I am making a login page and registration page in php with mysql and i need to apply some authentication like;
1)when login if i don’t enter the password and click on Submit button, it should show me a alert box that password is not filled.
2)during registration if some fields are not filled,then it show me a alret box that these fields are not filled. and when all fields are filled then all the data should go in a mysql database.
3)how can i match that,during login usernaam along with its corresponding password name is correct .and if nt connect show me a alert ox that username and password donot match.
Ahem - The CHAR datatype, shorthand for “Characters”, is for alphanumeric characters valid within the encoding set of the column (usually UTF-8). Numerals are characters and so are punctuation glyphs - to the computer they are all characters. VARCHAR is shorthand for “Variable Characters”. VARCHAR doesn’t magically accept more types of characters than CHAR does, what it allows is for the number of characters in the string to vary. The “variable” here refers to the length of the string, not to the type of characters allowed.
No it’s not. CHAR and VARCHAR can contain all characters.
i had to use varchar(40) so can i use varchar in sha or md5.
But now you are using varchar(20). Why? It would’ve worked with varchar(40), although being password a column with a fixed length value, having a variable length column doesn’t make much sense like Michael said.
you are right but char is only used for alphabets and in password if someone write numerals then i had to use varchar(40) so can i use varchar in sha or md5.
That’s part of your problem. An md5 hash is always exactly 32 characters. Use char(32) to store it. If using sha1 use char(40). Hash string lengths are invariant, declaring it varchar is slight extra overhead.
Then you need to step through your code using echo statements to check variables’ values like shown earlier to find the source of the problem. You don’t have many lines in your code so it shouldn’t take long.
I think you’ll find most people will advise using sha1 instead of md5 for hashing strings.
But in any case, I normally use sha1() and use these simplified basic steps.
1- when someone registers a username/password I run a query similar to
$query= "insert into tblUsers (username, password) values ('myUsername',sha1('myPassword'))";
except you’ll have variable names for the username and password. sha1() creates a unique 40 character string so your password column in the db table needs to be varchar(40).
2- when a user logs in with a username and password you check if the sha1 hash of the user entered password matches the hashed password in the database for the entered username.
$query = 'select * from tblUsers where username = "'.$username.'" and password = "'.sha1($password).'"';
$rs = mysql_query($query,$conn);
if(mysql_num_rows($rs) == 1){
//username, password are correct, so allow user in
} else {
//username and/or password are incorrect
}
while writing php program…i just write md5 password so will give me password in encrypt and if i want to use plain text,i just removed md5 and just wrieeten password so it was giving me plain text…
