Search the Community

I think the title is very clear but i have a site that has 2 user databases, one for web mail (Round cube) and one for a directory of content that the user has to be authenticated for. I was wondering if i should throw the password in $_SESSION and authenticate web mail if the user is logged in? Obviously i should not send that password back to the client if it be encrypted or not but i would inject the username and password into the web mail authentication handler as if the user had already filled in the form. Due to certain circumstances i am unable to merge the user databases. If there are any other possibilities do recommend them instead.

Hello I am trying to create a password storing application, but cannot figure out the best way to store account passwords. The application wont store just user passwords to login, but passwords for other accounts. For example Client wants to be able to store all their Facebook and twitter passwords on the site, then log in when they want to find it. I was going to make it so the admin needed repeat their password they used to login to the application to retrieve another password, all of this is no problem, its just encrypting the passwords and being able to "un-encrypt" it later so they can see it. Any help would be appreciated, the person doesn't really care if its secure, they just want me to store the strings in the Database to be retrieved later, but I want to make it secure. Thank you

Hi guys I would like to get whole content of html file after I submitted a password. The problem is that the my code doesn't access the value for the file. I tried to create a session but i doesn't work. What other option do I have to get the content of the html file? session_start(); $selected_file = $_POST['radio1']; // get the filename of the file $fileinfo = pathinfo($selected_file); $filename = $fileinfo['dirname'] . DIRECTORY_SEPARATOR . $fileinfo['filename']; $password = 'code'; $lines = file("$filename.html"); $_SESSION['selectedfile'] = $selected_file; $_SESSION['file'] = $filename; $_SESSION['Scipt'] = ("$filename.html"); $_SESSION['Scipttext'] = $lines; $_SESSION['file2'] = $fileinfo; if (isset($_POST['submitradio'])) { echo '<div class="imageselected">'; echo '<img src="'.$_SESSION['selectedfile'].'" /></br>'.PHP_EOL; echo '</div>'; // check to see if a html file named the same also exists if(file_exists($_SESSION['Scipt'])) { echo "<form action='test_result.php' method='post'>"; echo '<div class="Password">'; echo 'Type in password to view full Script'; echo "<label><div class=\"Input\"><input type='password' name='passIT' value='passit'/></div>"; echo "<input type='submit' name='submitPasswordIT' value='Submit Password'/></div>"; echo '</div>'; echo "$filename.html shares the same name as $selected_file"; for($x = 1;$x<=15;$x++) { header( "Content-Type: file/html" ); $lines = ($_SESSION['Scipttext']); $new = strip_tags($lines); echo $lines[rand(0, count($lines)-1)]."<br>"; } // end of forloop } // end of check // start Sorrytext else { echo '<div class="NoScript">'; echo "Nothing available at the moment."; echo '</div>'; } // end Sorrytext } // End of submitradio if($_POST['submitPasswordIT']){ if ($_POST['passIT']== $password ){ echo "You entered correct password"; readfile($_SESSION['Scipt']); } else{ echo "You entered wrong password"; } } echo '</form>'; I would be grateful for help.

I have a basic username/password form that uses AJAX to login: Submit the two values in an AJAX request If the values are correct, sets session variable for the user and returns success Client receives success and redirects to the start page. All of this is basic stuff, works fine. But now some customers say they want the form to remember passwords. I've done some basic work: Added FORM tags around these input fields. Returns false Gave the input fields NAME attributes This seems to make Firefox prompt to remember the password. But I'm having no luck with Chrome, IE, or Safari. I've googled extensively and there are basically two or three solutions, but I can't get anything to work on these other browsers. It's getting to be quite frustrating. I'm thinking of abandoning this AJAX form and just going to crappy old POST. What are you using for AJAX login pages? Are passwords remembered by the browser? How are you doing it?

Hey , i have a problem in encrypting a password in mysql in the register form if anyone registered make their password encrypt in mysql database but when i want to login i must used the encrypting password ,, is there's a way to use that password i entered in register form for e.g ( 1234 ) not the encrypted password

I am trying to create a forget password option. For some reason, it's not working. Please check the code below to see what is wrong with it. if(isset($_POST['submit'])) { if(!empty($_POST['email'])) { $email = escape($_POST['email']); $getData = DB::getInstance()->query("SELECT * FROM users WHERE email = {$email}"); if($getData->count()) { foreach($getData->results() as $row) { $username = escape($row->username); $full_name = escape($row->full_name); $password = escape($row->password); $db_email = escape($row->email); } } else { echo 'No data returned!'; } if($email == $db_email) { $new_password = substr(md5(rand(999, 999999)), 0, ; $to = $db_email; $subject = "Password Reset"; $body = "Hello " . $full_name . ",\n\nYour new password is: " . $new_password . "\n\n-Favecave"; $updatePass = DB::getInstance()->query("UPDATE users SET password = {$new_password} WHERE email= {$email}"); mail($to,$subject,$body); } else { echo 'Email not found'; } } else { echo 'Please enter field'; } } ?> <form action="" method="post"> <span>Enter your email address:<span><br> <input type="email" name="email" size="40"><br> <input type="submit" value="Recover"> </form>

Hello! I am very new to coding, and need some help in getting javascript to verify whether a password has upper- and lowercase letters, and a number. I've already written a part where it checks if the password matches the second time you write it, but for the life of me I can't get the other shit to work. Here is what I have in the scripting department so far: { var password1 = document.getElementById('password1'); var password2 = document.getElementById('password2'); var message = document.getElementById('confirmMessage'); var goodColor = "#66cc66"; var badColor = "#ff6666"; if(password1.value == password2.value){ password2.style.backgroundColor = goodColor; message.style.color = goodColor; message.innerHTML = "Passwords Match!" }else{ password2.style.backgroundColor = badColor; message.style.color = badColor; message.innerHTML = "Passwords Do Not Match!" }

Hey, nooby here I am looking for a PHP solution for password protect pages. I have successfully implemented this code which check a user name and password to grant access. The problem is that each user needs a different (password protected) page. What I would like to do is take it a step further and have each user directed to a specific page. visitor1 => www.mysite.com/visitor1.com visitor2 => www.mysite.com/visitor2.com Since I am not going to have anymore than three users I don't want the complication of a database and keep everything PHP. Any idea please? Cheers, This is the login page: <?php $LOGIN_INFORMATION = array( 'visitor1' => 'password1', 'visitor2' => 'password2' ); define('USE_USERNAME', true); define('LOGOUT_URL', 'http://www.mysite.com/logout.php'); define('TIMEOUT_MINUTES', 0); define('TIMEOUT_CHECK_ACTIVITY', true); if(isset($_GET['help'])) { die('Include following code into every page you would like to protect, at the very beginning (first line):<br><?php include("' . str_replace('\\','\\\\',__FILE__) . '"); ?>'); } $timeout = (TIMEOUT_MINUTES == 0 ? 0 : time() + TIMEOUT_MINUTES * 60); if(isset($_GET['logout'])) { setcookie("verify", '', $timeout, '/'); // clear password; header('Location: ' . LOGOUT_URL); exit(); } if(!function_exists('showLoginPasswordProtect')) { function showLoginPasswordProtect($error_msg) { ?> <!DOCTYPE HTML> <html> <head> </head> <body class="loading"> <div style="width:500px; margin-left:auto; margin-right:auto; text-align:center"> <form method="post"> <p>Please enter password</p><br /> <font color="red"><?php echo $error_msg; ?></font><br /> <?php if (USE_USERNAME) echo 'Login:<br /><input type="input" name="access_login" /><br />Password:<br />'; ?> <input type="password" name="access_password" /><p></p><input type="submit" name="Submit" value="Submit" /> </form> </div> </body> </html> <?php die(); } } if (isset($_POST['access_password'])) { $login = isset($_POST['access_login']) ? $_POST['access_login'] : ''; $pass = $_POST['access_password']; if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION) || (USE_USERNAME && ( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) ) ) { showLoginPasswordProtect("Incorrect password."); } else { setcookie("verify", md5($login.'%'.$pass), $timeout, '/'); unset($_POST['access_login']); unset($_POST['access_password']); unset($_POST['Submit']); } } else { if (!isset($_COOKIE['verify'])) { showLoginPasswordProtect(""); } $found = false; foreach($LOGIN_INFORMATION as $key=>$val) { $lp = (USE_USERNAME ? $key : '') .'%'.$val; if ($_COOKIE['verify'] == md5($lp)) { $found = true; // prolong timeout if (TIMEOUT_CHECK_ACTIVITY) { setcookie("verify", md5($lp), $timeout, '/'); } break; } } if (!$found) { showLoginPasswordProtect(""); } } ?> And here is the code I used at the top of each protected page: <?php include("/home/user/public_html/clients/login.php"); ?>[/code]

I am using this https://github.com/ircmaxell/password_compat I have no problem using it on a local server. But as soon as I test it on a live server, it gives me an error like this. Parse error: syntax error, unexpected '{' in /home/public_html/sub/snippets/password.php on line 19 The error is on the same line as the beginning of the code in that library. Why is this happening?

i want seperate error messages for username and password ..but in below code i am not getting ..can anybody check this and make changes ...thanks <html> <head> </head> <body> <form action='login.php' method='post'> User name:<input type='text' name='name'/> Password:<input type='password' name='pwd'/> <input type='submit' name='submit' value='Submit'/> </form> <?php session_start(); if(isset($_POST['submit'])) { mysql_connect('localhost','root','saibaba92@'); mysql_select_db('new'); $name=$_POST['name']; $pwd=$_POST['pwd']; if($name != '' && $pwd != '') { $query=mysql_query("select * from login1 where Name='$name' AND password='$pwd'"); $sql=mysql_fetch_array($query); if(($sql['Name']==$name)&&($sql['password']==$pwd)) { $_SESSION['name']=$name; header("Location:welcome.php"); } else if(($sql['password']==$pwd)&&($sql['Name']!=$name)) { echo 'username is incorrect'; } else{ echo 'password is incorrect'; } } else { echo'Enter both username and password'; } } ?> </body> </html>

Unfortunately my ideas out pace my skills. I have a database that I would like certain people to access their own info, but nobody else's. It's not super sensitive info and won't mean much to anyone other than the end user but we don't like the idea of others accessing it so we'd like to put some protection on it. What I was hoping for is a dropdown list (there's about 30 or so clients that would be in a mysql table) where they can pick out their name, then text box for the password. When they hit submit button it would lead them to their own page with a table and their own info from a mysql table. I can get each one of these details to work separately, but I'm having trouble putting them all together (the password is where things get muddled). Can anyone point me to a place where they've already figured this out? Thanks!

I have an old website with users and password (not hashed) and want to import them into mysql, then run a script to create a new user_password_hash and update the database: what I tried is something like this: require 'application/config/config.php'; #Define Connection String Using PDO. $dbh = new PDO('mysql:host='.DB_HOST.';dbname='.DB_NAME.';charset=utf8',DB_USER,DB_PASS); $sth = $dbh->prepare("SELECT user_id, password, user_password_hash FROM users"); $sth->execute(); $result = $sth->fetchAll(); foreach($result as $key => $value) { $query = "UPDATE users SET user_password_hash = password_hash('result.password', PASSWORD_DEFAULT) WHERE user_id = 'result.user_id'"; } echo 'Done'; but not working tried it a few different ways but unsuccessfully frustrating, new to php, used cfm in the past, trying to get my php feet wet !!! any suggestions are appreciated !!!