User authentication using PHP
Authentication using PHP only
<?php
// -------------- define functions -----------------
function isvalid($user, $password, $connection) {
// checking if the user's login name and password are in DB
// get rid of extra spaces in user name
$user = trim($user);
$find_user = "SELECT * FROM wp_users WHERE user_login = '$user'
AND user_pass = MD5('$password');";
if (! ($result = @mysql_query($find_user, $connection))) {
showerror();
}
if (mysql_num_rows($result) < 1) return false;
else return true;
}
function print_login_form() {
$handler = "authenticate/check_password.php";
$form_string = "
<form name=\"theform\" method=\"POST\"
action=\"http://rynite.morris.umn.edu/~elenam/1101_fall06/php_examples/$handler\">
<table border=\"0\">
<tr>
<td>Enter your user name:</td>
<td>
<input type = \"text\" name = \"user\">
</td>
</tr>
<tr>
<td>Enter your password:</td>
<td>
<input type = \"password\" name = \"password\">
</td>
</tr>
<tr>
<td>
<input type=\"submit\" name = \"submit\" value=\"submit\">
</td>
</tr>
</table>
</form><br/>
";
print $form_string;
}
function showerror()
{
die("Error ". mysql_errno(). " : " .mysql_error());
}
// ---------------- end of functions -----------------
// getting the form data
$user = $_POST['user'];
$password = $_POST['password'];
?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--
Checking if the user's login name and apssword are in the database
Author: Elena Machkasova elenam@morris.umn.edu
Last modified: 12/12/06
-->
<html>
<head>
<title>
Checking user's login name and password
</title>
</head>
<body>
<?php
// open DB conncetion
// connect to the server
if (! ($connection = @mysql_connect("localhost","1101readonly","readonly")))
die ("connection to the dtabase failed");
// select a database
if (!@mysql_select_db("1101fall06", $connection)) showerror();
if (isset($user) && isvalid($user, $password, $connection)) {
print "Welcome, $user!<br/>\n";
} else {
print_login_form();
}
// close DB connection
@mysql_close($connection);
?>
</body>
</html>
http://rynite.morris.umn.edu/~elenam/1101_fall06/php_examples/authenticate/check_password.php
UMM CSci 1101