Get mysql username/password using php?

i have a login page, with a html form username & password & submit button. then I have the next page connect to the database. using mysql_connect('localhost', 'userName','passWord'); how do i have "userName" & "passWord" refer to the same as the one's entered in by the user?
Answer:

You do NOT. That is suicide, anyone breaking the script could then totally modify the data structure and the whole server could become one giant bank phishing scam or child porn distribution site. You need to set up a user with limited access to the database, definitely not with grant option, as a user for the web site. Then set a password for the user root as well. You then use the limited user details to log in to the database from the pages. Do NOT put any of the mysql connection or login details in any web readable page and definitely not in the .directory root of any site. ALWAYS put these details into an include file in a directory protected from public reading. And set constants for the user name and password, then ONLY use the constants to call the connection. Then for each user on the site you provide a method to store their user name and an ENCRYPTED copy of their chosen pasword in a table. When someone logs in the form needs to POST the login details and compare the user name and an encrypted copy of their typed password with the stored versions. NEVER have any user access direct to the database from the web pages. If your hosting company saw you do this they would kick you out.

Chris at Yahoo! Answers Visit the source

Was this solution helpful to you?

Other answers

colinc meant HASHED, not ENCRYPTED for passwords. You don't want to store ENCRYPTED passwords because that implies someone could DECRYPT them, which would have security implications. But, yeah, unless you are writing some remote database admin tool like PHPMyAdmin, you don't do that. (And PHPMyAdmin is a huge security problem itself. Don't go writing another one ;-)

Ratchetr

Related Q & A:

How To Build Business Directory Using Php Mysql?Best solution by Stack Overflow
Is it possible to allow a client/user to log into a Remote Desktop session using credentials other than their AD username/password? (for SSO?Best solution by Server Fault
how delete node in xml file using php?Best solution by Stack Overflow
How to read csv file using php?Best solution by Stack Overflow
How to get all amazon product in php?Best solution by Stack Overflow

Just Added Q & A:

How many active mobile subscribers are there in China?Best solution by Quora
How to find the right vacation?Best solution by bookit.com
How To Make Your Own Primer?Best solution by thekrazycouponlady.com
How do you get the domain & range?Best solution by ChaCha
How do you open pop up blockers?Best solution by Yahoo! Answers

For every problem there is a solution! Proved by Solucija.

Got an issue and looking for advice?
Ask Solucija to search every corner of the Web for help.
Get workable solutions and helpful tips in a moment.

Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.