PDA

View Full Version : login password case sensitive ?


amanke
09-08-2007, 05:07 PM
David,
Your video tutorials are EXCELLENT.

I would like the password to be case sensitive like traditional passwords. I saw something about Collate but I tried adding it to the login page but it didn't work. I have viewed all of your tutorials and I would love more.

Thanks
Art

davidj
09-08-2007, 09:42 PM
use this...


$no1 = "Test"; //<< this would be taken from the database
$no2 = "Test"; //<< this would be from the form field

// here we are using a string compare function which is case sensitive and
//you are comparing the 2 vars in the function. If they match then the
//function will run any code in the braces.

if(!(strcmp($no1, $no2))){

// do stuff here if it matches + case

}


or you could use an equality test


if($no1 == $no2){

// run code here if true

}

amanke
09-08-2007, 11:49 PM
David,
I tried your 2 suggestions but I am very new and I did something wrong because they didn't work. Your help is greatly appreciated.
Here is my code (really your code):

<?php
require_once("connection.php");
//The above was connection.php
session_start ();
$userid = $_POST['userid'];
$upassword= $_POST['upassword'];
$submitted = $_POST['submitted'];
////////////////////////////////////
if ($userid && $upassword ){
$query = sprintf("Select * From users where user_name = '$userid' and user_password ='$upassword'");
$result = @mysql_query($query);
$rowAccount = @mysql_fetch_array($result);
/////////////////////////////////
}
if ($rowAccount){
$_SESSION ['id'] = $rowAccount ['user_id'];
header ("location: welcome.php");
exit;
}elseif($submitted){
echo "Sorry but we can't find you in our database";
}
?>

Thanks

owner
09-08-2007, 11:52 PM
What error code do you get when you run the script?

Also, try to use the CODE tags next time please :)

davidj
09-09-2007, 12:04 AM
owner

i hand you the baton on this one

owner
09-09-2007, 12:12 AM
owner

i hand you the baton on this one

Lol, I feel useful :D

amanke
09-09-2007, 02:06 AM
Sorry Gentlemen,
I posted David's code that works but I tried to implement his suggested code for case sensitive passwords and below was my failed attempt. I am very new at php code so thanks for any help.

<?php
require_once("connection.php");
//The above was connection.php
session_start ();
$userid = $_POST['userid'];
$upassword= $_POST['upassword'];
$submitted = $_POST['submitted'];
////////////////////////////////////
if ($userid && $upassword ){
$query = sprintf("Select * From users where user_name = '$userid' and user_password ='$upassword'");
$result = @mysql_query($query);
$rowAccount = @mysql_fetch_array($result);
/////////////////////////////////
}
if ($rowAccount){
$no1 = $rowAccount ['$user_password'];
$no2 = $upassword;
if($no1 == $no2){
$_SESSION ['id'] = $rowAccount ['user_id'];
header ("location: welcome.php");
exit;
}}elseif($submitted){
echo "Sorry but we can't find you in our database";
}
?>

owner
09-09-2007, 02:15 AM
Sorry Gentlemen,
I posted David's code that works but I tried to implement his suggested code for case sensitive passwords and below was my failed attempt. I am very new at php code so thanks for any help.

<?php
require_once("connection.php");
//The above was connection.php
session_start ();
$userid = $_POST['userid'];
$upassword= $_POST['upassword'];
$submitted = $_POST['submitted'];
////////////////////////////////////
if ($userid && $upassword ){
$query = sprintf("Select * From users where user_name = '$userid' and user_password ='$upassword'");
$result = @mysql_query($query);
$rowAccount = @mysql_fetch_array($result);
/////////////////////////////////
}
if ($rowAccount){
$no1 = $rowAccount ['$user_password'];
$no2 = $upassword;
if($no1 == $no2){
$_SESSION ['id'] = $rowAccount ['user_id'];
header ("location: welcome.php");
exit;
}}elseif($submitted){
echo "Sorry but we can't find you in our database";
}
?>

Again, please use the CODE tags, but here is your problem.

if ($rowAccount){
$no1 = $rowAccount ['$user_password'];
$no2 = $upassword;
if($no1 == $no2){
$_SESSION ['id'] = $rowAccount ['user_id'];
header ("location: welcome.php");
exit;
}}elseif($submitted){
echo "Sorry but we can't find you in our database";
}This is what it should be.


if($no1 == $no2){
$_SESSION ['id'] = $rowAccount ['user_id'];
header ("location: welcome.php");
exit;
}elseif($submitted){
echo "Sorry but we can't find you in our database";
}I may be wrong as I am new to this, so post a reply back if it doesn't, but what you did wrong was you had the {} mixed up and you didn't have to use both of David's codes, just one or the other.

Give that ago, try to learn what you did wrong by comparing both sources and see what happens.

Feel free to post back :)
-Owner

amanke
09-09-2007, 03:23 AM
I followed all of David's video tutorials and entered the code and tested and everything worked until he added "sessions". When I pressed F12 things wouldn't run on my local server but when I uploaded to my website they worked. So all of his code worked on my website but not on my xp local server. When I tried to add the code for case sensitive password the page will not load. I tried your suggestion and it didn't help. You mentioned error tags and I don't know how to give these to you. When I go to my website with Firefox I get this message:

The page isn't redirecting properly


Firefox has detected that the server is redirecting the request for this address in a way that will never complete.


* This problem can sometimes be caused by disabling or refusing to accept
cookies.

owner
09-09-2007, 03:34 AM
It sounds like the security that you have on firefox is maxed and isn't allowing session cookies. Try lowering your security for a second, test the page, then if it works, you know it is your security level. If not, then put your security back up.

Note: if your security levels turn out to be high, slowly adjust your security level back up till it keeps working so that you still browse securely.

amanke
09-09-2007, 04:50 AM
I tried changing the security level and nothing helped. I really don't think that is the solution because everything works on the first code I posted here but not on the second code and both are the same except for the modification to take care of case sensitive passwords. I really do thank you for all of your help.

owner
09-09-2007, 04:57 AM
So, if you remove the code that sees if the passwords are case sensitive that is when you get this error?

davidj
09-09-2007, 10:30 AM
ok

im sorry amanke

i didnt have time to check out your problem and passed the baton to owner who is a newbee himself. Sorry for the stress owner

ok post the code you have now amanke

amanke
09-09-2007, 01:59 PM
David & Owner,
Thank you both for your help. Here is the code that doesn't work.

<?php
require_once("connection.php");
//The above was connection.php
session_start ();
$userid = $_POST['userid'];
$upassword= $_POST['upassword'];
$submitted = $_POST['submitted'];
////////////////////////////////////
if ($userid && $upassword ){
$query = sprintf("Select * From users where user_name = '$userid' and user_password ='$upassword'");
$result = @mysql_query($query);
$rowAccount = @mysql_fetch_array($result);
/////////////////////////////////
}
$no1 = $rowAccount ['$user_password'];
$no2 = $upassword;
if($no1 == $no2){
$_SESSION ['id'] = $rowAccount ['user_id'];
header ("location: welcome.php");
exit;
}elseif($submitted){
echo "Sorry but we can't find you in our database";
}
?>

davidj
09-09-2007, 09:25 PM
ok so whats happening here

is it matching and still allowing access

amanke
09-09-2007, 09:54 PM
If I remove David's suggested code:

$no1 = $rowAccount ['$user_password'];
$no2 = $upassword;
if($no1 == $no2){

and replace that with the orginal code from David's tutorial:

if ($rowAccount){

the page loads and works but of course the password isn't case sensitive.

davidj
09-09-2007, 09:57 PM
if you leave it in

(my code)

what happens?

amanke
09-10-2007, 12:25 AM
I get the following:

The page isn't redirecting properly








Firefox has detected that the server is redirecting the request for this address in a way that will never complete.





* This problem can sometimes be caused by disabling or refusing to accept
cookies.

davidj
09-10-2007, 06:39 AM
try it in IE

amanke
09-10-2007, 01:43 PM
In IE it says the page can't be displayed. I found (by accident) that the reason the page won't load is because it goes into a loop. On your welcome page, you have the "back door prevention code" that keeps one from attempting to get into the welcome without loging in by redirecting back to the login page. I will spend more time tonight trying to solve this because I feel bad that you are having to spend your time. Thank you so much for your help.