Jump to content

Authentication by SSN. Simple? hopefully?


Moron

Recommended Posts

Okay, I want two fields on the opening page of my Leave Management form: Employee Number and Password. Password will be their Social Security Number. Therefore, the SSN they enter as password must match the Employee Number. Both are in the same database table.

Is there a simple way to do this?

I seriously don't need any encryption or anything fancy like that or any dealings with an htaccess file or whatever. This field must match that one. That's all.

Link to comment
Share on other sites

sure, just be sure that the ssn field in the database is a character field or else passwords like '012345678' will come out as '12345678'.

A simple validation sql will do the trick: select uid from users where uid = loginid and pw = loginpw

If recordcount == 1 then they are good to go!!
Link to comment
Share on other sites

[quote author=harleydude link=topic=106380.msg425366#msg425366 date=1157032602]
sure, just be sure that the ssn field in the database is a character field or else passwords like '012345678' will come out as '12345678'.

A simple validation sql will do the trick: select uid from users where uid = loginid and pw = loginpw

If recordcount == 1 then they are good to go!!
[/quote]

The first part is already in place. They enter their employee number and the records pull from there.

So just to be clear..... I adapt the query by adding a condition that (employee number recordcount == 1 AND password (SSN) recordcount == 1)  ?? Is that right?

Link to comment
Share on other sites

Update: It now works [b]somewhat.[/b]    ::)

If I enter my employee number and correct SSN, it works like a charm. If I enter the wrong SSN, it gives me the intended page with this near the top:

[quote][b]Warning:[/b] mssql_data_seek() [function.mssql-data-seek]: Bad row offset in [b]E:\User\Inetpub\wwwroot\PHPLeaveTime\leaveprocess.php[/b] on line [b]476[/b]
[/quote]

What I want it to do in case of a mismatch is not give a database error, but instead come back and say "Invalid password" or whatever.

Ideas?

Link to comment
Share on other sites

[quote author=redarrow link=topic=106380.msg425443#msg425443 date=1157039881]
post your sql statement as it is now please.

[/quote]

I can do that, but the query does exactly what I want. The only thing is, I want to stop the user and give a warning if the SSN and employee number don't match.

EDIT: If you think it might help, here you go:

[code]$RESULTDS=mssql_query("SELECT DISTINCT LH.[Employee Number], LH.[Lmo], LH.[Lda], LH.[LYR], LH.[Hours], LH.[Leave Code], M2.[HRYRAT], M2.[EMPNO], M2.[MANLAP], M2.[MANLAC], M2.[MANLTC], M2.[MSKLAB], M2.[MSKLTC], M2.[MSKLAB], M2.[MSKLTC], M2.[NAMEMI], M2.[NAMEL], M2.[NAMEF] FROM LEAVHST LH INNER JOIN MASTERL2 M2 ON LH.[Employee Number]=M2.EMPNO WHERE M2.[EMPNO] = '".$_POST['employeenumber']."' and
M2.[MSSNO] = '".$_POST['password']."' and (LH.[LYR] = '$last' AND LH.[Lmo] >= '07') OR (LH.[LYR] = '$last' + 1  AND LH.[Lmo] < '07')  ORDER BY LH.[LYR] desc, LH.[Lmo] desc, LH.[Lda] desc");
$RESULT=mssql_fetch_assoc($RESULTDS);[/code]

Thanks!
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.