Jump to content


Photo

Need a "canned" password/logon script


  • Please log in to reply
6 replies to this topic

#1 rscott7706

rscott7706
  • Members
  • PipPipPip
  • Advanced Member
  • 88 posts
  • LocationLakeside CA

Posted 20 May 2006 - 12:44 AM

Hi all, I have a MYSQL database for a an organization, with Name, Company, logon name, password and email.

The organization does not want new user validation, they will assign a logon name and password when someone joins.

What we do need is a script that would allow them, armed with their Name, Company Name and email, to either change their password, or retrieve if forgotton.

This is a little different then most scripts out there that have a whole user validation process up front.

Does any one know of a free or low-cost routine out there?

#2 .josh

.josh
  • Staff Alumni
  • .josh
  • 14,871 posts

Posted 20 May 2006 - 12:54 AM

umm, just look for virtually any login script and remove the register linkie?

Did I help you? Feeling generous? Buy me lunch! 
Please, take the time and do some research and find out how much it would have cost you to get your help from a decent paid-for source. A "roll-of-the-dice" freelancer will charge you $5-$15/hr. A decent entry level freelancer will charge you around $15-30/hr. A professional will charge you anywhere from $50-$100/hr. An agency will charge anywhere from $100-$250/hr. Think about all this when soliciting for help here. Think about how much money you are making from the work you are asking for help on. No, we do not expect you to pay for the help given here, but donating a few bucks is a fraction of the cost of what you would have paid, shows your appreciation, helps motivate people to keep offering help without the pricetag, and helps make this a higher quality free-help community :)

#3 rscott7706

rscott7706
  • Members
  • PipPipPip
  • Advanced Member
  • 88 posts
  • LocationLakeside CA

Posted 20 May 2006 - 02:30 AM

[!--quoteo(post=375408:date=May 19 2006, 05:54 PM:name=Crayon Violent)--][div class=\'quotetop\']QUOTE(Crayon Violent @ May 19 2006, 05:54 PM) View Post[/div][div class=\'quotemain\'][!--quotec--]
umm, just look for virtually any login script and remove the register linkie?
[/quote]

I hear you, but I did not explain my main issue - the users of this site are at best computer illiterate.

I would like a script that will "recover' the password, not send an new crytic looking one.
All of the routines I seen so far only allow a "new" password to be sent, I need to recover the original.

I know security is lower in this scenario, but not a hugh issue.


#4 alpine

alpine
  • Members
  • PipPipPip
  • Advanced Member
  • 756 posts
  • LocationNorway

Posted 20 May 2006 - 07:14 AM

okay, i'll help you out on the password bit and you can work with this making your own update info form using the mysql --> UPDATE users set name='$name', company='$company' where id='$id' <-- etc
Come back for spesific help on this when you are working on it.

Work with this to retrieve password (assume the stored password is stored without encryption):
<?php

$show_pass_form = 1;

if(isset($_POST['change']))
{
if(!empty($_POST['cname']) OR !empty($_POST['uname']) OR !empty($_POST['umail']))
{
foreach( $_POST as $key => $value )
{
 ${$key} = htmlspecialchars($value);
}
// change table info to your own
$sql = mysql_query("select password from table_users where email = '$umail' and name = '$uname' and company = '$cname'") or die(mysql_error());

if(mysql_num_rows($sql)<>1)
{
  print "Sorry, no unique user found with your provided information <br />";
}
else
{
$row = mysql_fetch_array($sql);
$pass = $row["password"]; // col name in db storing the password

  print "Your password is: $pass <br />";
// or preferred is to email it, remove the line above this printing out the password
$send_it = mail($umail,"Your password","Your password is: $pass","From: Secret site <info@site.net>");
if($send_it)
{
  print "Your password is sendt to $umail";
}
else
{
  print "Password was NOT sendt as the email procedure failed...";
}

// now we dont need to show the form again
$show_pass_form = 0;
}
}
else
{
  print "All fields needs to be filled in... <br />";
}
}

if($show_pass_form == 1)
{
echo <<<__HTML_END

<form action="this.php" method="post">

Company:<br />
<input type="text" name="cname" size="25" value="" />
<br />
Logon Name:<br />
<input type="text" name="uname" size="25" value="" />
<br />
Email:<br />
<input type="text" name="umail" size="25" value="" />
<br />
<br />
<input type="submit" name="forgot" value="Retrieve my password" />

</form>

__HTML_END;
}
?>


#5 rscott7706

rscott7706
  • Members
  • PipPipPip
  • Advanced Member
  • 88 posts
  • LocationLakeside CA

Posted 20 May 2006 - 01:28 PM

[!--quoteo(post=375408:date=May 19 2006, 05:54 PM:name=Crayon Violent)--][div class=\'quotetop\']QUOTE(Crayon Violent @ May 19 2006, 05:54 PM) View Post[/div][div class=\'quotemain\'][!--quotec--]
umm, just look for virtually any login script and remove the register linkie?
[/quote]

I hear you, but I did not explain my main issue - the users of this site are at best computer illiterate.

I would like a script that will "recover' the password, not send an new crytic looking one.
All of the routines I seen so far only allow a "new" password to be sent, I need to recover the original.

I know security is lower in this scenario, but not a hugh issue.


Thanks alpine, I sure appreciate the help.

I can't get to it this morning, but will start working on it later today.

Please indulge me a little, I am still so new to this - and maybe a little dull in the cranium...

It looks like you have the users form and the php action script together here. Maybe I am way off, but on the bottom I see the form actions as "this.php" - wouldn't that be the code above saved as a separate file?

Or am I still not understanding all this? Gads - hate being a novice. I know just like everything else I will start picking this up, but PHP has been a slower curve for me.



#6 alpine

alpine
  • Members
  • PipPipPip
  • Advanced Member
  • 756 posts
  • LocationNorway

Posted 20 May 2006 - 02:19 PM

just rename the form action to the same name as you choose on that file, example getpass.php - nothing is to be splitted up. Remember to correct the table and col names, + ofcourse you will need to include a connection to your mysql db.

#7 rscott7706

rscott7706
  • Members
  • PipPipPip
  • Advanced Member
  • 88 posts
  • LocationLakeside CA

Posted 20 May 2006 - 03:13 PM

[!--quoteo(post=375499:date=May 20 2006, 07:19 AM:name=alpine)--][div class=\'quotetop\']QUOTE(alpine @ May 20 2006, 07:19 AM) View Post[/div][div class=\'quotemain\'][!--quotec--]
just rename the form action to the same name as you choose on that file, example getpass.php - nothing is to be splitted up. Remember to correct the table and col names, + ofcourse you will need to include a connection to your mysql db.
[/quote]


Cool!! Thanks alpine!!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users