User Authentication for a Project Management Application - User Information (
Page 2 of 4 )
The error message is only displayed if it is not empty; otherwise, the entire row of the table is hidden from the user. The remainder of the code collects further information about the user, such as the email address, username, password and other required information.
<tr>
<td width="122"><div align="left">Name:</div></td>
<td width="525"><input name="fname" type="text" class="input40" size="40"></td>
</tr>
<tr>
<td width="122"><div align="left">Surname:</div></td>
<td width="525" class="login"><input name="sname" type="text" size="40"></td>
</tr>
<tr>
<td width="122"><div align="left">Username:</div></td>
<td width="525" class="login"><input name="uname" type="text" size="40">
<span class="tooltip">username must be in format: <strong>name.surname</strong></span></td>
</tr>
<tr>
<td width="122"><div align="left">Password:</div></td>
<td width="525" class="login"><input name="upass" type="text" size="40" value="<?php echo $rndpass; ?>"></td>
</tr>
<tr>
<td><div align="left">Email:</div></td>
<td class="login"><input name="email" type="text" size="40"></td>
</tr>
<tr>
<td><div align="left">Access Level</div></td>
<td class="login"><label>
<select name="select">
<option>admin</option>
<option>normal</option>
</select>
</label></td>
</tr>
Here is the code for the row that collects the password information:
<tr>
<td width="122"><div align="left">Password:</div></td>
<td width="525" class="login"><input name="upass" type="text" size="40" value="<?php echo $rndpass; ?>"></td>
It can be hidden from the administrator and sent directly to the newly created user. This way, only the user will know what his or her password is. I’ve left this option open for you to decide what to do based on your situation.
The user can access the password recovery script by clicking on the “forgot your password?” link on the login page. See the screen below:
Fig. 1 login page with the “forgotten password?” link.
Fig. 2 password recovery page
The password script handles the password recovery process, in case the user forgets his or her password. It will ask the user for the username and an email address. To prevent fraud, the script will check to see if the username and email address exists in the database and that they both belong to the same person. Only after it is satisfied that it belongs to the same person will it then email the password to the given email address.
So let's look at the code that does the work. Click on the link below to see it.
