PHP Classes
elePHPant
Icontem

user authorization: user authorization process

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  All requests RSS feed  >  user authorization  >  Request new recommendation  >  A request is featured when there is no good recommended package on the site when it is posted. Featured requests  >  No recommendations No recommendations  

user authorization

Edit

Picture of Kanwal Naz by Kanwal Naz - 10 months ago (2015-04-01)

user authorization process

This request is clear and relevant.
This request is not clear or is not relevant.

+1

I wish to learn the user authorization process with login attempts check, I have created a simple user login function that on successful login redirect to welcome page but this didn't restrict wrong submitted password. my code is as under: <?php 

require_once('Connections/config.php'); 
@session_start();
error_reporting(E_ALL ^ E_NOTICE);
if(isset($_GET['logout'])){
@session_destroy();
$messageUser="You have been logged out successfully";

?>

		<script type="text/javascript">
			alert("<?=$messageUser?>")
		</script>

<?php

	redirect('login.php');
}
if(isset($_POST['login_submit'])){
	$userName	= 	$_POST['username'];
	$uPassword	=	$_POST['password'];
	//$hashed    	= 	hash('sha512', $uPassword);


	$_SESSION['messageUser'] = "";


	$sql	=	"SELECT * FROM users WHERE username= '$userName' AND password= '$uPassword'";
	$res	=	mysql_query($sql) or die('1login'.mysql_error());
	
	if(@mysql_num_rows($res) > 0 ){
		$rows_users	=	mysql_fetch_assoc($res);			
		if($rows_users['ustatus'] == 1){		
				
				$_SESSION['myId'] 		= $rows_users['id'];	
				$_SESSION['myName'] 	= $rows_users['username'];
				$_SESSION['myPass'] 	= $rows_users['password'];
				$_SESSION['myType']		= $rows_users['utype']; 		
				$_SESSION['myCompany'] 	= $rows_users['com_id'];	
				$_SESSION['myBranch'] 	= $rows_users['br_id'];	
				$_SESSION['myStatus'] 	= $rows_users['ustatus'];
				
				redirect('dashboard.php');
		}
		elseif($rows_users['ustatus'] == 2)				
			$_SESSION['messageUser']="You are banned user";
		else
			$_SESSION['messageUser']="you are not activated yet";
	}
	else
		$_SESSION['messageUser']="user  does not exists";
}

?>

Ask clarification

1 Recommendation

MySQL Database Library: Access MySQL databases and manipulate files

This recommendation solves the problem.
This recommendation does not solve the problem.

0

Picture of JME Farm by JME Farm package author package author Reputation 140 - 7 months ago (2015-06-22) Comment

I have a few methods for dealing with users in my MySQL database class. I currently use the MySQL password() function on my passwords, though, so you might not want to use it if you are storing plain text.

Anyway, the authorize("user", "pass") method check to see if the given username & password exist in the users table of the database and if they are unique. If so, it returns an associative array of that user, but if not it returns false.

Hope that helps.

Recommend package
: 
: