MySQL
  Home arrow MySQL arrow Page 4 - Creating a Login Script for a PHP/MySQL Blogging System
Dev Shed Forums  
Administration  
AJAX  
Apache  
BrainDump  
DHTML  
Flash  
Java  
JavaScript  
Multimedia  
MySQL  
Oracle  
Perl  
PHP  
Practices  
Python  
Reviews  
Security  
Smartphone Development  
Style-Sheets  
Web Services  
XML  
Zend  
Zope  
Mobile Linux  
App Generation ROI  
IBM® developerWorks  
Forums Sitemap  
E-Commerce Hosting  
Linux Web Hosting  
Managed Hosting  
Small Business Hosting  
VPS Hosting  
Weekly Newsletter

 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us Get Paid  
Request Media Kit
Contact Us  
Site Map  
Privacy Policy  
Support  
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
Google.com  
MYSQL

Creating a Login Script for a PHP/MySQL Blogging System
By: Jacques Noah
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: starstarstarstarstar / 68
    2006-10-03


    Table of Contents:
  • Creating a Login Script for a PHP/MySQL Blogging System
  • Login.php
  • Logout.php
  • Password.php

  • Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      error-file:tidyout.log Del.ici.ous error-file:tidyout.log Digg
      error-file:tidyout.log Blink error-file:tidyout.log Simpy
      error-file:tidyout.log Google error-file:tidyout.log Spurl
      error-file:tidyout.log Y! MyWeb error-file:tidyout.log Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article

     
     
    ADVERTISEMENT


    Creating a Login Script for a PHP/MySQL Blogging System - Password.php
    ( Page 4 of 4 )

    This script sends the password that the user has forgotten to his/her email address.

    Example output of the password script.

    Here's the password code:

    <?
    include("fns.php");
    include "config.php";
    if(isset($_POST['Submit'])){
    //1. Check if form fields are filled in
    if(!filledin($_POST)){
    header( "Location:Messages.php?msg=7" );
    exit();
    }
    $name=$_POST['name'];
    $em=$_POST['mail'];
    //2. Check if entered name exist
    $query="Select pw from user where uname='$name'" or die(mysql_error());
    $result= mysql_query($query);
    if(mysql_num_rows($result)>0){
    for ($i=0; $i<mysql_num_rows($result); $i++) {
    $row = mysql_fetch_assoc($result);
    $pass=$row['pw'];
    $to="$emrn";
    $from="From: Admin@jacquesnoah.co.ukrn";
    $msg="Password:$passrn";
    $msg .="Username:$namern";
    $msg .="Please change your password as soon as you logonrn";
    $subject="From Admin re:Your Login Passwordrn";
    }
    }else{
    header( "Location:Messages.php?msg=8" );
    exit();
    }
    //3. Send password to user
    if(mail($to,$subject,$msg,$from)){
    header( "Location:Messages.php?msg=9&email=<?php echo $em; ?>" );
    exit();
    //echo "Please click here to log";
    }else{
    header( "Location:Messages.php?msg=10");
    exit();
    }
    }
    ?>

    This code does three things:

    • Checks to see if all fields are filled in. Notice the use of the function called 'filledin()' in the line "if(!filledin($_POST)){}">. That function is declared in the functions script called "fns.php" which is included in at the top of the code. It just checks whether all posted variables contain something.
    • Checks to see if entered name exists. This provides us with extra security, by checking whether the username and email address exist.
    • Once all security checks have been passed, it sends the password.

    Conclusion

    These are all the pages that we need to run a effective login script. It can of course always be improved, but for now it is adequate, security wise, for a low security application such as a web log. Don't forget to change the contents of the config.php script. Next week we will create the actual blog.



     
     
    >>> More MySQL Articles          >>> More By Jacques Noah
     

       

    MYSQL ARTICLES

    - MySQL Security Tips
    - Designing a MySQL Database: Tips and Techniq...
    - The Three Most Important MySQL Queries
    - Null and Empty Strings
    - MySQL Server Tuning Tips and Tricks
    - MySQL Query Optimizations and Schema Design
    - MySQL Benchmarking Tools and Utilities
    - MySQL Benchmarking Concepts and Strategies
    - Take Some Load off MySQL with MemCached
    - MySQL Table Prefix Changer Tool in PHP
    - Using the SIGNAL Statement for Error Handling
    - Error Handling Examples
    - Error Handling
    - Completing a Search Engine with MySQL and PH...
    - Paginating Result Sets for a Search Engine B...





    © 2003-2009 by Developer Shed. All rights reserved. DS Cluster 2 Hosted by Hostway
    For more Enterprise Application Development news, visit eWeek