Hot Scripts Forums - View Single Post - Login script

Keyne · #6 (**permalink**) 06-05-08, 12:16 PM

Quote:

Originally Posted by Deansatch

ah! Ok. Thanks a lot. If I md5 the passwords, how would I be able to send out password reminders? Can php decode them again?

You have to generate other password and change, MD5 is one-way encrypt

About your script, I have some sugestions, look:

PHP Code:


			
<?php
# THIS CAN STAY IN config.php
session_start();

require("../config/config.php");

# THIS CAN STAY IN config.php
$connection = mysql_connect($host, $usr, $pwd)or die("cannot connect");
mysql_select_db($db)or die("cannot select DB");

$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);


$query = mysql_query("SELECT * FROM users WHERE username ='$username' and password = '$password'");
$count = mysql_num_rows($query);

if($count == 1) {

    $r = mysql_fetch_assoc($query);

    $_SESSION['id'] = $r['id']; 
    $_SESSION['username'] = $r['username'];
    
    header("location: http://.../welcome.php");

}

else {
    header("location: http://.../error.php");
}  
?>

The login check:

PHP Code:


			
<?php
# THIS CAN STAY IN config.php
session_start();

require('../config/config.php');

if (empty($_SESSION['username']) || empty($_SESSION['id'])) {
    header("location: http://.../error.php");
    exit();
}
?>

Do a test!