Jump to content

Simple login script


Toy

Recommended Posts

I've tried Googling this for a long time but I only find complete member systems with ugly code, not something i'm looking for.

 

What I am looking for is just a simple tutorial or commented code to make a admin login.

 

What it's going to do is just:

 

Loading a MD5 salt hasched password from my MYSQL database.

You'll get to fill in one field: Password. If it validates with the MYSQL password it'll show the hidden content; if not it'll just give a "not correct error".

 

That's basicly it. I have only one page of secret admin stuff so yeah.. it would be awesome to have the ability to logout and I of curse want to have everything in sessions!

 

It would be to big help! :)

Link to comment
Share on other sites

You want to check only a password? What if there is more than one user with the same password?

 

No! The thing is that there's only going to be one user - me. It's not going to be some multi user platform, just a simple one password form for me! :)

Link to comment
Share on other sites

You want to check only a password? What if there is more than one user with the same password?

 

No! The thing is that there's only going to be one user - me. It's not going to be some multi user platform, just a simple one password form for me! :)

Maybe .htaccess is something for you in that case?

Link to comment
Share on other sites

You want to check only a password? What if there is more than one user with the same password?

 

No! The thing is that there's only going to be one user - me. It's not going to be some multi user platform, just a simple one password form for me! :)

Maybe .htaccess is something for you in that case?

 

Eh.. what? What has .htaccess anything to do with this, well.. you can allow only certain IP's and such but that's not something i'm trying to do.

 

I just want a php script doing this!

Link to comment
Share on other sites

modify as needed - it should suffice...

 

<?php
$user = strip_tags(substr($_POST['user'],0,32));
$pw = strip_tags(substr($_POST['password'],0,32));
$cleanpw = crypt(md5($pw),md5($user));

$sql = "select user,password from users 
	where user='". mysql_real_escape_string($user)."' 
	and password='". mysql_real_escape_string($cleanpw)."' 
	limit 1';
$result = mysql_query($sql);

if (mysql_num_rows($result)){
	//we have a match!
}else{
	//no match
}
?>

source = http://www.ibm.com/developerworks/opensource/library/os-php-encrypt/

Link to comment
Share on other sites

Loading a MD5 salt hasched password from my MYSQL database.

You'll get to fill in one field: Password. If it validates with the MYSQL password it'll show the hidden content; if not it'll just give a "not correct error".

 

I didn't test it to see if it works, but here goes (just replace table names and other stuff with the ones you have).

 

<?php

//Allowing session vars
session_start();

//Connecting to a MySQL DB
$connection = @ mysql_connect('host', 'user', 'pass') or die('Error: cannot connect database.');
mysql_select_db('dbname', $connection);

//Retrieving the value typed on a form textbox (I'm assuming there was a form on the previous page, with a "password" field)
$typed_password = '';
if (isset($_POST['txtPassword'])) $typed_password = trim($_POST['txtPassword']);

//Hash the data retrieved from the form field, to compare with the hashed value in the DB table field.
//Note that I didn't salt this one, that's gonna be up to you, if the one recorded on the table is salted.
$hashed_password = hash('md5', $typed_password);

//Querying for the user name, comparing the typed password with the one on the BD
$sql = 'SELECT theTable.theName FROM theTable WHERE (theTable.thePassword="' . $hashed_password . '");';
$success = @ mysql_query($sql) or die('Error retrieving data.');

if (mysql_num_rows($success) > 0) {

//Success! Get the user name, and...
$userdata = mysql_fetch_array($success);

//... create all necessary session vars.
//You can use this one to check every page if you are still logged in
$_SESSION['loggedin'] = 'yes';
//And this one, just for display purposes
$_SESSION['username'] = $userdata['name'];
//Just for display
echo 'Welcome back, ' . $_SESSION['username'] . '.';

}

else {

        //Password didn't match.
echo 'Wrong password.';

}

//Closing query and connection to DB
mysql_free_result($success);
mysql_close($connection);

?>

 

Link to comment
Share on other sites

http://www.youtube.com/user/phpacademy#p/c/7C9AFC3942AC8E40/0/4oSCuEtxRK8

 

Best tutorial ever, chimps now know how to do a log in page with PHP because of this tutorial! Check out the rest of his stuff. I've bought a book, read it, typed out all its code, looked at every page on the internet, posted on multiple forums and learnt more in half an hour from this guy than in 4 hours with the other stuff. He explains things simply and it's free.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.