wq321's Avatar
Newbie Member
how do i validate this log in code with an access database?
shabbir's Avatar, Join Date: Jul 2004
Go4Expert Founder
Quote:
Originally Posted by wq321
how do i validate this log in code with an access database?
You already have a thread relating to the same and we will have discussion relating to that there.

login with access database
ted_chou12's Avatar, Join Date: Nov 2006
Go4Expert Member
One problem that I found out when using this script, please see the yellow text:
PHP Code:
<?php 

function createsessions($username,$password

    
//Add additional member to Session array as per requirement 
    
session_register(); 

    
$_SESSION["gdusername"] = $username
    
$_SESSION["gdpassword"] = md5($password); 
     
    if(isset(
$_POST['remme'])) 
    { 
        
//Add additional member to cookie array as per requirement 
        
setcookie("gdusername"$_SESSION['gdusername'], time()+60*60*24*100"/"); 
        
setcookie("gdpassword"$_SESSION['gdpassword'], time()+60*60*24*100"/"); //the cookie is stored improperly, and this should be $password instead of md5 coded password*************************************
        
return; 
    } 


function 
clearsessionscookies() 

    unset(
$_SESSION['gdusername']); 
    unset(
$_SESSION['gdpassword']); 
     
    
session_unset();     
    
session_destroy(); 

    
setcookie ("gdusername""",time()-60*60*24*100"/"); 
    
setcookie ("gdpassword""",time()-60*60*24*100"/"); 


function 
confirmUser($username,$password

    
$md5pass md5($password); //this causes problem when working with md5 coded password already.

    /* Validate from the database but as for now just demo username and password */ 
    
if($username == "demo" && $password "demo"
        return 
true
    else 
        return 
false


function 
checkLoggedin() 

    if(isset(
$_SESSION['gdusername']) AND isset($_SESSION['gdpassword'])) 
        return 
true
    elseif(isset(
$_COOKIE['gdusername']) && isset($_COOKIE['gdpassword'])) 
    { 
        if(
confirmUser($_COOKIE['gdusername'],$_COOKIE['gdpassword'])) 
        { 
            
createsessions($_COOKIE['gdusername'],$_COOKIE['gdpassword']); 
            return 
true
        } 
        else 
        { 
            
clearsessionscookies(); 
            return 
false
        } 
    } 
    else 
        return 
false

?>
Since cookie is already stored as md5, and you are encrypting it twice, therefore the passwords will not match with that from the db. I found this problem when using the script and thought it was the problem of my server. Please make this change if you are using it, and I have to admit, this is a nice login script, very neat and clean.
Hope that helped. >> NetFriending.com <<
Ted
shabbir's Avatar, Join Date: Jul 2004
Go4Expert Founder
That was the same or similar mistake pointed out and as confirmUser is called always with encrypted password now we can safely remove that line. I am removed it. Thanks for pointing it out.
ted_chou12's Avatar, Join Date: Nov 2006
Go4Expert Member
opps, is this mistake already being mentioned by somebody?
shabbir's Avatar, Join Date: Jul 2004
Go4Expert Founder
Quote:
Originally Posted by ted_chou12
opps, is this mistake already being mentioned by somebody?
The variable was anyway not needed but kept there.
saimt's Avatar, Join Date: Nov 2007
Newbie Member
hello shabbir when i'm tring to use the code its giveing me an error of
the header file already sent ...

could u please help me
pradeep's Avatar, Join Date: Apr 2005
Team Leader
Solution:
At the starting of the file put this code
Code: PHP
ob_start();
gary4s's Avatar, Join Date: Apr 2008
Newbie Member
Hi all

Great site. I have tried this script and it works great. I am a newbie to php and would like some pointers on how to validate username and password from the database.

Thanks Gary
pradeep's Avatar, Join Date: Apr 2005
Team Leader
What database are you using??