using phpmyAdmin to create database for login how?

[joseph]

I create a database "login" then create a table "users" in the fields area, I created a "username" and "password"... Now I got this problem, I don't know what to put in these area:
Field Names - Type - Length/values - attributes - Null - Default - Extra - primgary - index - unique - full text ?
username
password

please help... What should I put in type? values? etc... until full text? Thanks. I really need help here..

[.josh]

most people make the username and password columns type varchar.  for the varchar datatype, you must specify a length in the length/values.  the length is how many characters you want it to be (for example, how many letters long do you want the user's name to be, maximum) I usually set this at around 15 for user names, because there really is no reason a user needs a username a mile long, and also if you do give them the ability to make really long user names, that can mess up your formatting when trying to display for instance, a table of usernames and other info.

the password field is usually set to around 32. why? because most people encrypt the passwords with md5() and the resulting 124 bit encryption string is 32 characters long.  You should always have some sort of method of encrypting the password.  So first you need to decide what method you wish to use to encrypt passwords, and then make the length long enough to hold it.  PHP has a built in function called md5() as mentioned.  There is also sha1() which i think is like 160 bit and idk like 40 chars long or something.  you can go to php.net and look in the manual for more info about those functions. Or you can make your own up. Whatever.

Everything else you can leave blank.  However, you probably want to set the username to unique, as you don't want more than one person to have the same username.  Please note though, that you still need to make your php script check for an existing username in your register script. you should not rely on mysql to spit out an error message to the user about his name selection; any error messages a user might come across should be made specifically by you. 

also, don't make the password set to unique. if you do, then a malicious user can spend all day entering in random passwords until your script tells them they can't use it because it's taken. Then all they have to do is go down the public list of users your probably have, and match it up.