Search the Community

Greetings beloved Gurus! I would like some advice on how to go about creating a PHP registration/login system that grants access to all services on a website that has various sections, much like Google; e.g. I have got a Gmail account and subsequently been granted access to all of Google's services like Blogger, Youtube etc. Now I would like to do the same with my website, and grant the users access to all the services with one account registration. I am fairly new to PHP, I have only been tinkering around with it for five months now. I hope my question is not ambiguous or too broad, I need help with how I should approach this, so any pointers with regards to the structure of the database, frameworks, resources, and anything I should take into account would be much appreciated. I am ready to jot down your suggestions. Thank you!

hello so i am making a registration page using html and php, i need to make the information send to mysql that i made with table but i never made select statements..i am not sure on how to make it i need help i am new to this so please bare with me. So I this code to connect to mysql none I am not sure how to fix it i know there must be a problem with the code for the submit line and with the isset. I got them from another user but made minor changes to fit my database. My database has 2 tables one named UserAccount with the information listed in the registration page and then another table named Cart for purchases to be made. Please if you can help me with my code or if you see other errors i think i might have an error with my php where i put firstName, and etc. and if you know any other material or links that would help me for making product information and a cart send to a database if you can share it, im trying but having many issues

I have been developing a php web site. I have been trying to follow suggested best practices. I am running ubuntu minimalist install, and installed the following packages: nginx php5 php5-fpm postgresql phppgadmin php5-gd I have nginx up and running instead of apache.I have done some basic configuration for nginx.got my vhost setup and linked. and I am now able to browse my php pages on my local test machine running ubuntu. I have created my postgre database, and have a user setup. So I am to the point that I wanted to create a page to register/login/change password. I searched and found http://stackoverflow...asswords-safely it was posted back in 2010, it links to this guide using phpass: http://www.openwall....Users-Passwords The guide/tutorial was created using Mysql, I have been swapping out functions to their equivalent postgresql functions using the postgresql documentation. I modified the guide to the point that I can create new users in my postgre database. When I got to the point "How to authenticate existing users" I hit a snag. mysql version from guide: } else { $hash = '*'; // In case the user is not found($stmt = $db->prepare('select pass from users where user=?'))|| fail('MySQL prepare', $db->error);$stmt->bind_param('s', $user)|| fail('MySQL bind_param', $db->error);$stmt->execute()|| fail('MySQL execute', $db->error);$stmt->bind_result($hash)|| fail('MySQL bind_result', $db->error);if (!$stmt->fetch() && $db->errno)fail('MySQL fetch', $db->error); if ($hasher->CheckPassword($pass, $hash)) {$what = 'Authentication succeeded';} else {$what = 'Authentication failed';}unset($hasher);} my version: } else { $hash = '*'; // In case the user is not foundpg_prepare($dbconn, "quser", 'SELECT pass FROM users WHERE pk_users=$1') or fail('pg_prepare failed ',pg_last_error($dbconn));$hashx = pg_execute($dbconn, "quser", array($user)) or fail('pg_execute failed ',pg_last_error($dbconn));$hash = pg_fetch_result($hashx, 1, 'pass'); if (!$hash && pg_last_error($dbconn))fail('pg_execute failed.2 ',pg_last_error($dbconn)); if ($hasher->CheckPassword($pass, $hash)) {$what = 'Authentication succeeded';} else {$what = 'Authentication failed';$op = 'fail'; // Definitely not 'change'} I think it has to do with bind_result($hash) I used $hashx = pg_execute() I assumed it would take the results of pg_execute() and store it in the $hashx variable, and I thought that was what bind_result($hash) was doing in the mysql example. here is the error from the server logs: 2013/02/15 19:01:12 [error] 16860#0: *1 FastCGI sent in stderr: "PHP message: PHP Warning: pg_fetch_result(): Unable to jump to row 1 on PostgreSQL result index 5 in ..../testing.com/public/inc/user-man.php on line 91" while reading response header from upstream, client: 192.168.1.150, server: testing.com, request: "POST /inc/user-man.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "testing.com", referrer: "http://testing.com/inc/user-man.html" Also if anyone has any input weather or not this is still best practice for user registration/password security, please let me know. In addition to having a good user/password system I know that I am going to need to recheck my configuration for both nginx and postgresql to make sure everthing is locked down and secure, as well as user permissions, I have not looked for any info/guides on any of this yet. Thanks so much for any responses, I appreciate it.

Hello everyone, sorry for the dull title. Couldn't think of anything better. So this is my problem.I was using a registration form for teachers and one for students. There are ten fields in each, first name, last name, username, password, etc being similar whereas departments (teachers have 7, students have 3) and email ids (teachers have a different domain extension and students different) being different. I am using two tables, one for teachers and one for student.Now, I know I can use one login form, query against these two tables using the JOIN property and make them login. But I want to know if this method is efficient because two tables are being used.Or is this method more efficient: In the reg form, I put a radio button to select teacher or student and depending on what one chooses the remaining fields change, i.e, if I choose teacher, 7 departments show up or if I choose student only 3 of them show up. In this way, I have to use one table only, atleast I guess so.Or another possibility is I use two tables but two login forms, one for teacher and one for student, I know this is the easy way out but being a Comp Sci student I want to choose the efficient method of all.P.S: The teacher's role is going to be completely different from the student's in the site. And there will be lot of activities for the teachers and students, they are completely different. Will maintaining one table be a good bet?Thank you.