 PHP Page 2 - User Authentication for a Project Management Application |
User Information - PHPIn the last article, we discussed in detail the user creation script. We looked at what information the script gets from the form and how it "cleans" and verifies form values, and then looked at how the user is informed about his or her log-in credentials. In this article, the conclusion to our four-part series, we'll finish the discussion.
print this article SEARCH DEV SHED |
The error message is only displayed if it is not empty; otherwise, the entire row of the table is hidden from the user. The remainder of the code collects further information about the user, such as the email address, username, password and other required information. <tr> <td width="122"><div align="left">Name:</div></td> <td width="525"><input name="fname" type="text" class="input40" size="40"></td> </tr> <tr> <td width="122"><div align="left">Surname:</div></td> <td width="525" class="login"><input name="sname" type="text" size="40"></td> </tr> <tr> <td width="122"><div align="left">Username:</div></td> <td width="525" class="login"><input name="uname" type="text" size="40"> <span class="tooltip">username must be in format: <strong>name.surname</strong></span></td> </tr> <tr> <td width="122"><div align="left">Password:</div></td> <td width="525" class="login"><input name="upass" type="text" size="40" value="<?php echo $rndpass; ?>"></td> </tr> <tr> <td><div align="left">Email:</div></td> <td class="login"><input name="email" type="text" size="40"></td> </tr> <tr> <td><div align="left">Access Level</div></td> <td class="login"><label> <select name="select"> <option>admin</option> <option>normal</option> </select> </label></td> </tr> Here is the code for the row that collects the password information: <tr> <td width="122"><div align="left">Password:</div></td> <td width="525" class="login"><input name="upass" type="text" size="40" value="<?php echo $rndpass; ?>"></td> It can be hidden from the administrator and sent directly to the newly created user. This way, only the user will know what his or her password is. I’ve left this option open for you to decide what to do based on your situation. The user can access the password recovery script by clicking on the “forgot your password?” link on the login page. See the screen below:
Fig. 1 login page with the “forgotten password?” link.
Fig. 2 password recovery page The password script handles the password recovery process, in case the user forgets his or her password. It will ask the user for the username and an email address. To prevent fraud, the script will check to see if the username and email address exists in the database and that they both belong to the same person. Only after it is satisfied that it belongs to the same person will it then email the password to the given email address. So let's look at the code that does the work. Click on the link below to see it.
blog comments powered by Disqus |
Database Authentication for Oracle Database XE
