I would be focusing more on fundamentals and less on design as you can sit and keep experimenting with the look of the page yourself.
Before beginning you may note that we will be working in /var/www/ folder and as only root has access to these folders we would have to change the permissions of this folder. You can do this by following my previous post.
To Store the username and passwords and to extract them for checking with the provided username and password we will have to make a database and a table in this database to store the username and passwords in it.
Step 1 :- Go to terminal and write
mysql -u root -p
After pressing enter you will be asked to enter your password. Enter the password and then press enter. The whole process would be something like this
Step 2 :- Create a new Database by running the following command in mysql prompt (myqsl>)
create database webpage;
You can see if the database is created by using the command
show databases;
Step 3 :- Create a table login with three columns id,username,password.
create table login (id number,username varchar(20),password varchar(20),PRIMARY KEY(id));
Step 4 :- Enter a value in the database in order to check the user entered value. We will be storing the username as plain text but will be using AES(Advanced Encryption Standard) encryption algorithm to store the user password. We can use SHA1 or MD5 hashing algorithms but AES is the most secure algorithm of all.
insert into login values(1,"Ali",aes_encrypt("password","secret_key"));
We have used the function aes_encrypt to encrypt the password with a key "secret_key". Remeber the key as it is used at the time of decryption of the password.
We are done with our table management and now its time to create the actual web page.
I assume that the reader is well acquainted with HTML and PHP.Documentation of any of the PHP function or syntax could be found out on PHP Manual. The code of webpage would be of the form as shown below .
<HTML>
<head>
<title> Login Page </title>
</head>
<body>
Sign In</br></br>
<form name="login" id="login" method="post" action="login.php">
<table>
<tr><td>Username</td><td>:-</td><td><input type="text" name="uname" ></td></tr>
<tr><td>Password</td><td>:-</td><td><input type="password" name="pwd"></td></tr>
<tr><td><input type="submit" name="sbutton" value="LOGIN"></td></tr>
</table>
</form>
</body>
</HTML>
<?php
error_reporting(E_ALL);
if($_POST["uname"] != NULL)
$username=$_POST["uname"];
if($_POST["pwd"] != NULL)
$password=$_POST["pwd"];
if($_POST["sbutton"] !=NULL)
{
//establish connection with MySQL
$con = mysql_connect("localhost","root","password") or die('Could not connect: ' . mysql_error());
//Select The required Database
mysql_select_db("webpage",$con) or die('Could not select database: ' . mysql_error());
//Extract the decrypted passwords and usernames from login table
$result=mysql_query("select AES_DECRYPT(password,'aliabbasmanager') as password , username from login",$con)or die('Could not decrypt: ' . mysql_error());
//Find Out number of Rows of the desired table ie. the login table
$num_rows=mysql_num_rows($result);
//Loop through the rows of table to check the password
while($num_rows > 0)
{
$flag=0;
//fetch a row
$row=mysql_fetch_array($result);
//extract fields
$cuser=$row["username"];
$cpass=$row["password"];
//compare usernames & passwords
if(strcmp($cuser,$username) == 0)
if(strcmp($cpass,$password) == 0)
{
$flag=1;
break;
}
$num_rows--;
}
if($flag == 1)
echo "<font color='green'>successful</font>";
else
echo "<font color='red'>unsuccessful</font>";
mysql_close($con);
}
?>
If you have any doubts in the code feel free to comment.
supperrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
ReplyDeletei created the page but when i enter the username as Ali and password as same Ali i dont see anzthing further, kindly guide in detail
ReplyDeleteThanks
This piece of code was truly beneficial for me and I truly appreciate you for sharing this resourceful article among us. Continue sharing and keep us updated.
ReplyDeleteWebsite Design Agency | Website design company