Jump to content

Encrypted Login Help

Defibber

By Defibber
in PHP Coding Help

Recommended Posts

Defibber Newbie

Defibber

Posted
Posted

Ok, I have a problem that directly relates to http://www.phpfreaks.com/forums/index.php/topic,175920.0.html but he had solved it himself but didn't post the solution.  I think I might have come to the correct solution but it causes an error in Dreamweaver.  When I make a change it creates a second Server Behavior that is Identical and it won't let you delete one.

 

I think I want to do something like this: (I added the password()

  
<?php

### Full script below in next code.
$LoginRS__query=sprintf("SELECT username, password, level FROM users WHERE username=%s AND password=MD5(%s)"
  GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
?>

 

Any Ideas?  I tried E-Mailing the Person that had the post but it is an invalid E-Mail.

 

<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = "level";
  $MM_redirectLoginSuccess = "file:///W|/websites/MySite/index.php";
  $MM_redirectLoginFailed = "file:///W|/websites/MySite/unauth.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_MySite, $MySite);
  	
  $LoginRS__query=sprintf("SELECT username, password, level FROM users WHERE username=%s AND password=%s"
  GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $MySite) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
    
    $loginStrGroup  = mysql_result($LoginRS,0,'level');
    
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>

Link to comment
https://forums.phpfreaks.com/topic/99413-encrypted-login-help/
Share on other sites
Defibber Newbie

Defibber

Posted
  • Author
Posted

Ok, I think I got it figured out.  I used this code:

 

.........if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=md5($_POST['password']);
  $MM_fldUserAuthorization = "level";
  $MM_redirectLoginSuccess = "index.php";
  $MM_redirectLoginFailed = "unauth.php";
  $MM_redirecttoReferrer = true;
............

 

I also found out the hard way that password() in MySql is different than md5()

 

Thanks Anyways

Link to comment
https://forums.phpfreaks.com/topic/99413-encrypted-login-help/#findComment-509784
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.