Question:
php web development help!?
Jake
2012-04-18 18:47:44 UTC
I'm creating a log in system for my website.. i'm a little confused about the road map of the php code... I'll post my code for you to see in a bit... So i have my home page (index.html) which is also where login is at.. If they get username and/or passcode wrong i have it shooting them back to index.. But the part connecting to database information is quite confusing for some reason.. (i'm not experienced in php)

heres the code for page to connect to after login.. (ik i has the php code correct on index :p)

session_start();

if(isset($_SESSION['username']) && isset(['password'])){

include("config/external.php");
$connection = mysql_connect($db_host, $db_username, $db_password);
mysql_select_db($db_name, $connection);

$doCheck = mysql_query("members");
if(mysql_num_rows != 1){
header("location: index.html");
}
}else{
header("location: index.html");
}

here is my database... and if someone could introduce me as to how i can hash that would be great!

CREATE TABLE `members` (
`id` int(4) NOT NULL auto_increment,
`username` varchar(65) NOT NULL default '',
`password` varchar(65) NOT NULL default '',
PRIMARY KEY (`id`)
) TYPE=MyISAM AUTO_INCREMENT=2 ;

--
-- Dumping data for table `members`
--

INSERT INTO `members` VALUES (1, '**** *******', *********');
INSERT INTO`members` VALUES (2, '***** ******', '***********');

Call this file database.php if you will... is .php the correct extension? or does it need to be some sql extension?
Three answers:
2012-04-18 19:04:05 UTC
You need to either write the sql into the admin interface whichever you have, or for some of them you can run it from a local scripts. Easiest is to write a php page for that. Then delete the file once it is set up, big security issues otherwise.NEVER store the passwords in clear text, You MUST encrypt them. Then compare the encrypted login password with the stored copy. Also try to put all your code scripts in externally non readable folders. Otherwise an attacker may get to read them a find way into your site. And before you risk anything allowing user logins, you need to tidy up your scripting. You have unbalanced braces. And security will become a serious problem if you do not keep tight control on the data. You can not cal "members" in the mysql_query, you ned a proper select or simo=ilar. READ the php manual, and the mysql.
nicefx
2012-04-18 18:57:25 UTC
every file which contain PHP code must saved with .php extension.

your code which have error :



$doCheck = mysql_query("members");

if(mysql_num_rows != 1){

header("location: index.html");

}

}else{

header("location: index.html");

}



error on mysql_query() and mysql_num_rows()

please check here : http://php.net/manual/en/function.mysql-num-rows.php

make a habit : always refer to php & mysql manuals. you can download them or read them online
satornino
2016-10-03 01:43:34 UTC
nicely there are alot of agencies giving outsourcing, the greater low-priced are the freelancers, yet once you acquire a companny and you like to shrink your fee greater effective than 0.5 of the fee you may touch agencies from India, Costa Rica or China, it relies upon of the money you have or source you like.


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Loading...