Hy! I developed my first php application which shall deal as a simple UI for an oralce database. The user shall be able to perform some queries for daily business. Off course not everybody should have access to the thing and therefore I need some kind of user authentication. Basically about 20 people shall be able to deal with the whole thing! Now my question! What is the best way to do it? At the moment I think about two possibilities! Make the people users of the database and just try if they can connect to the database with their username/passord or not. And based on that give them access to the website ore not. The other possibility would be to do this via a file where username and password (password encrypted)are stored and to use these to give access to the website! It is my first php project and so I dont have much experience. So thanks for your help.
Here's what I used.. works good for me! <?php if ($_POST) { include ('db_con.php'); include ('make_safe.php'); $username = make_safe($_POST["username"]); $password = make_safe($_POST["password"]); $query = "SELECT * FROM users WHERE Username='$username'"; $result = mysql_query($query); if(0 == mysql_num_rows($result)) { include ('index.php'); echo "Incorrect username."; exit; } if(1 == mysql_num_rows($result)) { $query = "SELECT * FROM users WHERE Username='" . $username . "' && Password='" . $password . "'"; $result = mysql_query($query); if ($row = mysql_fetch_array($result)) { session_start(); $valid_user = $row['Username']; $_SESSION["valid_user"] = $valid_user; $_SESSION["valid_time"] = time(); header("location: " . $_SERVER['PHP_SELF']); exit; } else { include ('index.php'); echo "invalid password."; exit; } } else { echo "There is more than one user with that username. Please call Munz Computer Services immediately to resolve the issue."; } } else { ?> <html> <title>Munz Computer Services</title> <?php include ('index.php'); ?> <center> <form action="" method="post"> <table> <tr> <td>Username:</td> <td><input type="text" size="20" maxlength="20" name="username"/></td> <tr> <td>Password:</td> <td><input type="password" size="20" maxlength="10" name="password" /></td><p /> </tr> <tr> <td colspan="2" align="right"><input type="submit" name="login" value="Login" class="right" /></td> </table> </form> </center> <?php } ?> </div> </body> </html> PHP: