4 Replies Latest reply on Nov 27, 2009 1:37 PM by meezone

    Login with username only!

    meezone

      Hello,

       

      i built a login system (ADDT) with php and MySQL.

       

      I like the users to login with their username only! I tried to set the password field to type = 'hidden' and the value of the password is the same as the username. This works but you have to click two times the submit-button.

       

      Does anybody know whats wrong or another possibility?

       

      Thanks alot!

        • 1. Re: Login with username only!
          James_PT Level 1

          Sounds like you are setting their password to equal their userid but that the code used to do this is being executed after ADDT runs the query to see if the username and password combination are in the table.  They aren't (because your code hasn't executed yet), then after ADDT's query comes back with invalid password, your code runs and the password is then set to your userid.  Now when you click the second time, the password is set and it works.

           

          Not sure why you would want someone to gain access only with a userid.  This seems to be a security risk.  Someone can put in anyone's userid (they are easy to figure out), and masquerade as that user.

           

          If you are doing even minor things, like sending email messages, it could be embarassing if they log in as someone else.

           

          J

          • 2. Re: Login with username only!
            meezone Level 1

            in this case we want to keep the barrier as low as possible. Is there a way to get around the password field?

            • 3. Re: Login with username only!
              James_PT Level 1

              If the password field will never be used, just make it a hidden field and set the initial value to NULL, or some literal.  Then in your database, set the default value of the field to be the same, NULL or some literal.  They will always equal and you can automatically pass the password check.  A literal may be easier.  If you use NULL, be aware that the value actually sent by the screen in the transaction may be blank, not NULL.

               

              You can display the value of the field by coding an echo statement followed by an exit statement in PHP and placing it in your code:

               

              <?php

                echo passwordfield;

                exit;

              ?>

               

              This will display the value on your screen and then halt any further processing, but you probably know all of this.

               

              J

              • 4. Re: Login with username only!
                meezone Level 1

                thanks!