Creating login panel

software development

#1

A mysql newbie seeking assistance.

All I want is to create a login panel with two fields for users to download files. That is a login name and password. Then when the user submits info he goes to the file page index just like an FTP index. For example: https://www.htclient.com/ClientAccess/ClientAccess.html

Am able to generate user/password via Dreamhost so don’t need users to register.

I built a database table with one column for username and password in Dreamhost’s Manage MYSQL SERVER access but unsure if it works.

Does anyone have a simple php script that does this? How do you link it? Just add the code in a file or to the server itself?

Any info much appreciated.

Thank you.


#2

throws together a PHP script from his current project

A Simple Authorization Script

Just put this in your files, and link to it. What you’ll need to do is change some parameters to fit with what you want–mysql domain, name, password, database(where your logins are,) and the page you want to link out of. They’re in the top and bottom of the script–the middle is simple XHTML that I cleaned up for you.


#3

Thank you for the script. I’ll give it a go and see what happens.


#4

I learned how to create a login system from this page. You can download a zip of the required files at the bottom of the articles. I read this only days after starting to learn php and I understood everything that was going on. I would check it out if I were you.


#5

I’ll have a look @ the login tutorial provided.

Learning about mysql. Any comments are welcome.

One creates users and passwords in Dreamhost’s manage MYSQL. Correct?
Then the users and pw need to be added to the values field in a table with columns in php my admin. Yes? The data is authorized and grants the user created in manage MySQL access to the desired target link. Unsure where in the xml code provided in your script of what url to add.

In manage MYSQL, I am having difficulty creating tables, columns, etc. Expecially catagories such as INDEX, UNIQUE, TEXT, KEYNAME, COLLATION, etc. What are the best attributes and procedure in manage MySQL for creating simple login / pw page?

Confusion on data base and tables. Dreamweaver does not recognize tables and columns from the database as well.

Thanks again.


#6

Well, you don’t need to touch too much on mySQL to use it properly–you can ignore most of those categories.

INDEX, however, you should understand that it helps in organizing the table–if you designate a specific field as the table’s index, it will organize itself according to that field. This allows mySQL to better retrieve data according to the index–let’s say you have a table with 500 entries, and you need to pull one entry from it. The index will get it out faster than without.

If you have a special need to have an ID field that holds an identifier for exactly one person/thing/data, UNIQUE is the best way to ensure that there’s no data duplication.

I’d flag your name field as the table’s INDEX, in this case–you might never know. Other than that, don’t worry about the rest. I don’t forsee you having a huge listing, anyways.

And why are you using Dreamweaver? REAL men script XHTML/CSS in hard ASCII. >)

I also took the liberty of re-reviewing my login script, and I discovered some goofs I made in my rush to build it–I was in a bit of a hurry earlier. It’s corrected now, so re-download it from the link up there. Anyways, in my script just the top here:

$conn = mysql_connect("mysql.yoursite.com", "admin", "password") or die(mysql_error()); mysql_select_db("database",$conn) or die(mysql_error());and at the bottom here:

[code]$query = “SELECT * FROM system WHERE name = $_POST[name]”;
$result = mysql_query($query);
while ($row = mysql_fetch_assoc($result)) {
$name_block = $row[‘name’];
$pass_block = $row[‘password’];
};

if ($_POST[name] == $name_block && $_POST[pass] == $pass_block) {
header(“Location: second.php”);
exit;
}[/code]are the spots that needs to be changed. At the top, the mySQL domain needs your admin name and password to access the databases, and is seperate from the listing–which is also part of the database mentioned directly below. At the bottom, you need to supply the field names for the two fields there–name is the names field in your table (“system”), and pass is, of course, the passwords from the listing. Second.php is just where you need to change to whatever page you’re linking to. (The index.php not shown here is another one, but I don’t think you need to be told where that links back to. :slight_smile: )


#7

Bravo.

Thank you for the infos and revised script. I’ll have another look this weekend.

Does the second.php (the target linking page) the page containing the files to be downloaded such as movies and jpegs? So, after the username / pw entry, the db verifies un/pw at mysql and then allows user access to the second.php page to view/download the files. Yes?


#8

$query = "SELECT * FROM system WHERE name = $_POST[name]";The above code is vulnerable to mysql injection.

:cool: openvein.org -//- One-time [color=#6600CC]$50.00 discount[/color] on [color=#0000CC]DreamHost[/color] plans: Use ATROPOS7