ATTN: David Powers. Loging password encrypt

Report · Mar 12, 2007

David -

I am using your book PHP for dreamweaver 8 to help me in building my site. I am working on my userlog in page. I se on page 363 number 5 you talk about adding the code to for the password encrypt. I do not see in my code where I should add this. Below is my caode.

------------

<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "";
$MM_redirectLoginSuccess = "admin.php";
$MM_redirectLoginFailed = "bad_login.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_siteText, $siteText);

$LoginRS__query=sprintf("SELECT users_name, users_password FROM users WHERE users_name='%s' AND users_password='%s'",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));

$LoginRS = mysql_query($LoginRS__query, $siteText) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = "";

//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;

if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>

Report · Mar 13, 2007

newhorizonhosting.com wrote:
> I am using your book PHP for dreamweaver 8 to help me in building my site. I
> am working on my userlog in page. I se on page 363 number 5 you talk about
> adding the code to for the password encrypt. I do not see in my code where I
> should add this.

One page 363, it says: "place your cursor immediately to the right of
the opening PHP tag on line 2. Press Enter/Return to insert a new line
and type the following code:"

<?php <----------- This is the opening PHP tag on line 2
// The code goes here
// *** Validate request to login to this site.
if (!isset($_SESSION)) {

--
David Powers, Adobe Community Expert
Author, "Foundation PHP for Dreamweaver 8" (friends of ED)
Author, "PHP Solutions" (friends of ED)
http://foundationphp.com/

Report · Mar 13, 2007

Thnak a million. I was not exatly sure being that I was using my own code and not the tutorial code.

I love the book it has been a great help. I also picked up PHP Solutions. your book are easy to read and understand.

Report · Mar 13, 2007

newhorizonhosting.com wrote:
> I love the book it has been a great help. I also picked up PHP Solutions. your
> book are easy to read and understand.

Thanks. Every copy sold helps make it worthwhile. ;-)

--
David Powers, Adobe Community Expert
Author, "Foundation PHP for Dreamweaver 8" (friends of ED)
Author, "PHP Solutions" (friends of ED)
http://foundationphp.com/

Report · Mar 14, 2007

david

I do not have a "register New User" page. I set up my users in phpMyAdmin. There will only be 2-5 users using this, at my control.

In phpMyAdmin when I entered the password I selected "password from the typr box. Was that the right thing to do. Is there a way to unscramble that encryption with the method you refered to above

Thanks

Report · Mar 14, 2007

newhorizonhosting.com wrote:
> In phpMyAdmin when I entered the password I selected "password from the typr
> box. Was that the right thing to do. Is there a way to unscramble that
> encryption with the method you refered to above

Most encryption methods are one-way; you cannot decrypt them. There are
two-way encryption methods. Consult the online MySQL documentation for
ENCODE and AES_ENCODE.

--
David Powers, Adobe Community Expert
Author, "Foundation PHP for Dreamweaver 8" (friends of ED)
Author, "PHP Solutions" (friends of ED)
http://foundationphp.com/