Results 1 to 8 of 8

Thread: [RESOLVED] php / sql password question

  1. #1
    Join Date
    Feb 2010
    Grantham, UK

    resolved [RESOLVED] php / sql password question

    Hi. Am brand new to building server-side scripts and am trying to work out what I need to research next.

    I am wanting to add password access to my website with different users. I will also need a "sign up" page eventually, but that's a bit down the line.

    Have been told that SQL is best for databases, but most password access seems to be done with PHP.

    Is it a case of personal preference, or is it a combination of the two, and if so, which is the better one to study first?

    I know the answers may be "duh..." but have never looked into this before.

    Any help with be gratefully appreciated.
    Last edited by max2474; 03-11-2010 at 09:22 AM. Reason: should have read faq's.... :)

  2. #2
    Join Date
    Jan 2007
    The database is for storing data and performing logic closely related to data storage. This may or may not include 1-way encrypting passwords. Typically, it's a tiny bit more secure (and flexible) to perform password encryption in PHP.

    So, in your PHP script you might have snippets like this ...

    PHP Code:
    // creating a user

    $user mysql_escape_string($_POST['user']);
    $enc_pass sha1($_POST['pass']);
    $query "insert into users set user='{$user}', pass='{$enc_pass}'";
    if (
    mysql_query($query)) {
    // success actions
    } else {
    // failure actions

    PHP Code:
    // authenticating a user

    $user mysql_escape_string($_POST['user']);
    $enc_pass sha1($_POST['pass']);
    $query "select * from users where user='{$user}' and pass='{$enc_pass}'";
    if (
    $result mysql_query($query)) {
      if (
    $row mysql_fetch_assoc($result)) {
    // success actions
    } else {
    // no matching user actions
    } else {
    // failure actions

    ... things like, but not necessarily, that.
    Jon Wire

    thepointless.com | rounded corner generator

    I agree with Apple. Flash is just terrible.

    Use CODE tags!

  3. #3
    Join Date
    Nov 2008
    SQL is the name of the language used to interact with a DBMS (Database Management System). The most popular DBMS to be used with PHP is MySQL, so will probably want to get that installed if you haven't already.

    User management is almost always done with a combination of PHP and a DBMS. User details are stored in a database table, and PHP authenticates the supplied login details against these user details.

    I will say as a word of warning, user management systems tend to be an area where new programmers leave (sometimes massive) security holes. Please don't do the same as most people and go into this project thinking "if I can get it so it works I'll be happy". If it's not secure, it's broken.

    If you've just started you will first want to get the PHP basics sorted. Areas you probably want to look at are (securely) interacting with a MySQL database, string hashing, sessions, maybe cookies. Once you've done that (or even before), have a read of this and take note of its info when you design your system.
    The first rule of Tautology Club is the first rule of Tautology Club.

  4. #4
    Join Date
    Feb 2010
    Grantham, UK
    thanks for the info. Have just installed apache (xampp) and am suddenly a little lost...lmao. will take me a bit to work out what i am doing, then i can look at getting started with php.

    Have heard/read the same about security, so I am definately keeping that in mind.

    Intrestingly, the install gave me a USB stick option...does this mean I can install on here and have a portable "server" for programming website on different computers. (I use two comps at home, and need to be able to switch from one to the other.) Am not intending to use this to host my site, just for helping me programme it.

    Again, many thanks. Just about to read the security guide.

  5. #5
    Join Date
    Mar 2010
    if your just starting out, the AppServ open project is the easiest thing to get up and running locally on a windows machine.

  6. #6
    Join Date
    Jan 2007
    Are you hoping to gain experience working in an apache environment specifically? Or do you just need some web server?

    ... Windows comes with one (IIS) that works just fine.
    Jon Wire

    thepointless.com | rounded corner generator

    I agree with Apple. Flash is just terrible.

    Use CODE tags!

  7. #7
    Join Date
    Aug 2010

    sql password question

    Change sql sa password by using command prompt
    Open a command prompt (Start -> Run -> cmd)
    Type the follow commands, and press Enter after each line.
    Osql –S yourservername –E
    1>EXEC sp_password NULL, ’yourpassword’, ’sa’
    The yourservername is the name of your server, yourpassword is the new sql sa password.
    Other ways to reset sa password.

  8. #8
    Join Date
    Apr 2013
    Change SQL Server password by Windows Authentication. If Builtin/Administrator is present in SQL Server, you can login with an ID which is member of Administrators group and change sa password in SQL Server. Just do as follows:
    1. Login into SQL server using Windows Authentication.
    2. In Object Explorer, open Security folder, open Logins folder. Right Click on sa account and go to Properties.
    3. Type a new SQL sa password, and confirm it. Click OK to finish.
    After restarting SQL Server and all its servers, you can log into SQL Server by sa login with new SQL sa password.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
HTML5 Development Center



X vBulletin 4.2.2 Debug Information

  • Page Generation 0.10528 seconds
  • Memory Usage 2,927KB
  • Queries Executed 15 (?)
More Information
Template Usage (33):
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_global_above_footer
  • (1)ad_global_below_navbar
  • (1)ad_global_header1
  • (1)ad_global_header2
  • (1)ad_navbar_below
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)ad_thread_first_post_content
  • (1)ad_thread_last_post_content
  • (2)bbcode_php
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)headinclude_bottom
  • (8)memberaction_dropdown
  • (1)navbar
  • (4)navbar_link
  • (1)navbar_moderation
  • (1)navbar_noticebit
  • (1)navbar_tabs
  • (2)option
  • (8)postbit
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available (6):
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files (26):
  • ./showthread.php
  • ./global.php
  • ./includes/class_bootstrap.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/functions_navigation.php
  • ./includes/class_friendly_url.php
  • ./includes/class_hook.php
  • ./includes/class_bootstrap_framework.php
  • ./vb/vb.php
  • ./vb/phrase.php
  • ./includes/functions_facebook.php
  • ./includes/functions_calendar.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_notice.php
  • ./packages/vbattach/attach.php
  • ./vb/types.php
  • ./vb/cache.php
  • ./vb/cache/db.php
  • ./vb/cache/observer/db.php
  • ./vb/cache/observer.php 

Hooks Called (72):
  • init_startup
  • friendlyurl_resolve_class
  • init_startup_session_setup_start
  • database_pre_fetch_array
  • database_post_fetch_array
  • init_startup_session_setup_complete
  • global_bootstrap_init_start
  • global_bootstrap_init_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • load_show_variables
  • load_forum_show_variables
  • global_state_check
  • global_bootstrap_complete
  • global_start
  • style_fetch
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • strip_bbcode
  • friendlyurl_clean_fragment
  • friendlyurl_geturl
  • forumjump
  • cache_templates
  • cache_templates_process
  • template_register_var
  • template_render_output
  • fetch_template_start
  • fetch_template_complete
  • parse_templates
  • fetch_musername
  • notices_check_start
  • notices_noticebit
  • process_templates_complete
  • friendlyurl_redirect_canonical
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • memberaction_dropdown
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • build_navigation_data
  • build_navigation_array
  • check_navigation_permission
  • process_navigation_links_start
  • process_navigation_links_complete
  • set_navigation_menu_element
  • build_navigation_menudata
  • build_navigation_listdata
  • build_navigation_list
  • set_navigation_tab_main
  • set_navigation_tab_fallback
  • navigation_tab_complete
  • fb_like_button
  • showthread_complete
  • page_templates