Posted: Thu Oct 26, 2006 6:55 pm Post subject: Saving PHP Data
Okay, obviously I need help. I need to know how to save a Username and Password and I need to be able to read it and see it it is correct. I'm probably going to get flamed for this topic. I've just recently started to learn PHP so I'm new to it. I have learned how to get a name and password but not how to save it.
So far this is how I get the Username and Password:
I have a feeling I'm going to get flamed a lot and probably not even by moderators. But I need a lot of help with this, I'm pathetic I know. Could someone please help me? If you send links to tutorials I'll probably mess it up more than my array. There is a chance they might help... Well could someone just respond?
Sponsor Sponsor
Craige
Posted: Thu Oct 26, 2006 7:13 pm Post subject: (No subject)
You wont get flamed. It's just a question, and a legitimate one at that. I remember when I was new to PHP. It was all questions, all the time.
Now, you have a couple options when it comes to saving user data. The most common, expecually in this type of purpose, is a database. Databases allow your to store data in an organized way, and retrieve it at lightning fast speeds. Take a look around php.net's documentation on the MySQLi extension. Ignore any reference to things called objects, classes, and in general the term OOP. You won't really be able to use it yet.
Specifically within this extension, you will want to look at mysqli_connect(), mysqli_query(), mysqli_fetch_array(), and mysqli_close(). You need to set up a MySQL database before you can use any of these though. If you are paying for a host, I can almost guarantee that they have MySQL databases. Contact them for details on how to set them up.
[i]Remember, with that documentation, only pay attention to the procedural style, not the object oriented style.
Your second option, is to use flat files, and the filesystem library. It isn't that common of a method for things like this, but it is available. Just take a look around that page and see what you can find. If you choose to use this method (not recommended by myself), and can't figure out how to do things, post back here and I can show you some examples.
r.3volved
Posted: Thu Oct 26, 2006 7:23 pm Post subject: (No subject)
^^ great post man
...and from St. Thomas, never would have thought...
octopi
Posted: Fri Oct 27, 2006 4:50 pm Post subject: (No subject)
THe below method just loads the usernames and passwords into an array, then it goes threw the array and sees if the username passed via the browser is in the array. If it finds it, then it displays the message "Hello Jeb" where Jeb is the username entered. If not, it gives you an error message saying the combination is invalid.
If you need and help with this, or clarification let me know.
range(0,count($cred) - 1) returns an array containing 0,1,2,3,4...all the way to original array length -1
$cred[] just adds a new element to the existing array. you could write this as $cred[count($cred)]
TheLastFall
Posted: Fri Oct 27, 2006 5:31 pm Post subject: (No subject)
Okay, Octopi I've tried your code and I have a slight problem with it. Okay, say I want to have one page that you enter your username and password and if its right you want it to go to another page and if it's wrong you want it to say "Invalid username/password" above the check box.
How could I mod this so it would be like that.
tells the users browser to redirect to the overview.php page.
this wont work if youve already printed out some content.
TheLastFall
Posted: Fri Oct 27, 2006 7:51 pm Post subject: (No subject)
I understand it now, all except for one part. I do not understand the Header part. Can you please clarify it for me?
TheLastFall
Posted: Fri Oct 27, 2006 8:10 pm Post subject: (No subject)
When it does it, it seems like it sends the data but it sends it more then once so it reaches an error saying header already sent. Is that what you meant at the end of your post? I don't really understand what that means.
Sponsor Sponsor
octopi
Posted: Fri Oct 27, 2006 8:37 pm Post subject: (No subject)
The header is a special peice of data sent to a browser that tells it what the content is about, how it should be displayed, and other things.
If you output something BEFORE you send the header it will be too late.
Make sure you don't have any print statements before the header. Or, that nothing is being outputted at all before it. Let me see your code if you need more help.
TheLastFall
Posted: Fri Oct 27, 2006 8:43 pm Post subject: (No subject)
I do think I understand but just so I don't mess anything up.
This is the login page:
I probably have a lot of programming errors in that, I don't know I have really read it over. Well thats the code I have.
octopi
Posted: Sat Oct 28, 2006 1:42 pm Post subject: (No subject)
No, your not really understanding....
All the html code up to <?php will be outputted right away.
So that means there is already some output.
In this situtation it is best to just change the header line to a link like you had, and make the user click threw.
code:
print "<a href='overview.php'>Continue</a>";
Craige
Posted: Sun Oct 29, 2006 9:26 pm Post subject: (No subject)
Okay, it seems you didn't like my advice, and that's okay, just know something about this method: when you have user names hard coded into a script, it becomes insecure, and not flexable either. The reason is:
a) if a user downloads your script, or in anyway views the php source, you usernames and passwords are revealed.
b) You should check the username and password at the top of every secure page, to make sure the user hasn't just gotten a hold of the url. With this method, you will have to put that array in an included file so it can be global to the entire site, and not static to every page.
Like I said, it's fine to do it like this for now, but when you start to learn more about PHP, you will want to change it.
Now, about you header problem: put this at the very top of you page:
<?php ob_start() ?>
The reason you need to do this (the way your coding) is that headers have to be the very first thing sent to the browser. They can not be sent after anything else. What that line I gave you does, is turn on output buffering, which holds all output in a buffer in memory untill the script finishes. With this, you can send headers at any time, as nothing will have been sent to the browser yet, and when the output buffer sees a header, it will just push it to the top of the buffer so it becomes the first thing sent to the browser.
Note: If you want to send the buffer to the browser early, call ob_flush(). This will send all data to the browser. You don't have to worry about calling this at the end of the script, as PHP will automatically flush the buffer when preforming garbage cleanup (freeing memory, resourses, and such)
octopi
Posted: Mon Oct 30, 2006 12:00 am Post subject: (No subject)
Craige is right this is not a good method for making a secure page, but I assumed this was just something to help you learn. As such mysql may be a little advanced for you just yet, so I suggested an alternative.
For improved security you shouldn't place the passwords in plain text, instead you should hash them, and store that value. You would then hash the incoming password to be checked, and then compare the stored hash, with the hash generated from the password to be checked. The same input will always result in the same hash. Hashes are a one-way system, which means it is not possible to reverse. You can not find the password if you are given just the hash. You can however compare them.
TheLastFall
Posted: Tue Oct 31, 2006 4:14 pm Post subject: (No subject)
I know I haven't replied in a while but I know what you mean about encrypting the file, I'll look into that later but right now I'm having trouble with placing the login information into the coding and having it in a specific spot. I doubt this will work if any of you try it but the coding is:
<div class="blocktitle"><h2>A New Generation</h2></div>
<div class="blockcontent">The world is in chaos and there are a few soldiers who can stop it, become the most powerful soldier and prevent the chaos from spreading or help it expand.</div>
<div class="spotlight-left">
<div class="blocktitle"><h2>Tips</h2></div>
<div class="blockcontent">If you are experiancing any difficulties with your account or loging in please send us a message, which could be found in the contact us link.</div>
<br>
</div>
<hr>
</body>
</html>
I'm just wondering where on that I can put it so that it is inside the first block title class. I've tried it numerous ways but the login won't appear in that section, I can only have it appear in another place but none of the content will appear until the person has entered the username and password. I don't know if this is specific enough.
Craige
Posted: Wed Nov 01, 2006 7:23 pm Post subject: (No subject)
I'm sorry, I don't exactly understand your question.