User authentication using PHP

Authentication using PHP only


<?php
// -------------- define functions -----------------
function isvalid($user, $password, $connection) {
	// checking if the user's login name and password are in DB
	// get rid of extra spaces in user name
	$user = trim($user);
	$find_user = "SELECT * FROM wp_users WHERE user_login = '$user' 
	AND user_pass = MD5('$password');";
	if (! ($result = @mysql_query($find_user, $connection))) {
		showerror();
	}
	if (mysql_num_rows($result) < 1) return false;	
	else return true;
}

function print_login_form() {
	$handler = "authenticate/check_password.php";
	$form_string = "
	<form name=\"theform\" method=\"POST\" 
	action=\"http://rynite.morris.umn.edu/~elenam/1101_fall06/php_examples/$handler\">

	<table border=\"0\">
	<tr>
	<td>Enter your user name:</td>
	<td>
	<input type = \"text\" name = \"user\">

	</td>
	</tr>
	<tr>
	<td>Enter your password:</td>
	<td>

	<input type = \"password\" name = \"password\">
	</td>
	</tr>
	<tr>
	<td>
	<input type=\"submit\" name = \"submit\" value=\"submit\">

	</td>
	</tr>
	</table>
	</form><br/>
	";
	print $form_string;
}

function showerror()
{
	die("Error ". mysql_errno(). " : " .mysql_error());	
}

// ---------------- end of functions -----------------

// getting the form data
$user = $_POST['user'];
$password = $_POST['password'];	


?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<!-- 
Checking if the user's login name and apssword are in the database
Author: Elena Machkasova elenam@morris.umn.edu 
Last modified: 12/12/06 
--> 
<html>
<head>
<title>
Checking user's login name and password
</title>
</head>
<body>
<?php
// open DB conncetion
// connect to the server
if (! ($connection = @mysql_connect("localhost","1101readonly","readonly")))
	die ("connection to the dtabase failed");

// select a database
if (!@mysql_select_db("1101fall06", $connection)) showerror();

if (isset($user) && isvalid($user, $password, $connection)) {
	print "Welcome, $user!<br/>\n";
} else {
	print_login_form();	
}

// close DB connection
@mysql_close($connection);
?>

</body>
</html>
http://rynite.morris.umn.edu/~elenam/1101_fall06/php_examples/authenticate/check_password.php
UMM CSci 1101

The views and opinions expressed in this page are strictly those of the page author. The contents of this page have not been reviewed or approved by the University of Minnesota.