Jump to content


Photo

Authentication by SSN. Simple? hopefully?


  • Please log in to reply
5 replies to this topic

#1 Moron

Moron
  • Members
  • PipPipPip
  • Advanced Member
  • 368 posts

Posted 31 August 2006 - 01:52 PM

Okay, I want two fields on the opening page of my Leave Management form: Employee Number and Password. Password will be their Social Security Number. Therefore, the SSN they enter as password must match the Employee Number. Both are in the same database table.

Is there a simple way to do this?

I seriously don't need any encryption or anything fancy like that or any dealings with an htaccess file or whatever. This field must match that one. That's all.



#2 harleydude

harleydude
  • Members
  • PipPip
  • Member
  • 10 posts

Posted 31 August 2006 - 01:56 PM

sure, just be sure that the ssn field in the database is a character field or else passwords like '012345678' will come out as '12345678'.

A simple validation sql will do the trick: select uid from users where uid = loginid and pw = loginpw

If recordcount == 1 then they are good to go!!
Success = 1% inspiration + 99% persperation!
Support PHP Freaks! TODAY!

#3 Moron

Moron
  • Members
  • PipPipPip
  • Advanced Member
  • 368 posts

Posted 31 August 2006 - 02:15 PM

sure, just be sure that the ssn field in the database is a character field or else passwords like '012345678' will come out as '12345678'.

A simple validation sql will do the trick: select uid from users where uid = loginid and pw = loginpw

If recordcount == 1 then they are good to go!!


The first part is already in place. They enter their employee number and the records pull from there.

So just to be clear..... I adapt the query by adding a condition that (employee number recordcount == 1 AND password (SSN) recordcount == 1)  ?? Is that right?



#4 Moron

Moron
  • Members
  • PipPipPip
  • Advanced Member
  • 368 posts

Posted 31 August 2006 - 03:40 PM

Update: It now works somewhat.    ::)

If I enter my employee number and correct SSN, it works like a charm. If I enter the wrong SSN, it gives me the intended page with this near the top:

Warning: mssql_data_seek() [function.mssql-data-seek]: Bad row offset in E:\User\Inetpub\wwwroot\PHPLeaveTime\leaveprocess.php on line 476


What I want it to do in case of a mismatch is not give a database error, but instead come back and say "Invalid password" or whatever.

Ideas?



#5 redarrow

redarrow
  • Members
  • PipPipPip
  • Advanced Member
  • 7,308 posts
  • Locationlondon

Posted 31 August 2006 - 03:58 PM

post your sql statement as it is now please.

Wish i new all about php DAM i will have to learn
((EMAIL CODE THAT WORKS))
http://simpleforum.ath.cx/mail2.inc
((PAYPAL INTEGRATION THAT WORKS))
http://simpleforum.a...aypal1_info.inc

#6 Moron

Moron
  • Members
  • PipPipPip
  • Advanced Member
  • 368 posts

Posted 31 August 2006 - 06:56 PM

post your sql statement as it is now please.


I can do that, but the query does exactly what I want. The only thing is, I want to stop the user and give a warning if the SSN and employee number don't match.

EDIT: If you think it might help, here you go:

$RESULTDS=mssql_query("SELECT DISTINCT LH.[Employee Number], LH.[Lmo], LH.[Lda], LH.[LYR], LH.[Hours], LH.[Leave Code], M2.[HRYRAT], M2.[EMPNO], M2.[MANLAP], M2.[MANLAC], M2.[MANLTC], M2.[MSKLAB], M2.[MSKLTC], M2.[MSKLAB], M2.[MSKLTC], M2.[NAMEMI], M2.[NAMEL], M2.[NAMEF] FROM LEAVHST LH INNER JOIN MASTERL2 M2 ON LH.[Employee Number]=M2.EMPNO WHERE M2.[EMPNO] = '".$_POST['employeenumber']."' and 
M2.[MSSNO] = '".$_POST['password']."' and (LH.[LYR] = '$last' AND LH.[Lmo] >= '07') OR (LH.[LYR] = '$last' + 1  AND LH.[Lmo] < '07')  ORDER BY LH.[LYR] desc, LH.[Lmo] desc, LH.[Lda] desc");
$RESULT=mssql_fetch_assoc($RESULTDS);

Thanks!





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users