Home arrow PHP arrow Page 3 - Authentication Scripts for a User Management Application

Function Continued - PHP

In this article we will continue to discuss the application-wide scripts that we started to talk about in the last article. These special scripts are used by all the scripts and pages of the application. We will continue to look at the func.inc script that has several useful functions defined in it. This article is the third part of a nine-part series.

TABLE OF CONTENTS:
  1. Authentication Scripts for a User Management Application
  2. Script Explained
  3. Function Continued
  4. The logout script
By: David Web
Rating: starstarstarstarstar / 7
December 01, 2008

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement

Now, the function starts by defining the chars that are going to be used to generate the new password:

$chars = "1234567890abcdefGHIJKLMNOPQRSTUVWxyz
ABCDEFghijklmnopqrstuvwXYZ1234567890";

Then it sets the $thepass to empty. This variable is going to be used to store the newly generated password, as you will see in a short while:


$thepass = '';


Then we come to the heart of the function. A for loop is run and random characters stored in the $chars variable are added to the $thepass variable with each iteration until the count reaches seven:


for($i=0;$i<7;$i++)

{

$thepass .= $chars{rand() % 39};

}

Once the loop reaches seven, the function returns the newly generated password:


return $thepass;

}


The final function in the include file is responsible for checking to see if a given email address is correctly formatted. It takes one parameter, which is the email address, and then tests it using regular expressions. This function will be used by any script that requires the user to enter an email address. It has the following code:


function checkEmail($email){

if(eregi('^[[:alnum:]][a-z0-9_.-]*@[a-z0-9.-]+.[a-z]{2,8}$',$email)){

return TRUE;

}else{

return FALSE;

}

}


It is used in the following way:


$Aemail = “jamespayne@webmail.com”;

if(checkEmail($Aemail)){

//Email address is correctly formatted do what ever

}else{

//set an error message

}


The function uses the eregi() function to find out if a given email address is correctly formatted:


if(eregi('^[[:alnum:]][a-z0-9_.-]*@[a-z0-9.-]+.[a-z]{2,8}$',$email)){


Let's break this line down. We know that an email address contains an [at] @ sign and that it contains a period [.] and three characters after the period. So in the regular expression above, the first half of the code before the at [@] sign checks to see if the email address contains letters, numbers and any other allowed characters:


^[[:alnum:]][a-z0-9_.-]*@

 The next part of the line then checks to see if the email address contains the allowed three characters plus a period [.], which normally appears after the at [@] sign:

[a-z0-9.-]+.[a-z]

The final part of the check simply indicates that the final part of the email address before the period, but after the [@] sign can be anything between two and eight characters long; the {2,8} indicates this, and then the value that is to be checked is given (which in this case is $email):

{2,8}$',$email))


If the email address evaluates to true, then the function returns true.


return TRUE;


Otherwise, it returns false:


return FALSE;


The last of the application-wide scripts is the global.php script. This script contains the database connection details and is made available to any script that needs to access the database. It has the following code:


<?php

session_start();

$host ="localhost";

$pw ="mypass";

$user = "myuser";

$dbname = "user";

$dbc=mysql_connect($host,$user,$pw) or die(mysql_error());

mysql_select_db($dbname) or die(mysql_error());

?>


The script is fairly easy to understand. It basically just fills some variables with the connection details that the database server requires to make a successful connection. At all stages of the connection attempt, an appropriate error message will be displayed if it occurs:


$dbc=mysql_connect($host,$user,$pw) or die(mysql_error());

mysql_select_db($dbname) or die(mysql_error());




 
 
>>> More PHP Articles          >>> More By David Web
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

PHP ARTICLES

- Hackers Compromise PHP Sites to Launch Attac...
- Red Hat, Zend Form OpenShift PaaS Alliance
- PHP IDE News
- BCD, Zend Extend PHP Partnership
- PHP FAQ Highlight
- PHP Creator Didn't Set Out to Create a Langu...
- PHP Trends Revealed in Zend Study
- PHP: Best Methods for Running Scheduled Jobs
- PHP Array Functions: array_change_key_case
- PHP array_combine Function
- PHP array_chunk Function
- PHP Closures as View Helpers: Lazy-Loading F...
- Using PHP Closures as View Helpers
- PHP File and Operating System Program Execut...
- PHP: Effects of Wrapping Code in Class Const...

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: