PHP Login Troubles Using PDO |
PHP Login Troubles Using PDO |
SBH |
Aug 15 2015, 12:50 PM
Post
#41
|
Member Group: Members Posts: 82 Joined: 6-February 15 Member No.: 22,158 |
this was it before you showed the whole code, minor changes… CODE $usrname = filter_var($_POST['usrname'], FILTER_SANITIZE_STRING); $passwrd = filter_var($_POST['passwrd'], FILTER_SANITIZE_STRING); /*** now we can encrypt the password ***/ $passwrd = password_hash($passwrd, PASSWORD_DEFAULT); /*** connect to database ***/ /*** mysql hostname ***/ $mysql_hostname = 'localhost'; /*** mysql username ***/ $mysql_username = "XXXXX"; /*** mysql password ***/ $mysql_password = "YYYYY"; /*** database name ***/ $mysql_dbname = ‘ZZZZZ’; try { $dbh = new PDO("mysql:host=$mysql_hostname;dbname=$mysql_dbname", $mysql_username, $mysql_password); /*** $message = a message saying we have connected ***/ /*** set the error mode to excptions ***/ $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); /*** prepare the select statement ***/ $stmt = $dbh->prepare("SELECT * FROM U_Authentications WHERE username = :usrname AND password = :passwrd"); /*** bind the parameters ***/ $stmt->bindValue(":usrname", $usrname); $stmt->bindValue(":passwrd", $passwrd); /*** execute the prepared statement ***/ $stmt->execute(); /*** check for a result ***/ $user_id = $stmt->fetchAll(); /*** if we have no result then fail boat ***/ if(count($user_id) < 1){ $message = 'Login Failed'; } else{ /*** set the session user_id variable ***/ $_SESSION['user_id'] = $user_id; /*** tell the user we are logged in ***/ $message = 'You are now logged in'; } } catch(Exception $e){ /*** if we are here, something has gone wrong with the database ***/ $message = 'We are unable to process your request. Please try again later<br>'; $message .= $e->getMessage(); } Thanks @masonh928. You'd have guessed by now, but I'm fairly new to PHP. Question I have in the backdrop of my PHP version being 5.3.29, what's the hashing algorithm that I use? md5 or something else. @CharlesEF - Thanks for the link, that I see is most helpful. If not a trouble, can i reach out to you both later for questions pertaining to salting, stretching, etc.? |
CharlesEF |
Aug 15 2015, 01:06 PM
Post
#42
|
Programming Fanatic Group: Members Posts: 1,981 Joined: 27-April 13 From: Edinburg, Texas Member No.: 19,088 |
If you have any other problems just post it here. Someone will help (if they can).
|
SBH |
Aug 15 2015, 01:19 PM
Post
#43
|
Member Group: Members Posts: 82 Joined: 6-February 15 Member No.: 22,158 |
Sure will do, for now can I get help on the algorithm to be used?
|
CharlesEF |
Aug 15 2015, 01:36 PM
Post
#44
|
Programming Fanatic Group: Members Posts: 1,981 Joined: 27-April 13 From: Edinburg, Texas Member No.: 19,088 |
I already gave you my recommendation, phpass. Use it instead of anything PHP might offer.
|
masonh928 |
Aug 15 2015, 01:39 PM
Post
#45
|
Serious Coder Group: Members Posts: 253 Joined: 17-August 13 From: Indiana Member No.: 19,570 |
yes if you don't have php 5.5 or the latter then I HIGHLY suggest phpass. If you do have php 5.5., which you don't, then use PHP's NATIVE Password hashing function, password_hash() and password_verify() they do all the work for you. So this not currently a viable option, use phpass.
|
masonh928 |
Aug 15 2015, 01:40 PM
Post
#46
|
Serious Coder Group: Members Posts: 253 Joined: 17-August 13 From: Indiana Member No.: 19,570 |
You can ask away, we don't bite… lol
|
SBH |
Aug 15 2015, 03:31 PM
Post
#47
|
Member Group: Members Posts: 82 Joined: 6-February 15 Member No.: 22,158 |
You can ask away, we don't bite… lol :-) But guys, I'm still not getting it. For testing purpose, I'm used both pHpass (which I downloaded) and sha1. Can I trouble you with a sample script? I guess an important thing is also where I place the page to which I want control to be transferred once logged in. My header and form action commands are again failing me. |
CharlesEF |
Aug 15 2015, 03:46 PM
Post
#48
|
Programming Fanatic Group: Members Posts: 1,981 Joined: 27-April 13 From: Edinburg, Texas Member No.: 19,088 |
It would be better if you attached the required pages to a post so we can download and see your entire work.
|
SBH |
Aug 15 2015, 03:49 PM
Post
#49
|
Member Group: Members Posts: 82 Joined: 6-February 15 Member No.: 22,158 |
@CharlesEF - Will do mostly tomorrow.
|
masonh928 |
Aug 16 2015, 08:08 PM
Post
#50
|
Serious Coder Group: Members Posts: 253 Joined: 17-August 13 From: Indiana Member No.: 19,570 |
ok when you do, post your example.
|
SBH |
Aug 18 2015, 09:28 AM
Post
#51
|
Member Group: Members Posts: 82 Joined: 6-February 15 Member No.: 22,158 |
|
masonh928 |
Sep 30 2015, 06:13 AM
Post
#52
|
Serious Coder Group: Members Posts: 253 Joined: 17-August 13 From: Indiana Member No.: 19,570 |
and E_STRICT
|
Lo-Fi Version | Time is now: 27th April 2024 - 05:03 PM |