Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

beginner php/html with small problem

2»

Comments

  • #32
    teddy b123
    Registered Users, Registered Users 2 Posts: 399 ✭✭teddy b123


    can i please quickly hijack this thread? (i said please ;) )

    why does

    [PHP]if ($username && $password)
    {
    }[/PHP]

    work? do strings always evaluate to true? what would happen if someone had a username of false?


  • #33
    Webmonkey
    Registered Users, Registered Users 2 Posts: 9,579 ✭✭✭Webmonkey


    RoyalMarine wrote: »
    heh, removed them now :o

    this is what i get back when try it.

    Notice: Undefined variable: username in C:\xampp\htdocs\mike\terminate.php on line 14
    Your account has been terminated

    ive updated it to mysql_query("DELETE FROM users WHERE username ='username' ");
    It must be $username however. Otherwise you will be deleting a username named 'username' literaly.


  • #34
    Dale Parish
    Registered Users, Registered Users 2 Posts: 894 ✭✭✭Dale Parish


    RoyalMarine wrote: »
    i just dont know what needs to be there?
    Try this; 
    <?php
session_name("mysession");
session_start();
$username = $_SESSION['username'];


if(isset($username))
{
$connect = mysql_connect("localhost","root","password");
mysql_select_db("phplogin", $connect);
if (!$connect)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_query("DELETE FROM users WHERE username ='".$username."'");

mysql_close($connect);

echo "Your account has been terminated";

}
else
   die ("You must be logged in!<br> Click <a href='index.php'>here.</a> to return to the login page");
?>


  • #35
    Ricky91t
    Closed Accounts Posts: 6,281 ✭✭✭Ricky91t


    teddy b123 wrote: »
    can i please quickly hijack this thread? (i said please ;) )

    why does

    [PHP]if ($username && $password)
    {
    }[/PHP]

    work? do strings always evaluate to true? what would happen if someone had a username of false?

    It only returns true if the strings contains data.

    If you try this:

    [PHP]<?php
    $username ='false';
    $password ='false';
    if ($username && $password)
    {
    echo "strings with data, return true";
    }
    else{
    echo "strings with data,return false!";
    }

    $username1 ='';
    $password1 ='';
    if ($username1 && $password1)
    {
    echo "empty strings, return true";
    }
    else{
    echo "empty strings,return false";
    }
    ?>[/PHP]


  • #36
    RoyalMarine
    Closed Accounts Posts: 5,824 ✭✭✭RoyalMarine


    Dale Parish wrote: »
    Try this; 
    <?php
session_name("mysession");
session_start();
$username = $_SESSION['username'];


if(isset($username))
{
$connect = mysql_connect("localhost","root","password");
mysql_select_db("phplogin", $connect);
if (!$connect)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_query("DELETE FROM users WHERE username ='".$username."'");

mysql_close($connect);

echo "Your account has been terminated";

}
else
   die ("You must be logged in!<br> Click <a href='index.php'>here.</a> to return to the login page");
?>

    cheers dude, that worked perfectly without the
    session_name("mysession");

    :)


  • Advertisement
  • #37
    Dale Parish
    Registered Users, Registered Users 2 Posts: 894 ✭✭✭Dale Parish


    Oops, I should have mentioned that you give the session name to each page which will use that session :pac:


  • #38
    Dave!
    Closed Accounts Posts: 27,857 ✭✭✭✭Dave!


    I'm learning PHP too, so this thread has been informative :) I'm not doing as good as the OP, but getting there! Any tuts you'd recommend, OP?

    Cheers


  • #39
    Dale Parish
    Registered Users, Registered Users 2 Posts: 894 ✭✭✭Dale Parish


    Dave! wrote: »
    I'm learning PHP too, so this thread has been informative :) I'm not doing as good as the OP, but getting there! Any tuts you'd recommend, OP?

    Cheers
    TBH I'm still only learning PHP as well, going into my 3rd month now. I found the best help was definitely w3schools,a projects & trial and error


  • #40
    Ricky91t
    Closed Accounts Posts: 6,281 ✭✭✭Ricky91t


    Just on a side note royal marine, Use the php MD5 encryption so if your website got hacked the users passwords would be safely encrypted and the hacker should not be able to find out when their password was!(There's no way to decrypt, But you can populate a database with randomly generated strings and then compare the encrypted passwords and possibly find out what it was.)

    It would be abit like this
    [PHP]registration.php

    <?php
    $username = $_GET;
    $password = $_GET;
    $md5password = md5($password);

    $registrationQuery = mysql_query("INSERT into users (username,password)
    VALUES ('{$username}', '{$password}')");
    ?>[/PHP]
    etc

    And then when you login it would be:
    [PHP]login.php
    <?php
    $username = $_GET;
    $password = $_GET;
    $md5password = md5($password);
    $loginQuery = mysql_query("SELECT * FROM users
    WHERE username ='{$username}'
    AND password ='{$md5password}'");
    ?>[/PHP]

    You'd need to put this in your code(if you want to use it) and I think that should work, it's off the top of my head though!


  • #41
    RoyalMarine
    Closed Accounts Posts: 5,824 ✭✭✭RoyalMarine


    Dave! wrote: »
    I'm learning PHP too, so this thread has been informative :) I'm not doing as good as the OP, but getting there! Any tuts you'd recommend, OP?

    Cheers

    Were starting it in college soon, so i wanted to get a headstart. I went to w3schools.com. best place to begin.

    then i went to phpacademy on youtube, and he's an excellent source. very clear instructions and easy to follow.

    http://www.youtube.com/user/phpacademy?blend=1&ob=4

    and then of course, trial and error. any error i came up to i was able to fix by either google or ask on here. cant beat boards.ie for the helpful people that get you out of a spot of bother!
    Ricky91t wrote: »
    Just on a side note royal marine, Use the php MD5 encryption so if your website got hacked the users passwords would be safely encrypted and the hacker should not be able to find out when their password was!(There's no way to decrypt, But you can populate a database with randomly generated strings and then compare the encrypted passwords and possibly find out what it was.)

    It would be abit like this
    [PHP]registration.php

    <?php
    $username = $_GET;
    $password = $_GET;
    $md5password = md5($password);

    $registrationQuery = mysql_query("INSERT into users (username,password)
    VALUES ('{$username}', '{$password}')");
    ?>[/PHP]
    etc

    And then when you login it would be:
    [PHP]login.php
    <?php
    $username = $_GET;
    $password = $_GET;
    $md5password = md5($password);
    $loginQuery = mysql_query("SELECT * FROM users
    WHERE username ='{$username}'
    AND password ='{$md5password}'");
    ?>[/PHP]

    You'd need to put this in your code(if you want to use it) and I think that should work, it's off the top of my head though!

    im using md5 in my registration script, not the same as yours above, but i think mine is secure.
    <?php

echo "<h1>Register</h1>";

if (isset($_POST['submit']))
{
// form data
$fullname = strip_tags($_POST['fullname']);
$username = strtolower(strip_tags($_POST['username']));
$password = strip_tags($_POST['password']);
$repeatpassword = strip_tags($_POST['repeatpassword']);
//$date = .date("Y-m-d");

        // open database
        $connect = mysql_connect("localhost", "root", "**********");
        mysql_select_db("phplogin"); // select database

        $namecheck = mysql_query("Select username FROM users WHERE username='$username'");
        $count = mysql_num_rows($namecheck);

        if ($count!=0)

        {
           die("Username already taken <br><a href='register.php'>Return to registration page</a>");
        }


// check for existence
if ($fullname&&$username&&$password&&$repeatpassword)
{


  if ($password==$repeatpassword)
  {
     if (strlen($username)>25||strlen($fullname)>25)
     {
      echo "length of username or fullname is too long!";
     }

     else
     {

      if (strlen($password)>25||strlen($password)<6)
       {
        echo "password must be between 6 and 25 charachters";
       }

       else
       {
          // register the user!
          // encrypt password
         $password = md5($password);
         $repeatpassword = md5($repeatpassword);

        $queryreg = mysql_query("

        INSERT INTO users VALUES ('','$fullname','$username','$password')

        ");

        die("You have been registered! <a href='index.php'>Return to login page</a>");
       }


     }

  }


  • Advertisement
  • #42
    Dale Parish
    Registered Users, Registered Users 2 Posts: 894 ✭✭✭Dale Parish


    I suggest that you should escape the string as well, trim() and stripslashes (if magic quotes is off) since they can always drop your table


  • #43
    Ricky91t
    Closed Accounts Posts: 6,281 ✭✭✭Ricky91t


    RoyalMarine wrote: »
    Were starting it in college soon, so i wanted to get a headstart. I went to w3schools.com. best place to begin.

    then i went to phpacademy on youtube, and he's an excellent source. very clear instructions and easy to follow.

    http://www.youtube.com/user/phpacademy?blend=1&ob=4

    and then of course, trial and error. any error i came up to i was able to fix by either google or ask on here. cant beat boards.ie for the helpful people that get you out of a spot of bother!



    im using md5 in my registration script, not the same as yours above, but i think mine is secure.
    <?php

echo "<h1>Register</h1>";

if (isset($_POST['submit']))
{
// form data
$fullname = strip_tags($_POST['fullname']);
$username = strtolower(strip_tags($_POST['username']));
$password = strip_tags($_POST['password']);
$repeatpassword = strip_tags($_POST['repeatpassword']);
//$date = .date("Y-m-d");

        // open database
        $connect = mysql_connect("localhost", "root", "**********");
        mysql_select_db("phplogin"); // select database

        $namecheck = mysql_query("Select username FROM users WHERE username='$username'");
        $count = mysql_num_rows($namecheck);

        if ($count!=0)

        {
           die("Username already taken <br><a href='register.php'>Return to registration page</a>");
        }


// check for existence
if ($fullname&&$username&&$password&&$repeatpassword)
{


  if ($password==$repeatpassword)
  {
     if (strlen($username)>25||strlen($fullname)>25)
     {
      echo "length of username or fullname is too long!";
     }

     else
     {

      if (strlen($password)>25||strlen($password)<6)
       {
        echo "password must be between 6 and 25 charachters";
       }

       else
       {
          // register the user!
          // encrypt password
         $password = md5($password);
         $repeatpassword = md5($repeatpassword);

        $queryreg = mysql_query("

        INSERT INTO users VALUES ('','$fullname','$username','$password')

        ");

        die("You have been registered! <a href='index.php'>Return to login page</a>");
       }


     }

  }

    Ah right, that's good, I've noticed you're putting an empty string into the database.

    Instead of that you can do this:
    [PHP]<?php
    INSERT INTO users (name, username, password)VALUES ('$fullname','$username','$password');
    ?>
    [/PHP]
    Where name, username, password are the names of the columns in you table where you store the data.


  • #44
    RoyalMarine
    Closed Accounts Posts: 5,824 ✭✭✭RoyalMarine


    cheers guys,

    having a problem today....

    i cant access mysql from xampp?

    when i start the mysql and apache service from the xampp control panel, they both start fine. then i click admin.
    it loads the xampp splash screen, i then click phpmyadmin on the left pane, and i get

    error: cannot connect : invalid settings.
    access denied.
    phpMyAdmin tried to connect to the MySQL server, and the server rejected the connection. You should check the host, username and password in your configuration and make sure that they correspond to the information given by the administrator of the MySQL server.

    ive changed nothing since last night, and i cant log in today.

    any suggestions?


Advertisement