Home arrow MySQL arrow Page 4 - Creating a Login Script for a PHP/MySQL Blogging System

Password.php - MySQL

In this three-part tutorial we are going to be creating an open blogging system. We are also going to provide scripts that will make it possible to switch to a closed blogging system. This article, which is the first part, will cover the creation of the login scripts for a closed system.

TABLE OF CONTENTS:
  1. Creating a Login Script for a PHP/MySQL Blogging System
  2. Login.php
  3. Logout.php
  4. Password.php
By: Jacques Noah
Rating: starstarstarstarstar / 90
October 03, 2006

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement

This script sends the password that the user has forgotten to his/her email address.

Example output of the password script.

Here's the password code:

<?
include("fns.php");
include "config.php";
if(isset($_POST['Submit'])){
//1. Check if form fields are filled in
if(!filledin($_POST)){
header( "Location:Messages.php?msg=7" );
exit();
}
$name=$_POST['name'];
$em=$_POST['mail'];
//2. Check if entered name exist
$query="Select pw from user where uname='$name'" or die(mysql_error());
$result= mysql_query($query);
if(mysql_num_rows($result)>0){
for ($i=0; $i<mysql_num_rows($result); $i++) {
$row = mysql_fetch_assoc($result);
$pass=$row['pw'];
$to="$emrn";
$from="From: Admin@jacquesnoah.co.ukrn";
$msg="Password:$passrn";
$msg .="Username:$namern";
$msg .="Please change your password as soon as you logonrn";
$subject="From Admin re:Your Login Passwordrn";
}
}else{
header( "Location:Messages.php?msg=8" );
exit();
}
//3. Send password to user
if(mail($to,$subject,$msg,$from)){
header( "Location:Messages.php?msg=9&email=<?php echo $em; ?>" );
exit();
//echo "Please click here to log";
}else{
header( "Location:Messages.php?msg=10");
exit();
}
}
?>

This code does three things:

  • Checks to see if all fields are filled in. Notice the use of the function called 'filledin()' in the line "if(!filledin($_POST)){}">. That function is declared in the functions script called "fns.php" which is included in at the top of the code. It just checks whether all posted variables contain something.
  • Checks to see if entered name exists. This provides us with extra security, by checking whether the username and email address exist.
  • Once all security checks have been passed, it sends the password.

Conclusion

These are all the pages that we need to run a effective login script. It can of course always be improved, but for now it is adequate, security wise, for a low security application such as a web log. Don't forget to change the contents of the config.php script. Next week we will create the actual blog.



 
 
>>> More MySQL Articles          >>> More By Jacques Noah
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

MYSQL ARTICLES

- Oracle Unveils MySQL 5.6
- MySQL Vulnerabilities Threaten Databases
- MySQL Cloud Options Expand with Google Cloud...
- MySQL 5.6 Prepped to Handle Demanding Web Use
- ScaleBase Service Virtualizes MySQL Databases
- Oracle Unveils MySQL Conversion Tools
- Akiban Opens Database Software for MySQL Use...
- Oracle Fixes MySQL Bug
- MySQL Databases Vulnerable to Password Hack
- MySQL: Overview of the ALTER TABLE Statement
- MySQL: How to Use the GRANT Statement
- MySQL: Creating, Listing, and Removing Datab...
- MySQL: Create, Show, and Describe Database T...
- MySQL Data and Table Types
- McAfee Releases Audit Plugin for MySQL Users

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: