Working on a log in script to my webpage
bedouglas at earthlink.net
Wed Mar 9 04:40:28 CET 2005
simply use google and search for "php scripts login user authentication
mysql session etc..."
these terms will give you lots of examples... you could also look at some of
the bulletin board/forum apps that are open source to se what they use. or,
you could also look through the code for some of the php content management
apps... of course, there are also the open source ecommerce solutions. all
of these types of apps have functionality to deal with the user
From: python-list-bounces+bedouglas=earthlink.net at python.org
[mailto:python-list-bounces+bedouglas=earthlink.net at python.org]On Behalf
Sent: Tuesday, March 08, 2005 6:26 PM
To: python-list at python.org
Subject: Re: Working on a log in script to my webpage
The 2 scripts I made is actually working the way they where meant to. So im
kindda happy :)
The problem is, that I didnt think about the problem: as Steve wrote:
"There are other matters of concern, however, the most pressing of which
is: How am I going to stop user from navigating directly to page1?"
Maybee I can find some premade feature, that prevents users to go to page1
without logging in. Any ideas as to where I can find some information about
Nice that you all take time to help a newbie, so thanks to the helpfull
> regarding the issue of creating a login (user/passwd) script... there are
> numerous example scripts/apps written that use php/mysql... i suggest that
> you take a look at a few and then incoporate the features that you want
> your script.
> from your questions, it seems like this approach will give you a
> better/faster solution to your problem.
> -----Original Message-----
> From: python-list-bounces+bedouglas=earthlink.net at python.org
> [mailto:python-list-bounces+bedouglas=earthlink.net at python.org]On Behalf
> Of Steve Holden
> Sent: Tuesday, March 08, 2005 4:02 PM
> To: python-list at python.org
> Subject: Re: Working on a log in script to my webpage
> Pete..... wrote:
>> Hi all I am working on a log in script for my webpage.
>> I have the username and the password stored in a PostgreSQL database.
>> The first I do is I make a html form, where the user can type in his
>> username and code, when this is done I want to run the
>> script(testifcodeisokay) that verifies that the code and username are the
>> right ones ( that means if they match the particular entered username and
>> password) If they are then I want to load page1 if they are not I want to
>> load the loginpage again.
>> Login page:
>> print '''<form action=testifcodeisokay.py'><br>
>> <p>Username:<br> <INPUT type="text" NAME="username">
>> <p>Code:<br> <INPUT type="text" NAME="code"></p>'''
>> print '''<p><input type=submit value='Submit'></p></form>'''
>> print '''</body> </html>'''
>> This works.
>> Here I store the entered text in the variables "username" and "code"
>> I then get the entered value by
>> testifcodeisokay script
>> connect = PgSQL.connect(user="user", password="password", host="host",
>> cur = connect.cursor()
>> form = cgi.FieldStorage()
>> username = form["username"].value
>> code= form["code"].value
>> I then want to test if they match the ones in the database
>> insert_command = "SELECT username, code FROM codetable WHERE
>> codetable.username = '%s' AND codetable.code = '%s' " %(username, code)
> This is an amazingly bad choice of variable name, since the command
> doesn't actually insert anything into the database!
>> I should then have found where the entered username,code (on the login
>> is the same as those in the database.
>> But now I am stuck.
>> Does any know how I can then do something like:
>> If the codes from the loginpage matches the users codes in the db
>> Then the user should be taken to page1
>> IF the codes arnt correct the login page should load again.
>> The program dosnt need to remember who the user is, after the user has
>> loggen in, it is only used to log the user in.
>> Thanks for your time..
> The Python you want is almost certainly something like
> if len(curs.fetchall()) == 1:
> # username/password was found in db
> although unless your database is guarantees to contain only one of each
> combination it might be better to test
> if len(curs.fetchall()) != 0:
> # username/password was found in db
> There are other matters of concern, however, the most pressing of which
> How am I going to stop user from navigating directly to page1?
> Answering this question will involve learning about HTTP session state
> and writing web applications. I could write a book on that subject :-)
More information about the Python-list