|
php login script
This simple php login script features functions to add hashed and encrypted passwords and usernames to a mysql table, and then a function to validate users based on these PHP login credentials. One of the most popular uses of a PHP script is to secure acess to various portions of a website based on a user's login name and password. We only use one way encryption, when storing the php login passwords in the mysql database, because our php login script never needs to know the actual plaintext of the username or password, thereby securing the php login script.
<?
function MakeTableLogins ( $database , $host , $db_user , $db_pass ) { //create the logins table
$linkID = mysql_connect ( $host , $db_user , $db_pass );
mysql_select_db ( $database , $linkID );
mysql_query ( "create table logins (user char(32), pasword char(32))" , $linkID );
}
function Encrypt ( $string ) { //hash then encrypt a string
$crypted = crypt ( md5 ( $string ), md5 ( $string ));
return $crypted ;
}
function AddUser ( $database , $host , $db_user , $db_pass , $username , $password ) { //add user to table logins
$linkID = mysql_connect ( $host , $db_user , $db_pass );
mysql_select_db ( $database , $linkID );
$password = encrypt ( $password );
$username = encrypt ( $username );
mysql_query ( "insert into logins values ('$username', '$password')" , $linkID );
}
function Login ( $database , $host , $db_user , $db_pass , $user , $password ) { //attempt to login false if invalid true if correct
$auth = false ;
$user = Encrypt ( $user );
$linkID = mysql_connect ( $host , $db_user , $db_pass );
mysql_select_db ( "$database" , $linkID );
$result = mysql_query ( "select password from logins where user = '$user'" , $linkID );
$pass = mysql_fetch_row ( $result );
mysql_close ( $linkID );
if ( $pass [ 0 ] === ( Encrypt ( $password ))) {
$auth = true ;
}
return $auth ;
}
?>
| 
