|
0 registered members (),
1,429
guests, and 8
spiders. |
|
Key:
Admin,
Global Mod,
Mod
|
|
|
PHP help
#202048
04/13/08 00:49
04/13/08 00:49
|
Joined: Jan 2008
Posts: 1,580
Blade280891
OP
Serious User
|
OP
Serious User
Joined: Jan 2008
Posts: 1,580
|
I am in the process of writing a PHP website template, but i have hit a snag .
I need the user to enter there details for there, mysql database, and then use them details to connect to it.
I have that part, but now , how can i get save these details so it will always connect to the database?
My Avatar Randomness V2"Someone get me to the doctor, and someone call the nurse And someone buy me roses, and someone burned the church"
|
|
|
Re: PHP help
[Re: Joozey]
#202062
04/13/08 01:48
04/13/08 01:48
|
Joined: Jan 2008
Posts: 1,580
Blade280891
OP
Serious User
|
OP
Serious User
Joined: Jan 2008
Posts: 1,580
|
Yer, but how can i save the data they enter.
Before anyone says in there database, the data they enter is there database infomation.
I need to save what they enter and be able to recall it.
My Avatar Randomness V2"Someone get me to the doctor, and someone call the nurse And someone buy me roses, and someone burned the church"
|
|
|
Re: PHP help
[Re: Joozey]
#202064
04/13/08 01:57
04/13/08 01:57
|
Joined: Jan 2008
Posts: 1,580
Blade280891
OP
Serious User
|
OP
Serious User
Joined: Jan 2008
Posts: 1,580
|
but this will only work one, time after the form is entered, i need to save the data they enter and call it at a later time. This is my code:
$dbhost = ($dbhost);
$dbuser = ($dbuser);
$dbpass = ($dbpass);
$dbname = ($dbname);
$conn = mysql_connect($dbhost, $dbuser, $dbpass) or die
('Error connecting to mysql. Please go back and check your details. ');
if($conn) echo("Connected to '$dbname' database<br> With these details:<br> Database Host: '$dbhost' <br> Database Username: '$dbuser' <br> Database Password: '$dbpass' <br>");
mysql_select_db($dbname)or die(mysql_error());
$dbhost= $_POST['dbhost'];
$dbuser= $_POST['dbuser'];
$dbpass= $_POST['dbpass'];
$dbname= $_POST['dbname'];
$sql_db = "CREATE TABLE rgb_dbinfo(
user_id int(10) AUTO_INCREMENT NOT NULL PRIMARY KEY,
dbhost varchar(100) NOT NULL,
dbuser varchar(100) NOT NULL,
dbpass varchar(100) NOT NULL,
dbname varchar(100) NOT NULL
)";
mysql_query($sql_db);
?>
<html>
<body>
<form action="adminsetup.php" method="post">
<input type="submit" value="Continue" name="continue">
</form>
</body>
</html>
<?php
$query = "INSERT INTO rgb_dbinfo (dbhost,dbuser,dbpass,dbname)
VALUES('$dbhost','$dbuser','$dbpass','$dbname')";
mysql_query($query) or die(mysql_error());
mysql_close();
and this is the database connecter
<?php
include 'databaseinfo.php';
/*This is the information to use to connect to the MYSql database */
$dbhost = '$dbhost';
$dbuser = '$dbuser';
$dbpass = '$dbpass';
$dbname = '$dbname';
/*If the connection could not be made show this message*/
?>
the connecter needs to call data from somewhere to connect, i want the data that is called, to be what the user has entered. But this data that they entered must be saved somewhere.
Last edited by Blade28081991; 04/13/08 02:01.
My Avatar Randomness V2"Someone get me to the doctor, and someone call the nurse And someone buy me roses, and someone burned the church"
|
|
|
Re: PHP help
[Re: Blade280891]
#202065
04/13/08 02:11
04/13/08 02:11
|
Joined: Oct 2004
Posts: 4,134
Netherlands
Joozey
Expert
|
Expert
Joined: Oct 2004
Posts: 4,134
Netherlands
|
After you compared the login details the clients filled into the form with the account details in your database, and they match, write a session that stores the user id. Every new page they enter you can see if $_SESSION['user_id'] is empty or not. If it is empty, then let them redirect back to your homepage. If not, then the user is apparantly logged in and he may proceed.
Make sure you put everyones password as md5, sha or whatever hash algorithm in the database, and never as the original password. Just compare the encrypted password in the database with the password you get from the form after you encrypted it as well, and you know if there is a match.
I can't guarantee that this is the most safe method in the big meany world of the internut, but it should work fine. For more secure methods, there is plenty of information to find with googly.
Click and join the 3dgs irc community!
Room: #3dgs
|
|
|
Re: PHP help
[Re: Joozey]
#202066
04/13/08 02:15
04/13/08 02:15
|
Joined: Jan 2008
Posts: 1,580
Blade280891
OP
Serious User
|
OP
Serious User
Joined: Jan 2008
Posts: 1,580
|
Soz, but this isn't about user login to a website, this is about storing mysql database information and then using that information to connect to the database.
Basically is there any way to store inputed data and then get the data?
My Avatar Randomness V2"Someone get me to the doctor, and someone call the nurse And someone buy me roses, and someone burned the church"
|
|
|
Re: PHP help
[Re: Blade280891]
#202067
04/13/08 02:29
04/13/08 02:29
|
Joined: Oct 2004
Posts: 4,134
Netherlands
Joozey
Expert
|
Expert
Joined: Oct 2004
Posts: 4,134
Netherlands
|
Using a $_SESSION or making a cookie. But you shouldn't just store your database connection details into a session (and certainly not into a cookie), that is kinda insecure. Rather design something like this (Okay, some pseudo code!): For registration of new users: <!--Registration page!-->
<form>
<input id=name>
<input id=password>
</form> <!--After submit, link to input-user-page!-->
//input-user-page
$name = $_POST['name']
$pass = $_POST['password']
query_insertuser($name, $pass) //make some mysql code from this
For login existing users:
<form>
<input id=name>
<input id=password>
</form> <!--After submit, link to user-validation-page!-->
//User-validation-page
$name = $_POST['name']
$pass = $_POST['pass']
$result = query_validation($name, md5( $pass )) //compare name and password with those in the database (this is all psuedo code!!)
if (result == true) { //user validated! (of course, this is pseudo code too)
$_SESSION['userId'] = $name //We'll keep track of this user now
}
else {
header("Location: index.php") //no validation, be gone!
}
Every new page should call this code: //function to be called in every page that requires login
if (!empty($_SESSION['userId')) { //user exists
echo("Let's drink a beer mate!");
}
else {
header("Location: index.php") //not validated, be gone!
}
Last edited by Joozey; 04/13/08 02:33. Reason: few little errors
Click and join the 3dgs irc community!
Room: #3dgs
|
|
|
Re: PHP help
[Re: Joozey]
#202069
04/13/08 02:32
04/13/08 02:32
|
Joined: Jan 2008
Posts: 1,580
Blade280891
OP
Serious User
|
OP
Serious User
Joined: Jan 2008
Posts: 1,580
|
What about, do u no how to store data in a text file and call the data,
using PHP?
My Avatar Randomness V2"Someone get me to the doctor, and someone call the nurse And someone buy me roses, and someone burned the church"
|
|
|
|
