[PHP-DB] Connecting to mySQL database

2002-02-16 Thread Alvin Ang 

Hi ppl,

I'm new to both PHP and mySQL but have no choice but to crash-course on
both before end of mid of march to complete my University project. I would
really appreciate alittle help from any kind soul out there.

I have already created a mySQL database and create all the tables *well at
least all those that i think i need*. Now i am trying to connect to the
database and test if everything was created properly and make sure i can
connect.

Can anyone please advise on how i should go abt it?? Thanks a million!!!

Alvin

P.S: My school project is on developing a web-based inventory managament
system. :P


-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DB] Connecting to mySQL database

2002-02-16 Thread DL Neil 

Hi Alvin,

 I'm new to both PHP and mySQL but have no choice but to crash-course on
 both before end of mid of march to complete my University project. I would
 really appreciate alittle help from any kind soul out there.

 I have already created a mySQL database and create all the tables *well at
 least all those that i think i need*. Now i am trying to connect to the
 database and test if everything was created properly and make sure i can
 connect.

 Can anyone please advise on how i should go abt it?? Thanks a million!!!


Welcome to our happy little (ever-expanding) world!

I suggest a visit to the PHP and MySQL homepages. If you look for the links and 
tutorial pages, you will find
plenty of the latter. There are a number of web articles on 'intro to MySQL and PHP' 
and 'making dynamic web
sites'. These types of tutorials cover all the basics that you're going to need to get 
started.

Later on, another visit may even yield something about inventory systems, perhaps the 
sites offering classes
might have something handy you can pick up and apply.

If you prefer books/the Uni library: PHP and MySQL Web Development by Welling and 
Thomson or MySQL by DuBois
are good choices - both cover interfacing the two products, but there are numerous 
alternatives that others will
recommend.

Regards,
=dn



-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP-DB] Connecting to MySQL Database

2001-12-13 Thread Jonathan Hilgeman 

Can you show us the code that checks the username and password to see if
they're correct?

Is this a custom admin page that you created? 

If your page is authenticating against the mysql database, then you should
know that MySQL encrypts the password and stores  the encrypted password.

So if you use the GRANT statement to create a new user that looks like:
User: admin
Pass: Secrets

...MySQL will store this as:
User: admin
Pass: Ata91230t!44

So if you try to login and your login code looks like:
if($PasswordEntered == $DatabasePassword)
{
...
}

So even if $PasswordEntered equals Secrets, it won't be the same, because
it won't match the encrypted password.

- Jonathan

-Original Message-
From: Michael Elliott [mailto:[EMAIL PROTECTED]]
Sent: Thursday, December 13, 2001 5:54 AM
To: [EMAIL PROTECTED]
Subject: [PHP-DB] Connecting to MySQL Database


I am trying to create an admin page to administer my database.  I used a
file .sql to create my database.  In the file, I included:

grant select, insert, update, delete
on database.*
to admin@localhost identified by 'password';

Why can I not log in successfully using admin and password?

Thanks




-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP-DB] Connecting to MySQL Database

2001-12-13 Thread Michael Elliott 

Alright here goes.

This is my login function:

function login($username, $password)
// check username and password with db
// if yes, return true
// else return false

{
 // connect to db
 $conn = db_connect();
 if (!$conn)
  return 0;

 // check if username is unique
 $result = mysql_query(select * from admin
  where username='username' and
  password = password('$password'));

 if (!$result)
  return 0;

 if (mysql_num_rows($result)0)
  return 1;
 else
  return 0;
}

And here is my admin.php page:

?

// include function files for this application
require_once(golf_fns.php);
session_start();

if ($username  $passwd)
// they have just tried logging in
{
 if (login($username, $passwd))
 {
  // if they are in the database register the user id
  $admin_user = $username;
  session_register(admin_user);
 }
 else
 {
  // unsuccessful login
  do_html_header(Problem:);
  echo You could not be logged in.
  You must be logged in to view this page. br;
  do_html_url(login.php, Login);
  do_html_footer();
  exit;
 }
}

do_html_header(Administration);
if (check_admin_user())
 display_admin_menu();
else
 echo You are not authorized to enter the administration area.;

do_html_footer();

?

I checked my database and as you said, the password has been encrypted.
Shouldn't MySQL be able to compare it against an encrypted password?

Thanks for your help!


Jonathan Hilgeman [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Can you show us the code that checks the username and password to see if
 they're correct?

 Is this a custom admin page that you created?

 If your page is authenticating against the mysql database, then you
should
 know that MySQL encrypts the password and stores  the encrypted password.

 So if you use the GRANT statement to create a new user that looks like:
 User: admin
 Pass: Secrets

 ...MySQL will store this as:
 User: admin
 Pass: Ata91230t!44

 So if you try to login and your login code looks like:
 if($PasswordEntered == $DatabasePassword)
 {
 ...
 }

 So even if $PasswordEntered equals Secrets, it won't be the same,
because
 it won't match the encrypted password.

 - Jonathan

 -Original Message-
 From: Michael Elliott [mailto:[EMAIL PROTECTED]]
 Sent: Thursday, December 13, 2001 5:54 AM
 To: [EMAIL PROTECTED]
 Subject: [PHP-DB] Connecting to MySQL Database


 I am trying to create an admin page to administer my database.  I used a
 file .sql to create my database.  In the file, I included:

 grant select, insert, update, delete
 on database.*
 to admin@localhost identified by 'password';

 Why can I not log in successfully using admin and password?

 Thanks




 --
 PHP Database Mailing List (http://www.php.net/)
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]
 To contact the list administrators, e-mail: [EMAIL PROTECTED]



-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

RE: [PHP-DB] Connecting to MySQL Database

2001-12-13 Thread Jonathan Hilgeman 

Try moving session_start to the very top of the script (above the require
statement), and then place the session_register on the line immediately
below session_start. You should first create the empty session variable
$admin_user, and THEN assign a value to it. But the most logical thing to do
would be to put all the session information at the very top of the script.

- Jonathan

-Original Message-
From: Michael Elliott [mailto:[EMAIL PROTECTED]]
Sent: Thursday, December 13, 2001 8:40 AM
To: [EMAIL PROTECTED]
Subject: Re: [PHP-DB] Connecting to MySQL Database


Alright here goes.

This is my login function:

function login($username, $password)
// check username and password with db
// if yes, return true
// else return false

{
 // connect to db
 $conn = db_connect();
 if (!$conn)
  return 0;

 // check if username is unique
 $result = mysql_query(select * from admin
  where username='username' and
  password = password('$password'));

 if (!$result)
  return 0;

 if (mysql_num_rows($result)0)
  return 1;
 else
  return 0;
}

And here is my admin.php page:

?

// include function files for this application
require_once(golf_fns.php);
session_start();

if ($username  $passwd)
// they have just tried logging in
{
 if (login($username, $passwd))
 {
  // if they are in the database register the user id
  $admin_user = $username;
  session_register(admin_user);
 }
 else
 {
  // unsuccessful login
  do_html_header(Problem:);
  echo You could not be logged in.
  You must be logged in to view this page. br;
  do_html_url(login.php, Login);
  do_html_footer();
  exit;
 }
}

do_html_header(Administration);
if (check_admin_user())
 display_admin_menu();
else
 echo You are not authorized to enter the administration area.;

do_html_footer();

?

I checked my database and as you said, the password has been encrypted.
Shouldn't MySQL be able to compare it against an encrypted password?

Thanks for your help!


Jonathan Hilgeman [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Can you show us the code that checks the username and password to see if
 they're correct?

 Is this a custom admin page that you created?

 If your page is authenticating against the mysql database, then you
should
 know that MySQL encrypts the password and stores  the encrypted password.

 So if you use the GRANT statement to create a new user that looks like:
 User: admin
 Pass: Secrets

 ...MySQL will store this as:
 User: admin
 Pass: Ata91230t!44

 So if you try to login and your login code looks like:
 if($PasswordEntered == $DatabasePassword)
 {
 ...
 }

 So even if $PasswordEntered equals Secrets, it won't be the same,
because
 it won't match the encrypted password.

 - Jonathan

 -Original Message-
 From: Michael Elliott [mailto:[EMAIL PROTECTED]]
 Sent: Thursday, December 13, 2001 5:54 AM
 To: [EMAIL PROTECTED]
 Subject: [PHP-DB] Connecting to MySQL Database


 I am trying to create an admin page to administer my database.  I used a
 file .sql to create my database.  In the file, I included:

 grant select, insert, update, delete
 on database.*
 to admin@localhost identified by 'password';

 Why can I not log in successfully using admin and password?

 Thanks




 --
 PHP Database Mailing List (http://www.php.net/)
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]
 To contact the list administrators, e-mail: [EMAIL PROTECTED]



-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]