Toy Posted September 10, 2010 Share Posted September 10, 2010 I've tried Googling this for a long time but I only find complete member systems with ugly code, not something i'm looking for. What I am looking for is just a simple tutorial or commented code to make a admin login. What it's going to do is just: Loading a MD5 salt hasched password from my MYSQL database. You'll get to fill in one field: Password. If it validates with the MYSQL password it'll show the hidden content; if not it'll just give a "not correct error". That's basicly it. I have only one page of secret admin stuff so yeah.. it would be awesome to have the ability to logout and I of curse want to have everything in sessions! It would be to big help! Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted September 10, 2010 Share Posted September 10, 2010 You want to check only a password? What if there is more than one user with the same password? Quote Link to comment Share on other sites More sharing options...
Toy Posted September 10, 2010 Author Share Posted September 10, 2010 You want to check only a password? What if there is more than one user with the same password? No! The thing is that there's only going to be one user - me. It's not going to be some multi user platform, just a simple one password form for me! Quote Link to comment Share on other sites More sharing options...
NLCJ Posted September 10, 2010 Share Posted September 10, 2010 You want to check only a password? What if there is more than one user with the same password? No! The thing is that there's only going to be one user - me. It's not going to be some multi user platform, just a simple one password form for me! Maybe .htaccess is something for you in that case? Quote Link to comment Share on other sites More sharing options...
Toy Posted September 10, 2010 Author Share Posted September 10, 2010 You want to check only a password? What if there is more than one user with the same password? No! The thing is that there's only going to be one user - me. It's not going to be some multi user platform, just a simple one password form for me! Maybe .htaccess is something for you in that case? Eh.. what? What has .htaccess anything to do with this, well.. you can allow only certain IP's and such but that's not something i'm trying to do. I just want a php script doing this! Quote Link to comment Share on other sites More sharing options...
Toy Posted September 10, 2010 Author Share Posted September 10, 2010 bump Quote Link to comment Share on other sites More sharing options...
litebearer Posted September 10, 2010 Share Posted September 10, 2010 modify as needed - it should suffice... <?php $user = strip_tags(substr($_POST['user'],0,32)); $pw = strip_tags(substr($_POST['password'],0,32)); $cleanpw = crypt(md5($pw),md5($user)); $sql = "select user,password from users where user='". mysql_real_escape_string($user)."' and password='". mysql_real_escape_string($cleanpw)."' limit 1'; $result = mysql_query($sql); if (mysql_num_rows($result)){ //we have a match! }else{ //no match } ?> source = http://www.ibm.com/developerworks/opensource/library/os-php-encrypt/ Quote Link to comment Share on other sites More sharing options...
AParson Posted September 10, 2010 Share Posted September 10, 2010 Loading a MD5 salt hasched password from my MYSQL database. You'll get to fill in one field: Password. If it validates with the MYSQL password it'll show the hidden content; if not it'll just give a "not correct error". I didn't test it to see if it works, but here goes (just replace table names and other stuff with the ones you have). <?php //Allowing session vars session_start(); //Connecting to a MySQL DB $connection = @ mysql_connect('host', 'user', 'pass') or die('Error: cannot connect database.'); mysql_select_db('dbname', $connection); //Retrieving the value typed on a form textbox (I'm assuming there was a form on the previous page, with a "password" field) $typed_password = ''; if (isset($_POST['txtPassword'])) $typed_password = trim($_POST['txtPassword']); //Hash the data retrieved from the form field, to compare with the hashed value in the DB table field. //Note that I didn't salt this one, that's gonna be up to you, if the one recorded on the table is salted. $hashed_password = hash('md5', $typed_password); //Querying for the user name, comparing the typed password with the one on the BD $sql = 'SELECT theTable.theName FROM theTable WHERE (theTable.thePassword="' . $hashed_password . '");'; $success = @ mysql_query($sql) or die('Error retrieving data.'); if (mysql_num_rows($success) > 0) { //Success! Get the user name, and... $userdata = mysql_fetch_array($success); //... create all necessary session vars. //You can use this one to check every page if you are still logged in $_SESSION['loggedin'] = 'yes'; //And this one, just for display purposes $_SESSION['username'] = $userdata['name']; //Just for display echo 'Welcome back, ' . $_SESSION['username'] . '.'; } else { //Password didn't match. echo 'Wrong password.'; } //Closing query and connection to DB mysql_free_result($success); mysql_close($connection); ?> Quote Link to comment Share on other sites More sharing options...
Namtip Posted September 11, 2010 Share Posted September 11, 2010 http://www.youtube.com/user/phpacademy#p/c/7C9AFC3942AC8E40/0/4oSCuEtxRK8 Best tutorial ever, chimps now know how to do a log in page with PHP because of this tutorial! Check out the rest of his stuff. I've bought a book, read it, typed out all its code, looked at every page on the internet, posted on multiple forums and learnt more in half an hour from this guy than in 4 hours with the other stuff. He explains things simply and it's free. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.