PDA

View Full Version : how to verify a password?


Antony
04-04-2010, 05:02 PM
This is driving me nuts, so Im hoping someone can help me out.
I've created an sql database to allow users to log in to a website. The database currently contains the following columns in the table:
firstname
lastname
email address
user name
password
choose password
verify password

There is a registration form on the webpage which contains the following entries:
firstname
lastname
email address
user name
choose password
verify password

Ok my problems ares these.
First do I require a seperate column in the table in the database for the 'password', 'choose password' and 'verify password'?
How can I get the registration form to 'verify' the password that has been choosen?
If I do need 'password', choose password', and verify password' in the database, how do I get the 'verified' password into the 'password' column?
Im using dreamweaver cs4. Its been a steep climb getting everything working and this is (hopefully) the final hurdle.
Ive still yet to give users the option of recovering their password, but untill I get past this lot I wont look at that.
Anyway can anyone help please?
Antony

tux
04-04-2010, 11:04 PM
Firstly, are you just using DW to write your code or are you writing it yourself?

Next, which coding language are you using?

Regardless, when the user submits the form you should check to see if email and check email fields are equal.

If you are using PHP then it would be like this.....

<?php

$email = $_POST['email'];//users email
$confirm_email = $_POST['confirm_email'];// users confirmed email


if($email = $confirm_email){
//do stuff here
}
?>

Hope that helps your logic.

Antony
04-05-2010, 05:13 AM
Hi,
Im primarily using dreamweaver, however I know it is limited. The page it is going on is a PHP page so Im willing to have a go at learning something new. (Well its all new to me anyway so learning something additionally new isn't going to harm :) ).
This originally started out as a nice plaine simple project for my brother but he keeps asking can you just do this? or this? lol Still I am learning and whats more Im enjoying the challenge.

tux
04-05-2010, 02:56 PM
Did you understand this or do you need more help?

Antony
04-05-2010, 05:07 PM
Hi. Sorry for the delay. Ive been out all day. I understand what the code is doing. Im just not sure where to insert it.

Antony

tux
04-05-2010, 05:41 PM
Post the code you have so far.

Antony
04-05-2010, 06:55 PM
Thanks Tux. I'll post it shortly - more likeley tomorrow morning as Im wacked. Had a long day stuck on the motorway.

Antony

Antony
04-05-2010, 07:04 PM
Ok you know what they say - why put off till tomorrow. Anyway here is the code so far:

<?php require_once('Connections/login.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}
if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=$_POST['verifypassword'];
$MM_fldUserAuthorization = "";
$MM_redirectLoginSuccess = "para1.php";
$MM_redirectLoginFailed = "sorry1.html";
$MM_redirecttoReferrer = false;
mysql_select_db($database_login, $login);

$LoginRS__query=sprintf("SELECT username, password FROM login WHERE username=%s AND password=%s",
GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));

$LoginRS = mysql_query($LoginRS__query, $login) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = "";

//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>registration</title>
<link href="main.css" rel="stylesheet" type="text/css" /><!--[if IE 5]>
<style type="text/css">
/* place css box model fixes for IE 5* in this conditional comment */
.twoColFixLtHdr #sidebar1 { width: 230px; }
</style>
<![endif]--><!--[if IE]>
<style type="text/css">
/* place css fixes for all versions of IE in this conditional comment */
.twoColFixLtHdr #sidebar1 { padding-top: 30px; }
.twoColFixLtHdr #mainContent { zoom: 1; }
/* the above proprietary zoom property gives IE the hasLayout it needs to avoid several bugs */
</style>
<![endif]-->
<link href="includes/skins/mxkollection3.css" rel="stylesheet" type="text/css" media="all" />
<script src="includes/common/js/base.js" type="text/javascript"></script>
<script src="includes/common/js/utility.js" type="text/javascript"></script>
<script src="includes/skins/style.js" type="text/javascript"></script>
</head>
<body class="twoColFixLtHdr">
<div id="container">
<div id="header">
<h1 align="center">Peter Wright</h1>
<!-- end #header -->
</div>
<div id="sidebar1">
<h3>Content</h3>
<p>Home</p>
<!-- end #sidebar1 -->
</div>
<div id="mainContent">
<h1 align="center"> Registration </h1>
<p>&nbsp;</p>
<form action="<?php echo $loginFormAction; ?>" id="registration" name="registration" method="POST">
<p>First Name:
<input type="text" name="firstname" id="firstname" />
</p>
<p>Last Name:
<input type="text" name="lastname" id="lastname" />
</p>
<p>Email Address:
<input type="text" name="emailaddress" id="emailaddress" />
</p>
<p>User Name:
<input type="text" name="username" id="username" />
</p>
<p>Choose Password:
<input type="password" name="choosepassword" id="choosepassword" />
</p>
<p>Verify Password:
<input type="password" name="verifypassword" id="verifypassword" />
</p>
<p align="center">
<input type="submit" name="submit" id="submit" value="Submit" />
</p>
<input type="hidden" name="MM_insert" value="registration" />
</form>
</div>
</label>
</p>
<p align="left">
<label> </label>
</p>
<div align="left">
<div align="justify">
<div align="center">
<!-- end #mainContent -->
</div>
</div>
</div>
</div>
<div align="left">
<div align="justify">
<div align="center">
<!-- This clearing element should immediately follow the #mainContent div in order to force the #container div to contain all child floats -->
<br class="clearfloat" />
<div id="footer">
<p>Footer</p>
<!-- end #footer -->
</div>
<!-- end #container -->
</div>
</div>
</div>
</div>
</body>
</html>