Home arrow PHP arrow Page 3 - User Authentication for a Project Management Application

The Script - PHP

In the last article, we discussed in detail the user creation script. We looked at what information the script gets from the form and how it "cleans" and verifies form values, and then looked at how the user is informed about his or her log-in credentials. In this article, the conclusion to our four-part series, we'll finish the discussion.

TABLE OF CONTENTS:
  1. User Authentication for a Project Management Application
  2. User Information
  3. The Script
  4. Checking the User and Email
By: David Web
Rating: starstarstarstarstar / 1
August 18, 2008

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement


Script: password.php

<?php

session_start();

include "dbcon.php";

include "functions.php";

//initialise variables

$err="";

$errmsg=false;


//is form submitted?

if(isset($_POST['submit'])){

//check that the form values are not empty, if so, set errormsg value

if(empty($_POST['uname'])){

$errmsg="The username field is empty, please enter a username";

$err=true;

}

if(empty($_POST['email'])){

$err=true;

$errmsg .="The email address field is empty, please enter a email address";

}


//check that the username is in correct format

if(!$err){

if(!checkformat($_POST['uname'])){

$err=true;

$errmsg .="The username that you entered has a incorrect format.";

}

}


//check that the email is in correct format

if(!$err){

if(!checkmailformat($_POST['email'])){

$err=true;

$errmsg .="The email address that you entered has a incorrect format.";

}

}



//check to see if the user exist

if(!$err){

$cleanuname = mysql_escape_string($_POST['uname']);

$cleanemail = mysql_escape_string($_POST['email']);

$unamecheck = "SELECT email,name,sname FROM users WHERE username='".$cleanuname."' and email = '".$cleanemail."'";

$result=mysql_query($unamecheck);

$num=mysql_num_rows($result);

if($num > 0){

$row = mysql_fetch_assoc($result);

$thepass = $row['upass'];

$theName = $row['name'];

//build email headers

//this text will appear in the subject line of the email

$subject = "Project Management - Password Recovery";

//this is the recipient of the email

$to = $cleanemail;

//sender name

$from_name = "Project Management Application";

//sender address

$from_email = "website@mywebsite.com";

$headers = "From: " . $from_name . " <" . $from_email . ">";

//build message

$msg = "<html>

<head>

<title>Project Management</title>

<link rel='stylesheet' type='text/css' href='http://www.yourwebsitelocationhere.com/loginstyle.css'>

</head>

<body>

<table width='100%' border='0' cellspacing='0' cellpadding='0'>

<tr>

<td><p>Dear <b>".$theName."</b></p>

Below is the password you requested:<br />

<br />

<b>Password:</b> ".$thepass.";


</td>

</tr>

</table>";

$msg .= "</body>

</html>";


mail($to, $subject, $msg, $headers);

}else{

$err=true;

$errmsg .="The information you entered is incorrect or does not exists. ";


}

}




}//end submit

?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/userauth.dwt.php" codeOutsideHTMLIsLocked="false" -->

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<!-- InstanceBeginEditable name="doctitle" -->

<title>Untitled Document</title>

<!-- InstanceEndEditable -->

<!-- InstanceBeginEditable name="head" -->

<!-- InstanceEndEditable -->

<link href="Templates/loginstyle.css" rel="stylesheet" type="text/css" />

</head>


<body>

<table width="100%" border="0">

<tr>

<td bgcolor="#6699CC" class="headertxt">Project Management:: User Authentication </td>

</tr>

<tr>

<td><!-- InstanceBeginEditable name="main" -->

<form id="form1" name="form1" method="post" action="">

<table width="100%" border="0" class="formborder">

<tr>

<td colspan="2" class="loginheader">Password Recovery </td>

</tr>

<?php if(isset($errmsg)){?>

<tr>

<td colspan="2" class="errmsg"><?php echo $errmsg; ?></td>

</tr>

<tr>

<td colspan="2">&nbsp;</td>

</tr>

<tr>

<?php

}

?>

<tr>

<td>Username:</td>

<td><label>

<input name="uname" type="text" id="uname" size="40" />

</label></td>

</tr>

<tr>

<td>Email Address: </td>

<td><label>

<input name="email" type="text" id="email" size="40" />

</label></td>

</tr>

<tr>

<td>&nbsp;</td>

<td><label>

<input name="submit" type="submit" id="submit" value="Get Password" />

</label></td>

</tr>

</table>

</form>

<!-- InstanceEndEditable --></td>

</tr>

<tr>

<td align="right" class="cright">copyright &copy; 2007 PM </td>

</tr>

</table>

</body>

<!-- InstanceEnd --></html>

Let's look at the PHP code in detail. After including the database connection files, and initializing some variables, the code runs the usual checks on the form values.

session_start();

include "dbcon.php";

include "functions.php";

//initialise variables

$err="";

$errmsg=false;


//is form submitted?

if(isset($_POST['submit'])){

//check that the form values are not empty, if so, set errormsg value

if(empty($_POST['uname'])){

$errmsg="The username field is empty, please enter a username";

$err=true;

}

if(empty($_POST['email'])){

$err=true;

$errmsg .="The email address field is empty, please enter a email address";

}


//check that the username is in correct format

if(!$err){

if(!checkformat($_POST['uname'])){

$err=true;

$errmsg .="The username that you entered has a incorrect format.";

}

}


//check that the email is in correct format

if(!$err){

if(!checkmailformat($_POST['email'])){

$err=true;

$errmsg .="The email address that you entered has a incorrect format.";

}

}

We continue our analysis of the code in the next section.



 
 
>>> More PHP Articles          >>> More By David Web
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

PHP ARTICLES

- Hackers Compromise PHP Sites to Launch Attac...
- Red Hat, Zend Form OpenShift PaaS Alliance
- PHP IDE News
- BCD, Zend Extend PHP Partnership
- PHP FAQ Highlight
- PHP Creator Didn't Set Out to Create a Langu...
- PHP Trends Revealed in Zend Study
- PHP: Best Methods for Running Scheduled Jobs
- PHP Array Functions: array_change_key_case
- PHP array_combine Function
- PHP array_chunk Function
- PHP Closures as View Helpers: Lazy-Loading F...
- Using PHP Closures as View Helpers
- PHP File and Operating System Program Execut...
- PHP: Effects of Wrapping Code in Class Const...

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: