Re: Password Protection] -- My solution

"Mailit, LLC" <mailitbiz@xxxxxxxxxxxxx> · Thu, 17 Feb 2005 09:58:12 -0700

--- Begin Message ---

To: Kevin Javia <kevin@xxxxxxxxxxxxxxxxx>
Subject: Re:  Password Protection
From: "Mailit, LLC" <mailitbiz@xxxxxxxxxxxxx>
Date: Thu, 17 Feb 2005 09:36:18 -0700
In-reply-to: <20050217033108.84935.qmail@lists.php.net>
References: <20050217033108.84935.qmail@lists.php.net>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6b) Gecko/20031205 Thunderbird/0.4

Here is the setup that I have used.

Please, adapt to your needs.

Table 'theTable' is supposed to contain columns fname, mname, lname

and ePass (encrypted password). The crypt() function produces a password 
that

cannot be decrypted and really works well.

Of course, you need to use crypt() in the PHP script that creates a row in

'theTable'.

<?php

#-------------------------------------- code starts here 
---------------------------------#

$action = $_POST[action];

if( !empty( $action ) )

{

   $userName = $_POST[userName];

   $passw    = $_POST[passw];

   # Bring the encrypted password and creation date from database:

   $cmd = "SELECT * FROM theTable "
       .  "WHERE userName='$userName' ";
   $res = mysql_query( $cmd ) or die( "Password search failed." );
   $numRows = mysql_num_rows( $res );
   if( $numRows == 0 )
   {
       print( "$userName not a valid user name.<BR>" );
       exit;
   }
   $rec = mysql_fetch_array( $res );
   $privLevel = $rec[level];
   $nome = $rec[fname]." ".$rec[mname]." ".$rec[lname];

   # Encrypt the password:
   $passe = crypt( $passw, $rec[ePass] );

   if( $passe == $rec[ePass] )
   {
         /* Bring up the home page */
         print( "<h2>WELCOME TO MY HOME PAGE</h2>" );
       exit;
   }
   else
   {
       $retry = 1;
   }
}

   if( $retry )
       print("<br><h3>Incorrect Login - Please, try again.</h3><br>");
   ?>

   <FORM ACTION="<? print( $_SERVER[PHP_SELF] ); ?>" METHOD="POST" >
       <INPUT TYPE="hidden" NAME="action" VALUE="login">

       <table align=center>

           <tr>

               <td>

                   <B>User Name :</B>

               </td><td>

                   <INPUT TYPE="text" NAME="userName" SIZE="20">

               </td>

           </tr><tr>

               <td>

                   <B>Password :</B>

               </td><td>

                   <INPUT TYPE="password" NAME="passw" SIZE="20">

              </td>

           </tr>

       </table>

       <br>

       <P align=center>

       <INPUT TYPE="submit" VALUE="Login" STYLE="width:120;height:25">

       </P>

   </FORM>

<!-- ----------------------------- code ends here 
---------------------------------------- -->

Mario

Kevin Javia wrote:

I am experimenting on my site and I want to make it password protected like
www.realsolution.com.

If any one enters correct user name and password, only then they will be
able to enter into my site.

How can I do that in PHP?

Any ideas? Thanks a ton in advance.

--- End Message ---
-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php