT acct_num FROM table ORDER BY id DESC"); while($row = $stmt->fetch(PDO::FETCH_ASSOC)) { $acct_num = $row['acct_num']; echo "<option> $acct_num </option>"; } ?> Thanks all
-
Hi all. how can i make the values show like a list. I tried html line break "<br>" and php \n but all to no avail. It just show all the values in one straigth line. example of what i want is for the values to appear like this: 1234567890 0987654345 4567890675 instead of : 1234567890 0987654345 4567890675 Thanks <form data-abide method="post" action=""> <div> <select name=""> <option value="name"> <?php $stmt = $pdo->query("SELECT acct_num FROM table order by id desc"); while ( $row = $stmt->fetch(PDO::FETCH_ASSOC) ) { echo $row['acct_num']; } ?> </option> </select> </div> <div> <label>New Password <small>required</small></label> <input type="password" name="password" id="password" required> <small class="error">New password is required and must be a string.</small> </div> <div> <label>Confirm New Password <small>required</small></label> <input type="password" name="password2" id="password2" required> <small class="error">Password must match.</small> </div> <input name="submit" type="submit" class="button small" value="Change Password"> </form>
-
Thanks.
-
I could do this with a while but was thinking It's bad practice that why I need to know. "select password from table where username = username and password = password"; while ($row = $stmt->fetch (PDO::FETCH_ASSOC)) { $hash =$row['password'] ; }
-
I know that the password ought be stored in database and I also know that the verify is used to check if the password is ok. my question is how to retrieve the password and assign the value to $hash. I could do a while query to store result in $hash but I read somewhere that It's bad practice cos that would expose the hashed password thereby given the security a loophole.
-
Hi. I've been trying to understand the concept of password_hash but so far it has eluded me! registration <?php if(isset($_POST['submit'])){ $name = $_POST['name']; $email = $_POST['email']; $password = $_POST['password']; //$pass_hash = PassHash::hash($_POST['password']); $hash = password_hash($password, PASSWORD_BCRYPT); $stmt = $pdo->prepare("INSERT INTO hash_test(name, email, password) VALUES(:name, :email, :password)"); $stmt->execute(array( ':name' => $name, ':email' => $email, ':password' => $hash )); if ($stmt->rowCount() ==1){ echo "Registration Successful"; }else{ echo "There was a problem taking your request"; } } ?> The registration is working fine and all fields are inserted. The problem is when loggin in, its giving me an error : unknown variable which is the $hash. The verify parameter is thus: password_verify($password, $hash) I believe the $password is the users password for login, now how/when/where do assign a value to $hash? since in my db i have email(username) password. Do i need to store the hash separately on the db? Can someone please enlighten me more my login code <?php if(isset($_POST['login'])){ $password = $_POST['password']; $stmt = $pdo->prepare("SELECT email, password FROM hash_test WHERE email=:email AND password=:password"); $stmt->execute(array( ':email' => $_POST['email'], ':password' =>$password )); //if ($stmt->rowCount() ==1){ if (password_verify($password, $hash)) { /* Valid */ echo "Right"; } else { /* Invalid */ echo "wrong"; } //} } ?> THANKS
-
I wonder what's wrong with me. I've seen the problem. Thanks my head was beclouded thank you very much
-
sorry if you dont get me right. i have a table that has a transaction date and expiry date. I want to create another column where i can see the intervals between the order date and expiry date. i want to see them without doing a where clause. example Name Date Paid Expiry Date Date Difference John 2014-11-07 2014-12-01 24 days Doe 2014-11-07 2014-11-10 3 days This is what i did $stmt = $pdo->query("SELECT DATEDIFF(date_paid, next_due) AS diffdate FROM ca_payment"); while($row = $stmt->fetch(PDO::FETCH_ASSOC)) { echo $row['diffdate']; } but its showing the total sum of date difference of all the column which is not what i want
-
Hi all. How can i see all the difference between two dates in a column. I know to see a single date difference we can do: $stmt = $pdo->query("SELECT DATEDIFF(date_paid, next_due) AS diffdate FROM table_name"); while($row = $stmt->fetch(PDO::FETCH_ASSOC)) { echo $row['diffdate']; } but i want all the difference to show in a table along with other details. thanks
-
Thanks all. Been out of town for a while that's the reason i'm reply now. I managed to get it to work. i changed a couple of things and i cannot really pin-point what made it work. I removed all the mysql_real_escape_string and changed the path. Thank you so very much. ps: still studying password_hash so that i can start implement.
-
yes I think pdo is enabled cos I could log in at the admin end and It's using pdo
-
thanks for yours above. the password hashing is same both on logging. I said I could login on my localhost but cant when live.
-
Nope. jus t didn't include it here
-
Oh I forgot to mention that even with path as is, it's logging into the intended area with mysql but when modified to pdo, it doesn't log in
-
Thanks all. I'm in transit. will try them out. I think the problem should be the path. and my password will change to sha1 or maybe after md5 then I sha1 again or what do u think? my admin uses a different login totally from the users.
-
Hi all. I'm really having an awful time. Pls what could be the problem with this cos i can login into my local server but cant login when i go live. thanks <?php if(isset($_POST['login'])){ $username=$_POST['username']; $password=$_POST['password']; $username = stripslashes($username); $password = stripslashes($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $pass = md5($password); $stmt = $pdo->prepare("SELECT * FROM confirm WHERE username=:username AND password=:password"); $stmt->execute(array( ':username' =>$username, ':password' => $pass )); if ($stmt->rowCount() ==1){ $_SESSION['username'] = $username; $_SESSION['password'] = $password; header("location: ./account/"); exit(); } else { echo 'Invalid Username or Password'; } } ?>
-
how do I go about implementing it using pdo. guess will need a crash course on pdo
-
I know something is wrong but dunno how to fix it. My intention is to lock user based on ip after 3 unsuccessful attempts. Its incrementing the login count but after 3 attempts, I just can't figure out how to lock the user and reset the value after some time. I'd like a pointer towards the right/best thing to do should my code not be worthy. Thanks and heres my code: <?php $user_ip = $_SERVER['REMOTE_ADDR']; $table_name = "loginattempts"; $query = "SELECT attempts FROM $table_name WHERE user_ip = '$user_ip'"; $result = mysql_query($query) or die("Invalid Login"); while($row = mysql_fetch_array($result)){ $count = $row['attempts']; } if($count == 3){ echo("Your login attempt is completed"); }else{ $insert = "INSERT INTO $table_name WHERE user_ip = '$user_ip'"; $result = mysql_query($insert); $update = "UPDATE $table_name SET attempts = attempts + 1 WHERE user_ip = '$user_ip'"; $result = mysql_query($update); } $update = "UPDATE $table_name SET attempts = 0 WHERE lastlogin - NOW() = '60000'"; $result = mysql_query($update); ?>
-
Thanks all. Sometimes clients just want to have it there way even when you try to discourage them of bad practices. Thanks very much. will keep your advise in mind.
-
Thanks and yes I do.
-
The reason to move to another table is for easy reference. so that I'll create a link that will contain only transaction to come up in 10 days time. that's what the client wants. thanks
-
Hi all. I have an issue and don't know how to go about it. I have a table that contains user orders. I want to move only orders that will be due in 10 days time to another table. How can I achieve that? thanks
-
Hi. how can I control a progress meter/bar to display errors when it failed to reach 100% or on getting to a point? thanks
-
when I try accessing my site, it just wont see it. I guess the .htaccess cant locate the .htpasswd. I also believe my directory structure is the problem but how do I fix it.
-
its not working