Matthew M.

Matthew M.

User Authentication

Slide Duration:

Table of Contents

Section 1: Advanced PHP with MySQL
Course Introduction

13m 36s

Intro
0:00
Advanced PHP w/ MySQL
0:13
Course Introduction
0:14
Course Content
0:59
Web Application: Educator Store
1:45
Web Application: Educator Store
1:46
Object-Oriented Programming
6:09
Object-Oriented Programming Overview
6:10
MySQL
6:50
MySQL Overview
6:51
Example: Command Prompt & MySQL
8:34
What You Will Learn
9:34
What You Will Learn
9:35
Course Prerequisites
11:52
Course Prerequisites
11:53
Advanced Course Development Environment

18m 46s

Intro
0:00
Lesson Overview
0:11
Lesson Overview
0:12
Development Environment Setup
1:36
Firefox Web Browser, XAMPP, and PSPad Text Editor
1:37
Course Directory Structure
4:36
Course Directory Structure
4:37
phpDocumentor
7:23
phpDocumentor Overview
7:24
Parsing Source Code
7:44
docs Subdirectory
9:06
Asvanced PHP Course Documentation Example
10:21
Previous Educator PHP Students
14:14
Lib Directory Changes
14:38
Images Directory Changes
14:57
VERSION Constant
15:40
Comments Noting a Specific Version Number
17:04
Homework Challenge
17:30
Homework Challenge
17:31
Introduction to File I/O

35m 37s

Intro
0:00
Lesson Overview
0:10
Lesson Overview
0:11
File I/O
1:34
File I/O Overview
1:35
Performing file I/O: 3 Steps
1:52
File Permissions
2:28
Read Permission & Write Permission
2:29
fopen()
4:47
fopen()
4:48
Two Required Parameters
5:01
Successful fopen(): File Handle and Resource
5:21
FALSE and E_WARNING Error
6:00
Example
6:39
File Paths
7:10
File Paths
7:11
File Access Modes
9:18
File Access Modes
9:19
Coding Example: fopen()
10:31
Using Relative and Absolute Path & Non-Existent File
10:32
File Pointers
15:55
File Pointers
15:56
Example File
16:11
Opening a File with fopen() Using 'r' as the Access Mode
16:22
fgets()
17:55
fgets() Overview
17:56
Coding Example: fgets() - Reading a Line at a Time
18:26
feof()
20:10
feof() Overview
20:09
Coding Example: feof()
20:50
fclose()
23:43
fclose() Overview
23:44
Coding Example: fclose()
25:02
Coding Example: Current Stock
26:10
Coding Example: Current Stock
26:11
trim ()
31:39
trim () Overview and Example
31:40
Homework Challenge
33:35
Homework Challenge
33:36
Web Application Development

36m 36s

Intro
0:00
Lesson Overview
0:16
Lesson Overview
0:17
Version 1.0 Changelog
0:31
catalog.php
0:32
Function Library: fileLIB.php
5:00
Version 1.1 Changelog
27:12
createItemDataArray() and createDeptDataArray()
27:13
outputSimpleItemLink() and outputSimpleDeptLink()
32:06
HTTP & the POST Method

34m 36s

Intro
0:00
Lesson Overview
0:10
Lesson Overview
0:11
HTTP Model
1:28
HTTP Model
1:29
Client-Server Model 2 Steps Process
2:00
HTTP Messages
2:23
HTTP Messages
2:24
HTTP Requests
3:09
HTTP Requests
3:10
Example: HTTP Request Header
3:17
Coding Example: HTTP Requests
4:29
HTTP Responses
7:15
HTTP Responses
7:16
Example: HTTP Response (Header & Body)
8:00
header()
11:47
header() Overview
11:48
Coding Example: header
14:02
Coding Example: header() Error
14:52
GET Method
18:55
GET Method
18:56
Coding Example: GET Method
20:13
POST Method
21:09
POST Method
21:10
Coding Example: Sample Form Using the POST Method
23:50
Accessing POST Data in PHP
26:38
Accessing POST Data in PHP
26:39
Coding Example: Accessing POST Data via $_POST
28:15
GET vs. POST
29:54
GET vs. POST
29:55
Example: Accessing POST Data via $_POST
31:20
Example: Accessing POST Data via $_POST
31:21
Homework Challenge
33:00
Homework Challenge
33:01
Web Application Development

14m 11s

Intro
0:00
Version 2.0 Changelog
0:09
Updating the Site's Current Form to Use the POST Method
0:10
Creating Admin Website
2:55
Dynamically Generated Department List
12:40
Writing to Files

17m 38s

Intro
0:00
Lesson Overview
0:09
Lesson Overview
0:10
Review of File I/O
0:40
Review of File I/O
0:41
fwrite()
1:38
fwrite()
1:39
fputs()
2:20
'r+'
2:31
Coding Example: fwrite()
2:59
fopen() Access Modes
8:41
'a' and 'a+'
8:42
'w' and 'w+'
11:34
Homework Challenge
14:47
Homework Challenge
14:48
Web Application Development

28m 14s

Intro
0:00
Lesson Overview
0:08
Lesson Overview
0:09
Updated Open File Functions
0:19
openItemsDataFile ( ), openDeptsDataFile ( ), and openLastAddedFile ( )
0:20
insertItem()
6:25
insertItem() Overview
6:26
Functions: createItemDataString ( ) and updateLastItemAdded ( )
7:07
addItemToDepartment ()
16:03
addItemToDepartment () Overview
16:04
Functions: createDeptDataString ( ) and updateDepartment ( )
17:55
HTTP POST: File Uploads

22m 51s

Intro
0:00
Lesson Overview
0:10
Lesson Overview
0:11
POST Data Encoding
1:13
POST Data Encoding
1:14
When Data is Included in the Body of the HTTP POST Request and is of the Content Type
1:31
When Uploading Files Using HTTP POST
3:17
Uploading Files
6:22
Uploading Files
6:23
If Encoding Type is Not Set to Multipart/Formdata
9:27
$_FILES Superglobal
10:59
$_FILES Superglobal
11:00
Structure of $_FILES
12:15
Structure of $_FILES: Name, Type, tmp_name, Error, and Size
12:16
Coding Example: $_FILES Superglobal
13:34
Moving an Uploaded File
15:39
Introduction to Moving an Uploaded File
15:40
move_uploaded_file ( ): Definition and Example
16:40
Homework Challenge
21:19
Homework Challenge
21:20
Web Application Development

15m 30s

Intro
0:00
Lesson Overview
0:09
Lesson Overview
0:10
Uploading Item Image File
1:22
Uploading Item Image File
1:23
Uploading Item Image File (cont.)
2:43
Altering insertItem ( )
2:44
Helpfer Functions: getFileExtension ( ) and moveUploadedFile ( )
4:30
isValidItem ( )
13:03
Introduction to Object-Oriented Programming

32m 44s

Intro
0:00
Lesson Overview
0:11
Lesson Overview
0:12
Object-Oriented Programming
0:56
Introduction to Object-Oriented Programming
0:57
Associative Arrays
5:27
Associative Arrays
5:28
Classes
7:27
Classes Overview
7:28
Defining Classes
8:24
Defining Classes
8:25
Declaring Class Properties
9:25
Coding Example: Classes
10:11
Objects
12:18
Objects Overview
12:19
Classes vs. Objects
12:49
Classes vs. Objects
12:50
Instantiating Classes
14:58
Instantiating Classes
14:59
Coding Example: Instantiate an Item Object
16:30
Object Properties
19:21
Access and Set an Object's Property
19:22
Coding Example: Set & Access the Properties of an Item Object
24:23
Homework Challenge
30:22
Homework Challenge
30:23
Web Application Development

17m 47s

Intro
0:00
Lesson Overview
0:11
Lesson Overview
0:12
Version 5.0 Overview
0:50
Version 5.0 Overview and Examples
0:51
Outputting Object Properties
12:38
Outputting Object Properties
12:39
Array Object Properties
14:18
Access and Set Array Value
14:19
Object Methods

39m 57s

Intro
0:00
Lesson Overview
0:12
Lesson Overview
0:13
Object Methods
0:52
Definition of Object Methods
0:53
Calling Object Methods
3:25
Calling Object Methods
3:26
Coding Example: Simple Object Methods
4:44
Object Methods and Return Values
7:02
$this Variable
10:06
$this Variable: Definition and Example
10:07
$this Variable (cont.)
15:51
$this Variable (cont.)
15:52
Getters & Setters
21:21
Getters & Setters Methods
21:22
Object Methods In Strings
25:46
Object Methods In Strings
25:47
Coding Example: Outputting Method Return Values in Strings
27:41
Using $this to Call Other Methods
28:49
Using $this to Call Other Methods
28:50
Homework Challenge
34:18
Homework Challenge: 1-3
34:19
Homework Challenge (cont.)
36:20
Homework Challenge: 4-6
36:21
Homework Challenge (cont.)
37:52
Homework Challenge: 7-10
37:53
Web Application Development

17m 30s

Intro
0:00
Lesson Overview
0:11
Lesson Overview
0:12
Version 6.0 Overview
0:40
Version 6.0 Changes & Examples
0:41
Item Methods
0:53
Item Class Definition: getImageFilename()
0:54
Coding Example: getImageFilename()
1:58
Department Methods
7:33
addItem(), removeItem(), and isItemInDept() Method
7:34
addItemtToDepartment() & buildDeptObject() Functions
11:46
A Default Value Needed to Be Set for $items
16:26
Object Constructors

22m 20s

Intro
0:00
Lesson Overview
0:11
Lesson Overview
0:12
Object Constructors
0:32
Introduction to Object Constructors
0:33
Coding Example: Object Constructors
1:43
Defining Constructors
3:26
Defining Constructors
3:27
Coding Example: Constructors with No Arguments
4:24
Constructor Arguments
8:09
Constructor Arguments
8:10
Coding Example: Constructor Arguments
9:49
Important Notes
16:13
Important Notes
16:14
Homework Challenge
17:35
Homework Challenge: 1 - 4
17:36
Homework Challenge (cont.)
19:13
Homework Challenge: 5 - 9
19:14
Homework Challenge (cont.)
21:40
Homework Challenge: 10 and 11
21:41
Web Application Development

16m 19s

Intro
0:00
Lesson Overview
0:11
Lesson Overview
0:12
Version 7.0 Overview
0:39
Version 7.0 Overview
0:40
Item Constructor
2:19
Item Constructor
2:20
Department Constructor
7:47
Department Constructor
7:48
Customer Constructor
12:23
Customer Constructor
12:24
More Magic Methods

53m 37s

Intro
0:00
Lesson Overview
0:13
Lesson Overview
0:14
Magic Methods
1:12
Magic Methods
1:13
Destructors
2:45
Destructors Overview
2:46
Coding Example: Calling Destructors
4:30
Coding Example: Object Destructor
9:19
_to String ()
16:12
_to String () Overview
16:13
Coding Example: _to String () Magic Method
18:10
Access Modifiers
21:23
Introduction to Access Modifiers
21:24
Access Modifiers: Public
21:39
Access Modifiers: Private
22:18
Access Modifiers: Protected
22:41
Object Properties and Methods
23:06
Coding Example: Public Access Modifiers
26:48
Coding Example: Private Access Modifiers
28:30
_get()
31:37
_get() Overview
31:38
Coding Example: _get () Magic Method
33:30
_set ()
36:23
_set () & the Magic Method
36:24
Using Getters & Setters
44:37
Coding Example: Using Getters & Setters
44:38
Homework Challenge
50:33
Homework Challenge: 1 - 6
50:34
Homework Challenge (cont.)
51:41
Homework Challenge: 7 - 12
51:42
Web Application Development

31m 12s

Intro
0:00
Version 8.0 Review
0:12
Version 8.0 Review
0:13
private Object Properties
1:15
private Object Properties
1:16
Coding Example
2:54
_toString() Methods
6:51
_toString() Methods
6:52
Coding Example
8:09
DataFile Class
13:27
DataFile Class & I/O Operations
13:28
Using DataFile Class: Instantiate a DataFile, DataFile open () Method, and DataFile close () Method
18:09
Homework Challenge
29:35
Homework Challenge
29:36
Classes vs. Objects

37m 49s

Intro
0:00
Lesson Overview
0:09
Lesson Overview
0:10
Class vs. Object Review
0:58
Class vs. Object Review
0:59
Static Properties
2:42
Static Properties
2:43
Scope Resolution Operator (::)
5:26
Scope Resolution Operator (::) & Static Property
5:27
Coding Example: Accessing a Static Property Using the Scope Resolution Operator
7:57
Coding Example: Accessing a Static Property in a Class Definition
10:33
Coding Example: Using a Static Property as an Instance Counter
14:18
Static Methods
18:51
Static Methods Overview
18:52
Coding Example: Static Methods
21:39
Classes vs. Objects
26:28
Classes vs. Objects: Diagrams
26:29
Class Constants
30:24
Class Constants Definition
30:25
Coding Example: Using Class Constants
31:55
Homework Challenge
34:01
Homework Challenge: 1 - 5
34:02
Homework Challenge (cont.)
35:25
Homework Challenge: 6 - 10
35:26
Web Application Development

21m 7s

Intro
0:00
Version 9.0 Overview
0:12
Version 9.0 Changes & Examples
0:13
Output Class
1:08
Output Class & Static Methods
1:09
outputHtmlSelector ( ) Method
2:43
outputItemSelector ( ) Method
4:53
outputDeptSelector ( ) Method
6:42
buildObject() Methods
11:54
buildObject() Methods & Examples
11:55
Exceptions

22m 43s

Intro
0:00
Lesson Overview
0:12
Lesson Overview
0:13
try Blocks
0:44
try Blocks Definition
0:45
catch Blocks
2:03
catch Blocks: Definition and Syntax
2:04
Coding Example: try/catch Blocks
3:48
When an Exception Object is Caught & Error Handling
5:59
Exception Class
7:02
Exception Class
7:03
Coding Example: Using try/catch to Catch an Exception Thrown from a Method
8:04
Re-Throwing Exceptions
16:39
Re-Throwing Exceptions
16:40
Coding Example: Re-throwing an Exception
17:21
Homework Challenge
20:40
Homework Challenge: 1 - 5
20:41
Homework Challenge (cont.)
22:17
Homework Challenge: 6
22:18
Web Application Development

22m

Intro
0:00
Version 10.0 Overview
0:11
Updating addItem.php, addItemToDept.php, and error.php
0:12
Updating DataFile Class: open ( ) Method & try/catch blocks
7:45
Version 10.1 Overview
13:37
Version 10.1 Changes & Examples
13:38
Updating DataFile Class: close ( ) Method & logWarning ( )
20:17
Cookies

39m 47s

Intro
0:00
Lesson Overview
0:09
Lesson Overview
0:10
What is a Cookie?
1:15
Definition of Cookie
1:16
HTTP - A Stateless Protocol
2:17
HTTP - A Stateless Protocol
2:18
Purpose of Cookies
4:10
Set - Cookie Header
6:21
Introduction to Set - Cookie Header
6:22
Coding Example: Set - Cookie Header
7:38
Cookie Header
9:45
Introduction to Cookie Header
9:46
Example: Cookie Header
10:27
setcookie()
12:33
Introduction to setcookie()
12:34
Example: Using setcookie
13:54
Cookies Attributes
15:48
Cookies Attributes Overview
15:49
Common Cookies Attributes: Domain
16:24
Common Cookies Attributes: Path
17:04
Common Cookies Attributes: Expires
19:34
Coding Example: Setting Cookie Attributes
20:58
$_COOKIE Superglobal
27:03
$_COOKIE Superglobal
27:04
Coding Example: Accessing Cookies from PHP Using $_COOKIE
29:45
Security Implications
34:44
Security Implications
34:45
Homework Challenge
36:10
Homework Challenge: 1 - 4
36:11
Homework Challenge (cont.)
37:47
Homework Challenge: 5 - 7
37:48
Web Application Development

39m 11s

Intro
0:00
Lesson Overview
0:17
Lesson Overview
0:18
instanceof Operator
1:34
instanceof Operator
1:35
Objects with Object Properties
2:53
Objects with Object Properties
2:54
Version 11.0 Overview
6:41
Version 11.0 Changes: Cart and CartItem Classes
6:42
Version 11.0 Coding Example
10:40
Version 11.1 Overview
31:03
Version 11.1 Changes & Examples
31:04
Introduction to Sessions

46m 8s

Intro
0:00
Lesson Overview
0:08
Lesson Overview
0:09
What is a Session?
0:53
What is a Session?
0:54
Client-Side Sessions
3:51
Client-Side Sessions
3:52
Server-Side Sessions
5:04
Server-Side Sessions
5:05
Session IDs
6:26
Session IDs
6:27
The SID is Used by the Server to:
7:08
A Client Passes an SID to the Server with Each HTTP Request Via:
8:15
Sessions in PHP
12:19
Sessions in PHP
12:20
session_start()
14:40
session_start() Overview
14:41
Coding Example: Using session_start () to Continue a Session
18:03
$_SESSION Superglobal
22:06
$_SESSION Superglobal Overview
22:07
Coding Example: Setting a Session Variable via $_SESSION
25:22
Accessing Session Data
28:08
Accessing Session Data
28:09
Deleting Session Data
31:43
Deleting Session Data
31:44
Coding Example: Deleting Session Data
32:16
Configuring PHP Sessions
36:14
session.cookie_lifetime, session.cookie_domain, and session.cookie_path
36:15
Coding Example: Configuring PHP Sessions
37:28
Configuring PHP Sessions (cont.)
40:56
session.use_cookies, session.use_trans_sid, and session.use_only_cookies
40:57
Coding Example: Configuring PHP Sessions
42:25
Homework Challenge
42:55
Homework Challenge: 1 - 5
42:56
Homework Challenge (cont.)
44:10
Homework Challenge: 6 - 10
44:11
Homework Challenge (cont.)
45:27
Homework Challenge: 11 - 13
45:28
Web Application Development

11m

Intro
0:00
Version 12.0 Overview
0:12
Version 12.0 Changes Part I: Updating 'viewCart.php' & 'checkout.php'
0:13
Version 12.0 Changes Part II
5:03
Destroying Sessions

29m 59s

Intro
0:00
Lesson Overview
0:12
Lesson Overview
0:13
Destroying Sessions
1:02
Destroying Sessions
1:03
session_destroy()
2:10
session_destroy() Overview
2:11
Coding Example: Setting a Session Variable and Destroying a Session
3:18
Deleting Session Cookies
8:38
Deleting Session Cookies
8:39
Coding example: Deleting Session Cookies
9:17
Review of Steps
21:07
Review of Steps
21:08
Garbage Collection
21:50
Garbage Collection Overview
21:51
Coding Example: Garbage Collection
24:30
Homework Challenge
26:28
Homework Challenge: 1 - 4
26:29
Homework Challenge (cont.)
28:16
Homework Challenge: 5 - 9
28:17
Web Application Development

19m 14s

Intro
0:00
Lesson Overview
0:13
Lesson Overview
0:14
_autoload()
0:46
Introduction to _autoload ()
0:47
Version 13.0 Overview
4:06
_autoload () and SessionManager Class
4:07
Updating 'viewCart.php' & 'checkout.php'
11:16
Introduction to Databases

21m 24s

Intro
0:00
Lesson Overview
0:16
Lesson Overview
0:17
Flat Files
1:09
Flat Files: Definition and Example
1:10
Problems Associated with Using Flat Files as a Database
2:15
Relational Databases
3:29
Relational Databases
3:30
Relational Database Management System (RDBMS)
3:50
Tables
7:43
Tables
7:44
Columns
9:24
Columns
9:25
What is SQL?
10:45
Introduction to Structured Query Language
10:46
Standard Data Types of SQL
12:23
Primary Keys
13:19
Primary Keys
13:20
Primary Key Examples
16:36
Primary Key Examples
16:37
Introduction to MySQL

28m 11s

Intro
0:00
Lesson Overview
0:11
Lesson Overview
0:12
What is MySQL?
1:33
MySQL
1:34
MySQL Monitor
5:16
MySQL Monitor Overview
5:17
XAMPP & MySQL
5:58
In the MySQL Command: hostname, username and -p
7:05
Connecting to a MySQl Server
9:52
Connecting to a MySQl Server
9:53
Using MySQl Monitor
13:48
Using MySQl Monitor
13:49
GRANT Command
15:10
GRANT SQL Command
15:11
Privileges & Objects
18:18
Username, Hostname, and Password
19:37
Specifying Objects
20:05
Creating a PHP User Account
21:41
Creating a PHP User Account Overview
21:42
Meaning of all & *.*
23:35
Example: Creating a PHP User Account
23:48
Required Homework
26:27
Required Homework: 1 - 5
26:28
Required Homework (cont.)
27:28
Required Homework: 6
27:29
Creating Databases & Tables

23m 1s

Intro
0:00
Lesson Overview
0:08
Lesson Overview
0:09
Creating a Database
1:40
Introduction to Creating a Database
1:41
Example: Creating a Database
3:33
CREATE TABLE Command
6:43
CREATE TABLE Command
6:44
Data Types
7:39
Numeric Data Types: INT, INT UNSIGNED, and DECIMAL
7:40
String Data Types: CHAR (M), VARCHAR (M), and TEXT
9:23
Colum Attributes
11:00
PRIMARY KEY Attribute
11:01
AUTO INCREMENT Attribute
11:35
Items Table
13:07
Items Table
13:08
Useful Commands
17:04
SHOW TABLES Command & DESCRIBE Utility Statement
17:05
Example: Creating an Items Table
17:58
Required Homework
20:51
Required Homework: 1 - 6
20:52
Required Homework (cont.)
21:55
Required Homework: 7 - 9
21:56
SQL Command: INSERT

27m 11s

Intro
0:00
Lesson Overview
0:11
Lesson Overview
0:12
INSERT Command
1:20
SQL INSERT Command
1:21
Specifying Values
3:16
Columns with Numeric Data Types
3:17
Columns with String Data Types
3:34
Columns with AUTO INCREMENT
4:07
Inserting Items
5:21
Inserting Items
5:22
Example: Inserting Items
7:03
SQL Text Files
14:04
SQL Monitor Client
14:05
MySQL Monitor & the < Operator
15:15
Example
17:35
Required Homework
22:32
Required Homework: 1 - 6
22:33
Required Homework (cont.)
24:19
Required Homework: 7 - 10
24:20
SQL Command: SELECT

24m 57s

Intro
0:00
Lesson Overview
0:10
Lesson Overview
0:11
SELECT Command
0:42
SELECT Command: Definition and Syntax
0:43
Results of a SELECT Query
1:53
To Specify the Retrieval of All Columns from a Table
3:06
Example: SELECT Command
4:18
WHERE Clause
7:11
WHERE Clause
7:12
A SELECT Query with WHERE Clause has the Following Syntax
8:10
A Where Condition can Contain both Logical and Comparison Operators
9:44
Literal Values
13:24
Literal Values
13:25
Example: Literal Values
14:18
ORDER BY Clause
15:31
ORDER BY Clause & SELECT Query
15:32
Ascending and Descending Order
17:30
An ORDER BY Clause can Specify Multiple Columns to Order the Rows by
18:01
Example: SELECT Query with WHERE and ORDER BY Clause
20:32
Homework Challenge
21:59
Homework Challenge
22:00
Homework Challenge (cont.)
23:54
Homework Challenge
23:55
Using PHP from MySQL

32m 43s

Intro
0:00
Lesson Overview
0:10
Lesson Overview
0:11
PHP/MySQL Architecture
0:56
PHP/MySQL Architecture
0:57
MySQLi Extension
3:05
MySQLi Extension
3:06
Steps to Using MySQL from PHP
5:53
Four Steps to Using MySQL from PHP
5:54
Step # 3
7:18
Connecting to a Database
8:12
To Connect to a MySQL Database
8:13
To Test for Connection Errors
10:20
Running an SQL Statement
11:54
Running an SQL Statement
11:55
Example
13:30
Processing the Results
15:58
For non-SELECT Queries
15:59
MySQLi Object Property: affected_rows
16:19
For INSERT Statements on Tables with an AUTO_INCREMENT Column
18:07
Closing the Connection
19:45
Closing the Connection
19:46
Coding Example
21:24
Coding Example: Using MySQL from PHP
21:25
Homework Challenge
29:00
Homework Challenge: 1 - 4
29:01
Homework Challenge (cont.)
31:10
Homework Challenge: 5 - 9
31:11
Web Application Development

30m 30s

Intro
0:00
Lesson Overview
0:14
Lesson Overview
0:15
sprintf()
1:28
sprintf() Overview
1:29
Example
1:56
INSERT Statements with sprintf()
5:15
INSERT Statements with sprintf()
5:16
Version 14.0 Overview
10:00
Version 14.0 Changes & Examples Part 1
10:01
Version 14.0 Changes & Examples Part 2
21:58
SELECT QUERIES from PHP

24m 22s

Intro
0:00
Lesson Overview
0:14
Lesson Overview
0:15
SELECT Queries
1:21
SELECT Queries
1:22
MySQLi_Result Class
3:17
MySQLi_Result Class: num_rows
3:18
MySQLi_Result Class: fetch_assoc ( ) and fetch_object ( )
3:59
fetch_assoc()
5:17
fetch_assoc() Overview
5:18
Coding Example: Using fetch_assoc()
9:00
stdClass Objects
12:46
stdClass Objects
12:47
fetch_object()
14:19
fetch_object() Overview
14:20
Coding Example: Using fetch_object()
16:45
Freeing Result Set Memory
18:42
Freeing Result Set Memory
18:43
Coding Example: Using free ( )
20:01
Homework Challenge
22:07
Homework Challenge: 1 - 5
22:08
Web Application Development

17m 6s

Intro
0:00
Version 15.0 Overview
0:13
Version 15.0 Changes & Examples Part 1
0:14
Version 15.0 Changes & Examples Part 2
8:43
Linking Tables

24m 32s

Intro
0:00
Lesson Overview
0:16
Lesson Overview
0:17
A Departments Table
1:08
Departments Table
1:09
How Could We Model This in a Table: Option 1
1:26
How Could We Model This in a Table: Option 2
3:12
Database Normalization
4:37
Database Normalization
4:38
Foreign Keys
8:47
Foreign Keys
8:48
Linking Table
11:26
Linking Table
11:27
Multiple Column Primary Keys
15:30
Multiple Column Primary Keys
15:31
Example
18:51
Required Homework
22:34
Required Homework: 1 - 3
22:35
Required Homework (cont.)
24:10
Required Homework: 4
24:11
Web Application Development

24m

Intro
0:00
Version 16.0 Overview
0:11
Version 16.0 Changes
0:12
Version 16.0 Coding Examples
4:12
Version 16.0 (cont.)
18:30
Version 16.0 Changes & Examples Part 2
18:31
SQL Command: DELETE

10m 33s

Intro
0:00
Lesson Overview
0:12
Lesson Overview
0:13
DELETE Statement
0:30
DELETE Statement & Its WHERE Clause
0:31
Delete All Rows From a Table
2:57
Using DELETE from PHP
4:04
Using DELETE from PHP Overview
4:05
Coding Example: Using DELETE from PHP
6:37
Homework Challenge
8:53
Homework Challenge: 1 - 4
8:54
Web Application Development

16m 2s

Intro
0:00
Version 17.0 Overview
0:11
Version 17.0 Changes
0:12
Version 17.0 Coding Example
2:51
Transactions
12:50
Database Transaction
12:51
Steps in Using Transactions
14:00
SQL Command: UPDATE

32m 14s

Intro
0:00
Lesson Overview
0:10
Lesson Overview
0:11
UPDATE Statement
0:54
UPDATE Statement & Its WHERE Clause
0:55
Example: UPDATE Statement
3:32
Using UPDATE from PHP
5:21
Using UPDATE from PHP Overview
5:22
Coding Example: Using UPDATE from PHP
6:53
htmlspecialchars()
9:04
htmlspecialchars()
9:05
Encoding Special Characters
9:23
Coding Example: htmlspecialchars()
13:41
addslashes()
20:40
addslashes()
20:41
Coding Example: addslashes()
22:52
Homework Challenge
27:55
Homework Challenge: 1 - 2
27:56
Homework Challenge (cont.)
30:14
Homework Challenge: 3 - 5
30:15
Homework Challenge (cont.)
30:41
Homework Challenge: 6 - 9
30:42
Web Application Development

12m 33s

Intro
0:00
Version 18.0 Overview
0:12
Version 18.0 Changes
0:13
Version 18.0 Coding Example
1:24
SQL: Joins

42m 16s

Intro
0:00
Lesson Overview
0:11
Lesson Overview
0:12
DATETIME Data Type
1:52
DATETIME Data Type
1:53
Modeling Orders
5:12
Modeling Orders
5:13
Customers Table
10:46
Customers Table
10:47
Example
16:18
Example: Order Table in MySQL
16:19
Joins
22:26
Joins Overview
22:27
Inner Join
23:09
Example: Joins
24:11
Join Conditions
28:14
Join Conditions
28:15
Example
28:32
Join Queries
30:00
Example: Join Conditions in MySQL
30:36
Implicit Joins
34:42
Implicit Joins
34:43
Example: Implicit Joins
35:57
Aliases
37:28
Introduction to Aliases
37:29
Example: Aliases
38:55
Required Homework
40:32
Problem 1
40:33
Problem 2
41:01
Problem 3
41:17
Web Application Development

29m 34s

Intro
0:00
Lesson Overview
0:12
Lesson Overview
0:13
Inserting Orders
0:44
Inserting Orders
0:45
Version 19.0 Overview
3:45
Version 19.0 Changes & Example Part 1
3:46
Version 19.0 Changes & Example Part 2
13:18
Version 19.1 Overview
21:10
Version 19.1 Changes
21:11
Version 19.1 Coding Example
22:18
User Authentication

26m 13s

Intro
0:00
Lesson Overview
0:10
Lesson Overview
0:11
User Authentication
1:31
User Authentication
1:32
Authentication with Sessions
2:34
Authentication with Sessions
2:35
Four Steps in Authentication via Sessions
2:50
Using Sessions to Restrict Access
3:58
Using Sessions to Restrict Access
3:59
Coding Example: Restricted Access Area
4:47
Authentication Methods
5:54
Authentication Methods Overview
5:55
Coding Example: Authentication Methods
7:31
Logging Out
9:57
Logging Out
9:58
Coding Example: Log Out
10:47
Users Table
13:50
Users Table
13:51
Example: Creating a Users Table
15:08
Password Hashing
17:30
Password Hashing
17:31
PHP and MySQL Built-in Hash Functions: sha1 ( ) and md5 ( )
18:43
Coding Example: Password Hashing
19:27
Required Homework
24:41
Required Homework: 1 - 4
24:42
Web Application Development

14m 36s

Intro
0:00
Version 20.0 Overview
0:13
Version 20.0 Changes & Examples Part 1
0:14
Version 20.0 Changes & Examples Part 2
5:05
Version 20.0 Changes & Examples Part 3
7:29
Version 20.0 (cont.)
8:31
Version 20.0 Changes & Examples Part 4
8:32
Loading...
This is a quick preview of the lesson. For full access, please Log In or Sign up.
For more information, please see full course syllabus of Advanced PHP
Bookmark & Share Embed

Share this knowledge with your friends!

Copy & Paste this embed code into your website’s HTML

Please ensure that your website editor is in text mode when you paste the code.
(In Wordpress, the mode button is on the top right corner.)
  ×
  • - Allow users to view the embedded video in full-size.
Since this lesson is not free, only the preview will appear on your website.
  • Discussion

  • Study Guides

  • Download Lecture Slides

  • Table of Contents

  • Transcription

  • Related Services

Start Learning Now

Our free lessons will get you started (Adobe Flash® required).
Get immediate access to our entire library.

Sign up for Educator.com

Membership Overview

  • Unlimited access to our entire library of courses.
  • Search and jump to exactly what you want to learn.
  • *Ask questions and get answers from the community and our teachers!
  • Practice questions with step-by-step solutions.
  • Download lesson files for programming and software training practice.
  • Track your course viewing progress.
  • Download lecture slides for taking notes.
  • Learn at your own pace... anytime, anywhere!

User Authentication

  • User authentication is the process of validating the identity of a user. It is often used on the web to restrict certain content and/or services to user’s based on their identity.
  • PHP’s built-in session functionality can be used to provide a means of ensuring a user is authenticated and is thus allowed to access particular web content.
  • The steps involved in one method of authentication via sessions is:
    1. Authenticate a user (various methods available)
    2. Begin a session
    3. Set specific session data signifying a user is authenticated
    4. Verify the existence of the specific session data on each page before providing any content requiring authentication
  • In order to logout an authenticated user, you simply destroy a user’s session and any data associated with it.
  • A common method used to store passwords is not to store the plaintext password, but rather a hash of the password.
  • A hash is a seemingly random string of characters generated by a hash function from a password string according to a specified algorithm.
  • Hash functions have the feature that they will always return the same hash string for a particular password string.
  • PHP provides several built-in hash functions, such as:
    • sha1() – generates a 40-character hash
    • md5() – generates a 32-character hash
  • MySQL provides SHA1() & MD5() functions for use in queries as well.
  • Additional Resources:

User Authentication

Lecture Slides are screen-captured images of important points in the lecture. Students can download and print out these lecture slide images to do practice problems as well as take notes while watching the lecture.

  • Intro 0:00
  • Lesson Overview 0:10
    • Lesson Overview
  • User Authentication 1:31
    • User Authentication
  • Authentication with Sessions 2:34
    • Authentication with Sessions
    • Four Steps in Authentication via Sessions
  • Using Sessions to Restrict Access 3:58
    • Using Sessions to Restrict Access
    • Coding Example: Restricted Access Area
  • Authentication Methods 5:54
    • Authentication Methods Overview
    • Coding Example: Authentication Methods
  • Logging Out 9:57
    • Logging Out
    • Coding Example: Log Out
  • Users Table 13:50
    • Users Table
    • Example: Creating a Users Table
  • Password Hashing 17:30
    • Password Hashing
    • PHP and MySQL Built-in Hash Functions: sha1 ( ) and md5 ( )
    • Coding Example: Password Hashing
  • Required Homework 24:41
    • Required Homework: 1 - 4

Transcription: User Authentication

Hello again, and welcome back to Educator.com's Advanced PHP with MySQL course.0000

In today's lesson, we are going to be covering our last topic of this course, which is on user authentication.0005

We are going to be talking about what user authentication actually is--what it means.0011

And we are going to talk about how to implement an authentication scheme in PHP, using sessions.0016

We are going to talk about different authentication methods that are available.0026

We are going to talk about that, after a user has been authenticated, and they have been (for example) logged into the admin website0032

and used it, and they want to log out--we are going to talk about that process.0038

And then, we are going to talk about setting up our database, so that we can add, in our final lesson, user authentication to our admin website.0042

So, right now, we have been having the ability to add items, view orders, update items in the store, update departments, and so forth.0052

Well, now, in our next lesson, we are going to add what you would expect for an administrator site like that.0059

We are going to add a way to log in with a username and password.0065

So, in this lesson, we are going to talk about setting up a table called Users,0069

which is going to contain information about user accounts, to be able to log in to that.0074

Related to that topic, we are going to talk about a concept called password hashing, or just hashing in general.0078

And then, we are going to go over required homework, which is going to have you set up this Users database for our final web application development lesson.0084

User authentication is used to validate the identity of a user.0093

When someone comes to your admin website and they want to add an item to the store, you want to make sure that they are the appropriate person.0098

Authentication on the Web is often used to restrict certain content (maybe you have a members-only area) and/or services.0107

For our admin website, we would only want certain people (maybe in our organization) to be able to add items to the store.0118

Authentication is a way to restrict the ability to do these different things.0126

And the most common authentication scheme (which I am sure all of you are familiar with) is to have a user provide0133

a username and password combination that uniquely identifies that user, and is a basis for saying, "This is who I am."0138

And then, after that authentication test is passed, then they get access to whatever services or content you would like to provide them.0146

What you can do in PHP is: we know about the built-in session functionality; and we can use that as a means0156

to provide restricted access to our pages (for example, provide restricted access to our admin website).0162

And the way you do that is: you go through a couple of different steps.0171

The first step would be that you would authenticate a user.0175

So, you would have a form where they would log in with their username and password, for example.0178

And when you do that, it would start a session.0183

And there are various methods that you can do to authenticate a user; we are not going to get into that just this second.0186

We are going to talk more about the session-related part of it.0191

So, let's say a user logs in, and they are authenticated; we verify that they are who they are.0194

Then, what we can do is begin a session, and then set a session variable to...maybe we have a session variable called authenticated.0199

And then, on every page that we want to restrict access to, we can just provide a test on those particular pages0207

that verifies that this particular piece of session data is available in their session,0215

because what we are saying is that they are authenticated;0223

they were able to create a session; they were able to create that session variable.0226

If, when they go to a page, they are able to access that session, that implies that they were able to successfully log in.0229

As mentioned, what you do on your particular page that you want to restrict access to is just test for the existence of a particular session variable.0241

Because, when a user is authenticated, a session gets started, and then a known variable is set;0250

what is going to happen, as we know, assuming we are using cookie-based sessions:0257

every time a user visits a restricted page (for example) they are going to pass along their session cookie.0261

That session cookie is going to give them access to session data.0266

If they have appropriately logged in, that session data will contain this variable that we are going to use as a means for authenticating.0270

So, as long as that variable is set, then we can say, "OK, you have been authenticated; we are going to give you access to this particular page."0278

If we look at this first example script for this lecture, called restrictedAccess.php, it is a page where we want to restrict access to only authenticated users.0288

So, at the beginning of the page, we start a session (or continue a session).0299

And then, we perform a simple test on the session variable authenticated.0303

And we are going to use that as our variable to test if a user has been logged in or not.0308

And so, we are running isset on the session variable authenticated.0313

If isset is true, then the authenticated variable is going to be true; if not, it is going to be false.0319

Then, in our content area, if the user is authenticated (meaning authenticated is true), we are going to output a welcome message.0323

If not, we are going to say, "You must be logged in to view this content."0330

Well, this portion of our web application (or this lecture example) doesn't have a login screen.0335

So, every time we go to this restricted access page, we are not going to be able to view that content.0338

So, if we go to version 1, and we click on Restricted Access, we are going to get 'You must be logged in to view this content.'0343

We are going to show, in a second, how to add the login form, so that you are able to see that.0349

There are a number of different ways to authenticate users.0356

You can have things like web server authentication, or you might use Apache to allow users to access different sites.0359

Another method you can do is: you can have a PHP script that a user posts, or sends GET parameters to, with a username and password.0367

And maybe those usernames and passwords are hard-coded into the script,0376

and it can just look it up and say, "OK, the username and password...if they are both this, then we will give them access to it."0379

It is not a particularly secure example, but that is one way that you could do it.0384

Another thing that you could do is: we know how to access files in PHP.0389

So, maybe a user could post a username and password to a script.0393

That script will go ahead and look them up in the file system that contains username and password combinations, and see if that exists.0396

If so, it will authenticate the user.0403

What we are going to be using for our web application: because this course is about MySQL and PHP web development,0405

we are going to store our username and password data in a database.0411

So, when we authenticate a user, we are going to be running a query on the database0415

and saying, "Does this username and password combination exist?"0419

So, we are going to be doing that against a Users table; and we are going to be implementing that in our next web application development lesson.0422

And we are going to talk a little bit more about the Users table, coming up.0431

But as far as just learning how these authentication methods...0434

We are going to implement, in this lecture example, a simple authentication method where it just checks a password--0440

that it is equal to a hard-coded value--in order to show how we can set that session variable, so that we can see the restricted access page.0445

For example, in our version 2 of our lecture example, there are two pages now.0452

We have restrictedAccess, which is going to say, "You must be logged in to view this content."0461

We haven't logged in yet; so if we click here, it takes us to a new page that we have created, called login.0464

And what we have is: we have a login script that accepts two POST variables, username and password.0469

And what it does is: it also starts a session at the beginning, because we are using sessions to control our authentication.0478

All it does is just checks that the password is equal to a hard-coded value (in this particular case, 'password').0485

So, as long as the username provides a password equal to 'password,' we are going to say, "OK, you are authenticated."0491

The way that we are going to do that is: we are going to set that authenticated session variable.0496

In this case, we are setting it equal to true.0501

It doesn't really matter what value we set it to, because all we are testing for is its existence.0503

We go ahead and set the authenticated session variable to true.0509

And then, we are going to redirect the user, after they have logged in to that restricted access page.0512

What is going to happen is: the session has been created, assuming they provided the password equal to 'password.'0517

They created the authenticated session variable; they are redirected to restrictedAccess.php,0523

which, at the beginning, opens a session and tests to see if that variable is set.0529

Since it is now going to be set, when the user is forwarded to this page, it is going to check if it is authenticated.0534

Now, you are going to be authenticated, and you are going to get the Welcome message,0543

as opposed to saying that you are not allowed to see the restricted data.0546

In our login page, it doesn't really matter what username we put in, because all we are checking for, in this particular case, is a password.0552

I'm entering the password 'password,' and if you notice, here, it is covered up by these black dots,0560

but you have seen it, for sure, in a web application you have gone to; and that is just a special type of input field called password.0567

It doesn't actually encrypt the password, but it is something so, if somebody is looking over your shoulder, they can't see it.0574

If I go ahead and click Log In, what it is: it went ahead and validated that I provided the password 'password.'0579

It created the session variable, redirected me to restricted access, and it says, "You are now in the restricted area; welcome!"0588

The other process that involves authenticating the user is: what do you do when the user is done with the session?0600

We have all been to websites where you log in; you perform some actions; and then you log out.0605

So, that way somebody else that comes in to the computer can't just go up and have access to your data.0610

If they wanted to do that, they would have to re-log in, which would be to re-authenticate.0617

We are going to...the logout procedure is cancelling an authentication, and the way that you can do that is by simply destroying a user's session.0623

And the reason that that works is that the test that we are using on our restricted pages is just to test for the existence of a particular session variable.0632

If that user's session has been destroyed, that variable is no longer going to exist, so they are not going to get access to those pages anymore.0641

If we look at a new version of this lecture example, version 3 (let me just clear any cookies that we have),0649

if we try to go to the restrictedAccess page, it will say, "You must be logged in; click here to log in."0665

This script works the same as in the last example; as long as 'password' is provided as the password, it is going to log you in.0672

It is going to say you are welcome to the restricted area.0681

And now, it is going to have a button that is just going to go to logout.php.0683

Well, all logout.php does is destroys our session.0687

And if we look at logout.php, we can see that it starts the session, and it goes through the four-step process0690

that we talked about when we learned about destroying sessions, in a previous lesson.0697

It starts a session; it goes ahead and deletes all the session variables by setting SESSION equal to the empty array.0701

It goes ahead and deletes the session cookie.0708

It does that by using the setCookie function and setting it to a time in the past.0712

Then, it calls the session_destroy method, which, after the script is over, is going to delete all of that session data on the server.0719

Because we have destroyed...and this is actually one of the reasons why, when we learned about destroying sessions,0724

we set the session variable equal to the empty array--because, when we call the session_destroy,0729

that doesn't actually destroy the session data until after the script has ended.0738

If we were to leave out this deletion of the session variables up here, now we have a test to see if the user is authenticated or not.0743

If we hadn't deleted it, this would still show up as "the user is authenticated."0755

So, we have gone ahead and set it to the empty array, so the user is no longer authenticated.0760

In this particular case, authenticated is going to evaluate to false.0766

And then, we say, "As long as 'the user is authenticated' is false, that means the user was successfully logged out."0769

We have output a message that was logout; if not, we are going to say, "There was an error logging you out."0775

And that would happen, for example, if we had this commented out.0780

When we click on this link to logout.php, it is going to go ahead and destroy the session.0785

Let me bring up Firebug, so you can see the deletion of the cookie.0791

Click here to log out; you are successfully logged out.0798

We can see that it has a setCookie method that deletes that PHPSESSID cookie.0802

Now, because we are logged out, just to verify, let's say we tried to go to restrictedAccess.php again.0809

When we try to do that, it is going to try to access that session variable, authenticated, which no longer exists, because our session is destroyed.0817

And we are going to get the message that says, "You must be logged in to view the content."0823

And so, that is how the logout works.0826

The way we are going to authenticate--now that we have learned about how authentication works and how to use it during sessions--0831

we are going to talk about the authentication method that we are going to use for our web application,0837

which is to use authentication from a MySQL database.0841

We are going to be creating a table called Users, and it stores information about admin users for our administrative website.0844

It is going to be defined by this SQL statement here.0851

It is going to have four different columns: one for username, one for password, one for firstName and lastName.0854

So, we are going to allow it to set the first name and last name of a user, and then the username and password that they are going to log in as.0861

We have noted the username as the primary key, and you will notice that is not an auto-incremented integer column, like we have been using.0866

And we could denote it as a primary key, because we want to have a usernames be unique for our admin users.0873

And so, we can denote that as a primary key.0881

So, if somebody tries to create an account for a username that already exists, they are not going to be able to do that.0882

Now, one thing to note is that this is set as a VARCHAR, which means it can have a username up to 20 characters in length.0888

These are variable-length strings for firstName and lastName.0894

However, for password, we have set it to a fixed-length string of 40.0897

And we are going to talk about that in the next slide.0900

And the reason for that is that we are going to use that to store our password.0902

And we are going to be storing it in a special format.0906

Let's go ahead and create this Users table: I'm just going to type the CREATE TABLE statement.0909

Our primary key is going to be username, which is going to be a VARCHAR that (to review) is 20 characters in length.0922

So, it can be a 20-character username.0934

A password: as mentioned, it is going to be a fixed-length field of 40 characters--we are going to see why in a second.0941

firstName: we are going to allow them to have up to 15 characters for their first name0948

(let's double-check that), and then 20 characters for their last name.0953

So now, we have created our Users table.0964

And that is what the structure of the table looks like.0975

Let's say we want to add a user to our database.0977

So, INSERT INTO Users VALUES...we are going to provide a username jsmith, and we are going to have him use the password...0983

in this particular case, let's just say 'password'...well, let's pick something more unique: maybe his wife's name will be his password--jenny.0996

His name will be firstName Joe, lastName Smith; we can insert that into the table.1008

Now, when we view the content of our Users table, we can see that we have a user named Joe Smith: password jenny, firstName Joe, lastName Smith.1016

Well, as you can see, our password here is stored in plain text, meaning anybody that can view our database can view everybody's password.1028

So, they would be able to have access to their account, and that is a security risk.1036

So, what we are going to talk about in our next slide is how to obscure that, so that anybody that looks at the database--1040

if the database were to be compromised, they wouldn't be able to find out everybody's username.1045

And the way we are going to do that is through a method known as hashing.1051

And what it is: a hash is essentially a random string of characters that is generated by a function.1055

What you do is pass a password to a hash function.1066

It runs some algorithm, and that algorithm will generate a random string.1069

The feature of a hash function is that, every time you pass it the same string, it is always going to generate the same output.1074

So, what we can do is: when a user creates a password, we can run a hash function1081

that is going to generate the same key for that password every time it is entered.1087

We store the hash in the database, which is going to be random strings; it is going to be this long, ugly-looking string.1091

And then, the way we would authenticate our user is: when they type in their password,1098

we run the hash function on the plain text password they entered, and then compare the two hashes,1101

because we know that the hash is always going to be the same for the same username.1107

And the other thing about the hash is that they are generally unique; it is very hard to have two strings that would generate the same hash.1111

So, the chances of two passwords having the same hash value is very unlikely.1119

Well, PHP provides two built-in hash functions that use two different algorithms.1124

One is called sha1, and what that does is generates a hash of 40 characters in length.1129

And there is an md5 hash, which generates a 32-character hash string.1134

We are going to be using the more secure sha1 to do that.1141

And so, when we have our PHP code (and we are going to see this in our next web application lesson),1147

when we insert a user, we are going to be running this sha1 function in PHP on whatever password string the user provided.1154

And it is going to generate the hash.1164

We have a script here called hashExamples.php that shows as we are running the sha1 function on the string 'password.'1168

And then, we are also running the md5 hash function on the word 'password' so you can see what a hash looks like.1180

When we run this particular script, we can see that they generate these really difficult strings that would be hard for somebody to look at and remember.1188

So, for sha1, it generates a 40-character string, and this is what it looks like for password.1205

And it does that every time you pass the password.1211

The md5 hash function generates a 32-character string that looks like this.1213

And so, that is what we are going to be storing in our database.1217

Now, what MySQL does is: they have analogs of those functions.1222

They have a function built in called sha1 and md5 that do the same exact thing.1226

Because these are defined algorithms, the sha1 function for MySQL is going to generate the same hash value for a password as the sha1 in PHP does.1232

For example, one of the things you can do in MySQL (if we haven't talked about it) is that you can just run some functions.1244

So, if we run sha1 on the string 'password,' we can see that it generates the string 5baa61e4.1252

Well, if we look back at our hash example: 5baa61e4, and so on; so, it generates the same password.1266

What we are going to do to get an initial account set up in our Users table is: we are going to add an admin account.1273

So right now, we can see that we have this one user in our database called Joe Smith,1282

which we are actually going to delete, because it is insecure with the password the way that it is.1288

We can see that there are no more users in that database.1295

And now, we are going to insert an admin account into the Users table.1298

We are going to have the username be admin; we are going to have the password be the empty string.1310

That is not necessarily a secure thing, but we are going to use it to be able to get our account set up.1317

We will use this to initially log into our (now it's going to be) authentication-protected admin site, to create new accounts.1327

And then, we can get rid of this account.1336

And the way we do that is: we are going to run the sha1 function on the empty string password.1337

We are going to call the user...we will give it the firstName site, for example, and the lastName administrator.1345

It looks like I had an error in the code.1358

And now, when we run a SELECT query on Users, we can see: we have an admin user, firstName site, lastName administrator.1366

And we can see that their password is this 40-character hash that is quite ugly.1373

So, anybody looking at the database won't be able to just look and see, "OK, the admin's username is admin" or "the empty string."1377

And that is why we made this field equal to 40 characters long--because that sha1 function returns a 40-character string.1385

Oh, and one other thing: just to validate that our admin account works, what we can do is:1394

we can run a SELECT query on this Users table, which is what we are going to be doing our web application to validate a user,1404

and say, "Does a user exist with the username admin and the password equal to the empty string?"1409

And if it returns a row, that means yes.1416

And the way that we are going to do that is: we are going to say,1418

"Select all of the columns from the Users table," and then we are going to provide a WHERE clause:1421

"where username equals," in this particular case, "admin, and password equals"1429

not the empty string, but equals the sha1 hash of the empty string.1439

And if we run that, we see that we get one row.1452

If we had just run it with the password equal to the empty string, we are going to get empty set, and we are not going to see that it is used.1455

Now, here we have used the sha1 within our SQL query; we are actually going to be calculating it in our PHP statement.1462

So, when we run this query, this sha1 function is going to be replaced with the hash generated by the sha1 function in PHP.1470

For the required homework for this: it is just to get that Users table set up for use in our last web development application lesson.1482

Just create the Users table, as we had demonstrated in this lecture, with the different fields that we provided.1490

Make sure that the password column is a fixed-length character string of length 40,1495

because we are going to be using the sha1 function in PHP to generate our password hashes.1502

And then, go ahead, like we did, and generate an administrator count with the username admin, and a password equal to the empty string.1507

You can call it whatever you want; you can put your name, if you need to.1514

You are going to need to use the sha1 function that MySQL provides to be able to create that hash,1518

because if you just said, "Run the INSERT statement with just the empty string,"1524

it is not going to generate that hash, and you will actually have the empty string showing up in your database.1528

So, make sure you use this function.1534

And also, the password is just the empty string, but the value that you are going to be storing1537

in that password field is going to be the sha1 output of the empty string.1542

So, it is going to be that 40-character hash.1546

And then, like we did, run a SELECT query on this new admin account that you created,1548

to verify that you can retrieve that row, using the username admin and password empty string.1555

And so, you are going to be running the query, just like we did here.1561

And that is going to verify that everything is set up and works correctly.1564

That ends today's lesson; thank you for watching Educator.com, and I look forward to seeing you next time.1569

Educator®

Please sign in to participate in this lecture discussion.

Resetting Your Password?
OR

Start Learning Now

Our free lessons will get you started (Adobe Flash® required).
Get immediate access to our entire library.

Membership Overview

  • Available 24/7. Unlimited Access to Our Entire Library.
  • Search and jump to exactly what you want to learn.
  • *Ask questions and get answers from the community and our teachers!
  • Practice questions with step-by-step solutions.
  • Download lecture slides for taking notes.
  • Track your course viewing progress.
  • Accessible anytime, anywhere with our Android and iOS apps.