Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    Senior Coder
    Join Date
    May 2005
    Posts
    2,137
    Thanks
    96
    Thanked 72 Times in 72 Posts

    Verification before changes

    I learned how to do this on my own, and would like to share my knowledge with you. Use this in your administrator control panels. When you have a MD5 hash on your passwords, it will check if what you type in matches the current password of that user.

    So in short, let's say you leave your websites admin panel up, and went to the bathroom and your brother or sister jumps on the computer and wants to screw everything up. Well it will deny any changes until your password is typed in.

    This is setup to have multi admin accounts.

    STEP ONE: Make your form.
    PHP Code:
    echo '<h2>Verification</h2>Please enter your current password to make changes.<br /><br />';

    echo 
    '<center><b>Current Password:</b> <input type="password" name="okpass" maxlength="12" value=""><br /><br /><input type="submit" name="submit" value="Make Changes"></center>'
    STEP TWO: Add your user database info inside the POST submit.
    PHP Code:
    if ($_POST['submit']) {
     
    $users mysql_query("SELECT * FROM users WHERE id='".$_SESSION['user_id']."'");
     
    $userrow mysql_fetch_array($users); 
    STEP THREE: Add the following variables under step two.
    PHP Code:
    $okpass $_POST['okpass'];
     
    $oldpass md5($okpass); 
    STEP FOUR: Check if md5 passwords match.
    PHP Code:
    if ($oldpass == $userrow['password'])
     {
       echo 
    'Password Authentication Completed Successfully.<br /><br />Settings Updated.';

    STEP FIVE: Add an else if its denied.
    PHP Code:
    else {
       echo 
    'Password Authentication Invalid.<br /><br />Invalid Hashing Information Protocol.';
     } 

    I believe that is everything, if anyone finds a problem, I will revise it and review the code more carefully. I am pulling it out of my admin.php script, but after double checking, will work perfectly.
    Attached Thumbnails Attached Thumbnails Verification before changes-show1.jpg   Verification before changes-show2.jpg   Verification before changes-show3.jpg  
    Last edited by masterofollies; 12-29-2009 at 04:35 AM.
    Rowsdower! has accused me of having mental problems, and the administrator allowed it. What a great forum huh?

  • #2
    Regular Coder
    Join Date
    Nov 2009
    Location
    Hamilton, New Zealand
    Posts
    126
    Thanks
    0
    Thanked 17 Times in 17 Posts
    Nice script. Get rid of:

    PHP Code:
    $oemail $_POST['newemail']; 
    Affordable Web Design (New Zealand Based)
    Internet Marketing Guru
    PHP/mySQL Expert
    -------------------------------------------

  • #3
    Senior Coder
    Join Date
    May 2005
    Posts
    2,137
    Thanks
    96
    Thanked 72 Times in 72 Posts
    Edited

    Sorry that was a part of my admin panel for changing to a new email address. Everything should be perfect now.
    Rowsdower! has accused me of having mental problems, and the administrator allowed it. What a great forum huh?


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •