Walkthrough One - PHP User Authentication

completed this section and I want to notify you mates that the code for a more secured password should be:

Language: HTML
 <INPUT TYPE = ';password'; Name =';password';  value="<?PHP print $pword;?>" maxlength="16">
not 
 <INPUT TYPE = ';TEXT'; Name =';password';  value="<?PHP print $pword;?>" maxlength="16">

This is because passwords needs to be secured and the second code renders it in an unsecured manner.

Thanks for this info will try

My pleasure 77497090.

Thanks 77553055 for the info
Im currently using that structure in the login form

Language: PHP
<label for="password"> Password: </label><input type="password" class="inputbox" name="password" id="password" maxlength="16">

I have completed this section.

Enjoyable chapter for me.done with this one,any one who needs help on this just shout

owned this section

Completed this section

I have completed this section with the step-by-step lessons from http://www.phpeasystep.com

I have completed this walkthrough

Completed this section

Finished this chapter.

I have completed this section!

One way of sanitising input is typecasting. Taking a SQL example, allowing the users to specify an offset to display data. In a query something like this:

Language: PHP
<?php
// code...
$sql = ';SELECT id,title FROM news LIMIT ';.$_GET[';offset';].';,10';;
$result = mysql_query($sql);
// more code...
?>

We could use the same function as before to sanitise this $_GET variable, but it is more appropriate to use typecasting to force it to be an integer. We can do this using intval() taking a variable and returning its value as an integer. So, a string "14" will become the number 14, and any input that is not numeric will become 0, making the input safe to work with.

Language: PHP
<?php
// code...
$sql = ';SELECT id,title FROM news LIMIT ';.intval($_GET[';offset';]).';,10';; // sanitised input
$result = mysql_query($sql);
// more code...
?>

A PHP class that allows validation of email addresses via SMTP.

Email Syntax can check whether an email address has a valid format, however, in order to check if the email address actually exists, you will have to query the email domain for the existence of the email address.

The PHP class encapsulates the SMTP, between the remote domain, as well as the DNS lookup for the Mail Transfer Agent (MTA) responsible for that domain.

The class can take a number of email addresses, and return whether they are valid or not. It will group together emails with the same domain, and create a single SMTP connection to the MTA for those emails for efficiency.

This class is meant to be a secondary validation of an email address after the email syntax is validated. It can also provide intermediate email validation before sending a confirmation email to the email address, which does not provide user feedback if the email is invalid - and thus loss of users.

Example of the above to validate a single email address:

Language: PHP
// include SMTP Email Validation Class
require_once(';smtp_validateEmail.class.php';);
// the email to validate
$email = ';user@example.com';;
// an optional sender
$sender = ';user@mydomain.com';;
// instantiate the class
$SMTP_Validator = new SMTP_validateEmail();
// turn on debugging if you want to view the SMTP transaction
$SMTP_Validator->debug = true;
// do the validation
$results = $SMTP_Validator->validate(array($email), $sender);
// view results
echo $email.'; is ';.($results[$email] ? ';valid'; : ';invalid';)."\n";
// send email?
if ($results[$email]) {  
  //mail ($email, ';Confirm Email';, ';Please reply to this email to confirm';, ';From:';.$sender."\r\n"); // send email
} else {  
  echo ';The email addresses you entered is not valid';;
}

An example to validate multiple email addresses:

Language: PHP
// include SMTP Email Validation Class
require_once(';smtp_validateEmail.class.php';);
// the email to validate
$emails = array(';user@example.com';, ';user2@example.com';);
// an optional sender
$sender = ';user@yourdomain.com';;
// instantiate the class
$SMTP_Validator = new SMTP_validateEmail();
// turn on debugging if you want to view the SMTP transaction
$SMTP_Validator->debug = true;
// do the validation
$results = $SMTP_Validator->validate($emails, $sender);
// view results.
foreach($results as $email=>$result) {        
   // send email?   if ($result) {    //mail($email, ';Confirm Email';, ';Please reply to this email to confirm';, ';From:';.$sender."\r\n"); // send email 
 } else {    
  echo ';The email address ';. $email.'; is not valid';; 
 }
}

Completed this section

Done.

That's really interesting to know how to validate an e-mail address by validating the domain.
I've worked on basic web sites before, and the php course is by far the most advanced I've gone on computer courses.
i'm really keen to learn a lot more.
I've completed this section, and some parts of the coding i found are more difficult to remember than to understand.
Thanks for the examples, it's giving me quite a lot of insight of certain factors to take note of.