Verificando contraseña en bases de datos

Timberin · #1 (**permalink**) 02/02/2008, 10:42

Hola,
Voy instalando un script de registro de usuario cuyo registrados y contraseña se va agregandose en un archivo .inc (userlog.inc) ¿es posible agregar los registrados y contraseña en bases de datos en vez de userlog.inc?

*****************comenzar register.php *************************
<? session_start();
// Variables - Edit These

// Self Registration: 1 to enable, 0 to disable.
$registration = 1;

// Name of your user file (Recommended to leave the extension as .inc)
$pwd = 'userlog.inc';
// Do not edit below this line unless you know what you are doing!
// ================================================== ===========

function head() {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>myPHPscripts Login Session</title>
</head>
<body>
<div align="center">

<div>
<table class="header">
<tr>
<td>
Login Session 1.0
</td>
</tr>
</table>
</div>
<br>
<?
}
function foot() {
?>
<br>
<div>
<table class="footer">
<tr>
<td>
<? echo base64_decode('TG9naW4gU2Vzc2lvbiAmY29weTsgMjAwNyA 8YSBocmVmPSJodHRwOi8vd3d3Lm15cGhwc2NyaXB0cy5uZXQiI HRhcmdldD0iX2JsYW5rIj5teVBIUHNjcmlwdHMubmV0PC9hPg= ='); ?>
</td>
</tr>
</table>
</div>

</div>

</body>
</html>
<?
exit();
}
if (isset($_REQUEST['logout'])) {
head();
$redirect = $_SERVER['HTTP_REFERER'];
echo '<meta http-equiv="refresh" content="2;url=';
echo $redirect;
echo '">';
echo '<strong>Logging Out.</strong><br>';
unset($_SESSION['logged_in']);
foot();
}
else if ($registration == 1 && isset($_REQUEST['register'])) {
head();
$redirect = strtok($_SESSION['redirect'],'?');
if (isset($_REQUEST['register_passwd']) && isset($_REQUEST['register_verify']) && isset($_REQUEST['register_password'])) {
if ($_REQUEST['register_passwd'] == $_REQUEST['register_verify']) {
$handle = @fopen($pwd, "r");
while (!feof($handle)) {
$tmpstr = fgets($handle, 100);
$line[] = ereg_replace("\n", "", $tmpstr);
}
for ($i=0; $i < count($line); $i++) {
$login_hash = strtok($line[$i],'_');
if ($_REQUEST['register_username'] == $login_hash) {
echo '<meta http-equiv="refresh" content="2;url=';
echo $redirect;
echo '">';
echo '<font color="red"><strong>Username already exists.</strong></font><br>';
$username_exists = 1;
break;
}
}
if ($username_exists != 1 && $_REQUEST['register_passwd'] != "" && $_REQUEST['register_username'] != "") {
$fh = fopen($pwd, 'a+') or die("can't open file");
$stringData = $_REQUEST['register_username'] . '_' . md5($_REQUEST['register_passwd']) . "\n";
fwrite($fh, $stringData);
fclose($fh);
echo '<meta http-equiv="refresh" content="2;url=';
echo $redirect;
echo '">';
echo '<strong>User Created.</strong><br>';
}
else if ($username_exists != 1 && $_REQUEST['register_passwd'] == "") {
echo '<meta http-equiv="refresh" content="2;url=';
echo $redirect;
echo '">';
unset($_SESSION['logged_in']);
echo '<font color="red"><strong>Password cannot be blank.</strong></font><br>';
}
else if ($username_exists != 1 && $_REQUEST['register_username'] == "") {
echo '<meta http-equiv="refresh" content="2;url=';
echo $redirect;
echo '">';
unset($_SESSION['logged_in']);
echo '<font color="red"><strong>Username cannot be blank.</strong></font><br>';
}
fclose($handle);
}
else {
echo '<meta http-equiv="refresh" content="2;url=';
echo $redirect;
echo '">';
unset($_SESSION['logged_in']);
echo '<font color="red"><strong>Passwords do not match. Please try again.</strong></font><br>';
}
}
else {
?>
<table class="password"><tr><td class="password_topbar">Create an account.</td></tr><tr><td><br>
<form action="login.php?register" method="post">
Login:<br>
<input type="text" name="register_username" size="15" maxlength="14" value=""><br><br>
Password:<br>
<input type="password" name="register_passwd" size="15" maxlength="14"><br><br>
Verify:<br>
<input type="password" name="register_verify" size="15" maxlength="14"><br><br>
<input type="submit" name="register_password" value="Create" class="btn">
</form>
</td></tr></table>
<?
}
foot();
}
else if (!isset($_SESSION['logged_in'])) {
head();
$redirect = $_SESSION['redirect'];
if (!file_exists($pwd)) {
if (isset($_REQUEST['passwd']) && isset($_REQUEST['passwd_verify']) && isset($_REQUEST['save_password'])) {
if ($_REQUEST['passwd'] == $_REQUEST['passwd_verify']) {
$fh = fopen($pwd, 'a+') or die("can't open file");
$stringData = $_REQUEST['username'] . '_' . md5($_REQUEST['passwd']) . "\n";
fwrite($fh, $stringData);
fclose($fh);
echo '<meta http-equiv="refresh" content="2;url=';
echo $redirect;
echo '">';
echo '<strong>User Created.</strong><br>';
}
else {
echo '<meta http-equiv="refresh" content="2;url=';
echo $redirect;
echo '">';
unset($_SESSION['logged_in']);
echo '<font color="red"><strong>Passwords do not match. Please try again.</strong></font><br>';
}
}
else {
$_SESSION['redirect'] = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
?>
<table class="password"><tr><td class="password_topbar">Create an account.</td></tr><tr><td><br>
<form action="login.php" method="post">
Login:<br>
<input type="text" name="username" size="15" maxlength="14" value=""><br><br>
Password:<br>
<input type="password" name="passwd" size="15" maxlength="14"><br><br>
Verify:<br>
<input type="password" name="passwd_verify" size="15" maxlength="14"><br><br>
<input type="submit" name="save_password" value="Create" class="btn">
</form>
</td></tr></table>
<?
}
}
else if (isset($_REQUEST['passwd']) && isset($_REQUEST['login'])) {
$handle = @fopen($pwd, "r");
if ($handle) {
while (!feof($handle)) {
$tmpstr = fgets($handle, 100);
$line[] = ereg_replace("\n", "", $tmpstr);
}
for ($i=0; $i < count($line); $i++) {
$pass_hash = strrev(strtok(strrev($line[$i]),_));
$login_hash = strtok($line[$i],'_');
if (md5($_REQUEST['passwd']) == $pass_hash && $_REQUEST['username'] == $login_hash) {
$_SESSION['logged_in'] = 1;
echo '<meta http-equiv="refresh" content="2;url=';
echo $redirect;
echo '">';
echo '<strong>Password Accepted</strong><br>';
break;
}
else if ($line[$i] == "") {
echo '<meta http-equiv="refresh" content="2;url=';
echo $redirect;
echo '">';
unset($_SESSION['logged_in']);
echo '<font color="red"><strong>Invalid Login Credentials.</strong></font><br>';
break;
}
}
}
fclose($handle);
}
else {
$_SESSION['redirect'] = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
?>
<table class="password"><tr><td class="password_topbar">Login Required:</td></tr><tr><td><br>
<form action="login.php" method="post">
Login:<br>
<input type="text" name="username" size="15" maxlength="14"><br><br>
Password:<br>
<input type="password" name="passwd" size="15" maxlength="14"><br><br>
<input type="submit" name="login" value="Login" class="btn">
</form>
</td></tr><? if ($registration == 1) { echo '<tr><td class="register"><a href="login.php?register">Register</a></td></tr>'; } ?></table>
<?
}
foot();
}
?>

Agradezco vuestro ayudas

,
Saludos,

BrujoNic · #2 (**permalink**) 03/02/2008, 23:24

Trasladado de BD a PHP. Favor no poner código de programación en BD.

Función de la sección de Base de Datos