Skip to main content

User Validation/Authentication in PHP

If a user visits a website, where he is asked for validating his username and password and will be validated with the MySQL Database. the following scripts demonstrate this.
Step 1: create a database called dummy by executing “create database dummy” in mysql command window or shell window
Step 2: Create a table called usertable with two fields ‘user’ and ‘pass’ and populate with some values.
create table usertable (user varchar(20), pass varchar(30));
insert into usertable values (’pradeep’,'pradeep’);

Step 3: write the following html script and name it as user.html
<form method=post action=user.php>
Enter the Username: <input type=text name=username> <BR>
Enter the password: <input type=password name=password> <BR>
<input type=submit>
</form>
Step 4: Write the following PHP script and name it as user.php
<?php
$user=$_POST['username']; //get the username from the previous page (html page)
$pass=$_POST['password']; //get the password from the previous page
$conn=mysql_connect(”localhost”,”root”,”abc123”) or die(”Connection Failed”. mysql_error());
mysql_select_db(”dummy”,$conn) or die(mysql_error());
$query=”Select * from usertable where user=’$user’ and pass=md5(’$pass’)”;
$result=mysql_query($query) or die(mysql_error());
$num = mysql_num_rows($result);//returns atleast 1 row if the username password combination is valid
echo $num;//display the number of rows returned
if($num != 0)
{
echo “Welcome Mr.$user, you are authenticated”;
}
else
{
echo “Username/password combination Failed”;
}
mysql_close($conn);
?>
The above script checks for the username and password combination, if the combination is success, then atleast one row will be returned, else the returned rows will be 0.

Comments

  1. PHP Authentication7 September 2009 at 16:27

    There are few security breaches in your example.

    First, you store plaintext passwords in database. This way they are visible to everyone who has database access. It is strongly advised that you store password hashes instead.

    Second, you should escape all user input strings before you include them in SQL queries. Without this, you are open to SQL injection attacks.

    Combine these two and you have really poor security on your web site.

    You can read more about these problems in the following article:
    http://bit.ly/BS2fO

    BTW, change the password in your mysql_connect function, this one is not politically correct. :-)

    ReplyDelete

Post a comment

Popular posts from this blog

Implementing a new system call in Kernel version 2.6.32

A system call is used by application or user programs to request service from the operating systems. Since the user programs does not have direct access to the kernel whereas the OS has the direct access. OS can access the hardware through system calls only.The following files has to be modified for implementing a system call/usr/src/linux-2.6.32.5/arch/x86/kernel/syscall_table_32.S/usr/src/linux-2.6.32.5/arch/x86/include/asm/unistd_32.h/usr/src/linux-2.6.32.5/include/linux/syscalls.h/usr/src/linux-2.6.32.5/MakefileNew set of files to be createdCreate a new directory newcall/ inside the path “/usr/src/linux-2.6.32.5/” Create new files Makefile, newcall.c and put them in the /usr/src/linux-2.6.32.5/newcall/ folder Create new user files (in any folder of Linux) to test the system call
testnewcall.c, testnewcall.h (created in /home/pradeepkumar) syscall_table_32.S Find the file /usr/src/linux-2.6.32.5/arch/x86/kernel/syscall_table_32.S and add the following line at the end
"…

Installing TexLive 2019 in Ubuntu 18.04

Installation of TexLive 2019 in Linux (Ubuntu 18.04 LTS)
TeX (Tech)

Installation of TexLive 2019

Please watch the video for full installation



I used .iso file to download, the Total size is 3.3GB for Linux,

and i used the torrent file to download, it took me just 20 min to download the entire .iso file

Extract the .iso file to a folder and open a terminal

$] sudo ./install-tl
(it goes into a terminal mode, which is faster compared to the GUI Mode)

$] sudo ./install-tl -gui
after the installation, set the PATH, MANPATH and INFOPATH as suggested by LATEX

export PATH=$PATH:/usr/local/texlive/2019/bin/x86_64-linux
export MANPATH=/usr/local/texlive/2019/texmf-dist/doc/man
export INFOPATH=/usr/local/texlive/2019/texmf-dist/doc/info

put these lines in to the /home/pradeepkumar/.bashrc

$] gedit /home/pradeepkumar/.bashrc
We have installed TexLive 2019 and texstudio.

To install texstudio

$] sudo apt install texstudio
The look and feel of TexStudio looks like this image.


texlive, it install everyt…

Electrical Machine Design (equations)

FactorsDC Machine Transformers Induction Machines Synchronous MachinesOutput EquationPa=CoD2Ln, where Pa=P/h for generators, Pa=P for motorsFor Single Phase
Q=2.22 f Bm Ai Kw Aw d10-3
For Three Phase
Q=3.33 f Bm Ai Kw Aw d 10-3Q=CoD2 L ns
KVA Input Q=
HP * 0.746 / Cos f * hQ=CoD2 L ns
KVA Input Q=
HP * 0.746 / Cos f * h
For Turbo alternators
Q=1.11Bavac KwsVa2 L 10-3/nsOutput CoefficientCo=Bav ac* 10-3where Bav-magnetic loading and ac - electric loadingDNACo=11 Kws Bav ac 10-3Co=11 Kws Bav ac 10-3 Choice of Magnetic LoadingFlux Density in Teeth Frequency of Flux Reversals Size of machineDNAMagnetizing current, Flux Density, Iron lossIron loss, Stability, Voltage Rating, Parallel Operation, Transient ShortCircuit current Choice of Electric LoadingTemperature rise,
speed of machine, Voltage, Armature reaction, CommutationDNAOverload Capacity, Copper losses, Temperature rise, Leakage ReactanceCopper loss, Synchronous reactance, Temperature rise, Stray Load losses,
Voltage rating Flux …