The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

User Login Page

Discussion in 'General Discussion' started by evgsoftn, Jul 24, 2007.

  1. evgsoftn

    evgsoftn Registered

    Joined:
    Jul 24, 2007
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Hi All,

    I'm a newbie... anybody out there can help me create a secure user login page? What is preferred, use a cgi script or php?

    Your assistance is greatly appreciated.

    Thanks.
    evg
     
  2. webdes03

    webdes03 Member

    Joined:
    Nov 24, 2004
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    What exactly are you trying to do?

    IMO, PHP.MySQL is the best way. Store your usernames and passwords in a MySQL db, and use PHP to execute a query to see if the data sent through the login form (username and passwork) match the corresponding fields in the db. Then assign a session variable to maintain the logged in session.

    Your MySQL query would be something like the following:
    PHP:
    $query mysql_query("SELECT * FROM tblTable WHERE username='$username' && password='$password'");
    If it finds a row where they match then you can use an if statement to assign the session variable.
    PHP:
    if (mysql_num_rows($query) > 0) {
      
    $row mysql_fetch_rows($query);
      
    $_SESSION['username'] = $row[username];
    }
    Thats a very incomplete couple lines of code, but it should give you enough to do some research. You'd get more help on this type of thing from phpbuilder.com that you will here. You need more coding assistance than cPanel assistance.
     
  3. gribozavr

    gribozavr Member

    Joined:
    Aug 15, 2007
    Messages:
    23
    Likes Received:
    1
    Trophy Points:
    3
    $query = mysql_query("SELECT * FROM tblTable WHERE username='$username' && password='$password'");

    Are you joking? That's a clear SQL injection!
     
Loading...

Share This Page