Jump to content

help with a very basic user sign up/ login/confirmation script for practice

stevew

By stevew
in PHP Coding Help

Recommended Posts

stevew Member

stevew

Posted
Posted

I have the following script working as intended...just wondering how would I have a user enter their username/password versus injecting the info via $SQL = "INSERT INTO ?

 

<?PHP

 

$user_name = "";

$password = "";

$database = "";

$server = "127.0.0.1";

$db_handle = mysql_connect($server, $user_name, $password);

$db_found = mysql_select_db($database, $db_handle);

 

if ($db_found) {

$SQL = "INSERT INTO tb_address_book (Username, Password) VALUES ('bill','billspassword')";

$SQL = "SELECT * FROM login_test";

$result = mysql_query($SQL);

 

while ($db_field = mysql_fetch_assoc($result)) {

print $db_field['ID'] . "<BR>";

print $db_field['Username'] . "<BR>";

print $db_field['Password'] . "<BR>";

}

 

$result = mysql_query($SQL);

 

 

 

mysql_close($db_handle);

 

}

else {

print "Database NOT Found ";

mysql_close($db_handle);

}

 

?>

 

 

 

This is the login part I am playing with. Obviously it needs to access the login_test table to confirm the user/passwords...currently it is just manually checking "itself" which is not feasible unless I am going to code in every user on the site.

 

<?PHP

if (isset($_POST['Submit1'])) {

$username = $_POST['username'];

$password = $_POST['password'];

 

if ($username == "bill" && $password =="billspassword")  {

print ("Welcome back, friend!");

}

else if ($username == "tom" && $password =="tomspassword")  {

print ("Welcome back, friend!");

}

else {

print ("You're not a member of this site");

}

}

 

 

else {

$username ="";

}

 

 

?>

</head>

<body>

<Form name ="form1" Method ="POST" Action ="login_form.php">

 

<Input Type = "text" VALUE="<?PHP print $username ; ?>" Name ="username">

<Input Type = "text" VALUE="<?PHP print $password ; ?>" Name ="password">

<Input Type = "Submit" Name = "Submit1" Value = "Login">

</FORM>

</body>

</html>

Jakebert Member

Jakebert

Posted
Posted

You can actually insert PHP variables into MySQL queries by placing single quotes around them like this:

 

<?php
$sql = mysql_query ("SELECT COUNT (*) FROM login_test WHERE username = '$username' AND password = '$password'");
$rows = mysql_fetch_array($sql);?>

 

The code above will look through your table and see how many rows exist with the username and password entered. If the the number is one (i.e. the login was correct), then you can log them in:

<?php
if ($rows[0]) == 1)
  {
print ("Welcome back, friend!");
}
else {
print("You aren't logged in!");
}

?>

 

Hope that answers your question!

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.