Generating name & password

**george-** · 02-15-2009, 06:19 PM

Hi,

Just wondering if anyone could help me out with this bit of code. The code is generating 10 random upper and lower case letters which I am using as a username and password.

Basically, I have the following code:

Code:

<?php
		/*
		 *		Generate Username and Password.
		 */
	$password ="";
	$username="";
	
	for ($i = 0; $i < 10; $i++) 
	{
	   $r = rand(0,1);
 	   $c = ($r==0)? rand(65,90) : rand(97,122);
 	   $password .= chr($c);
	}
	
	for ($i = 0; $i < 10; $i++) 
	{
	   $r = rand(0,1);
 	   $c = ($r==0)? rand(65,90) : rand(97,122);
 	   $username .= chr($c);
	}
?>

The username and password is then echoed in a table for the user. I have a little problem with it though. Each time the page is refreshed, it changes. I completely expected that to happen, but I want it to generate these two lines only ONCE.

I thought if I copied $username and $password variables into another set of variables and print those to the user instead, it may work. However, it doesn't work and it still changes on page refresh because the whole thing is being executed again.

Anyone know how I might go about doing it?

Thanks.

**Schmoopy** · 02-15-2009, 10:08 PM

Here's my solution, using session variables to check if the user and password variables have been created, if they haven't then it gives the user a new user and password and if it has it stays the same.

This probably isn't the best solution, and my code probably isn't up to Twey's standards (

) but I gave it a go:

PHP Code:


<?php
session_start();
?>
<html>

<head>
<title>User / Pass Generator</title>
</head>

<body>

<?php

        /*
         *        Generate Username and Password.
         */

function generate($string) // Just made it a function to reduce code
{
    $output = ""; // Initialise output variable so it can be added to
    if(!isset($_SESSION['user']) || !isset($_SESSION['pass']))
    {
    $_SESSION['user'] = ""; // Create user / password session variables if not already initialised
    $_SESSION['pass'] = "";
    }
    
    for($i = 0; $i < 10; $i++)
    {
        $r = rand(0,1);
        $c = ($r==0)? rand(65,90) : rand(97,122); 
        if (strlen($_SESSION[$string]) < 10) 
        // Add to the string if a password / username has not already been generated (Less than 10 characters long)
        $_SESSION[$string] .= chr($c);
        $output .= chr($c);
    }
    return $output; // Return the output out of the for loop
}

$user = generate('user');
$pass = generate('pass');
    
    echo "Username: " . $user . "<br />";
    echo "Password: " . $pass . "<p></p>";
    
    echo "Saved Username: " . $_SESSION['user'] . "<br />"; 
    echo "Saved Password: " . $_SESSION['pass'] . "<br />"; 
    
    
?>

</body>

</html>

It outputs the values of the session variables as well as the non saved password / username variables. To show that one changes while the other doesn't

I've tested it on my local server and it seemed to work fine so just say if you don't understand any of it or it isn't working for you.

Good luck!

**george-** · 02-15-2009, 11:04 PM

Hi Schmoopy,

Thank you for taking the time to write that code out

. That was really good of you.

When I first pasted your code over mine I was getting two errors:

Code:

session_start() [function.session-start]: Cannot send session cookie - headers already sent by( - path name -)

But a quick Google search came up with the solution. Since session_start() is apparently the first thing that needs to be called, before any other output, I just moved it to line 1 and it worked fine

. Not sure if that's the right reason but it worked.

**Schmoopy** · 02-16-2009, 12:03 AM

Oh yes, thanks for pointing that out, silly mistake

, glad it's working for you anyway.

**george-** · 02-16-2009, 01:06 AM

Schmoopy, would you be able to help me with a second problem?

Because my knowledge on PHP is only basic at the moment I'm not sure how to go about solving many of the problems I'm faced with.

It's pretty much the same problem as before, except instead of printing those values to the screen I'm inserting them into a database instead.

That part is fine... it's just the duplication that's going to occur.

So far I have:

Code:

<?php
     $host="localhost";    // Host name
     $username="username"; // Mysql username
     $password="password"; // Mysql password
     $db_name="database";  // Database name 

     mysql_connect("$host", "$username", "$password")or die("cannot connect");
     mysql_select_db("$db_name")or die("cannot select DB");

     mysql_query("INSERT INTO Persons (id, username, password) 
     VALUES ('', '$user', '$pass')"); /* these two variables are declared previously (in your code) */
?>

Is there any way I can get that to insert only once, even if a page refresh occurs? maybe by using a similar method to the one you used before?

Thanks for reading

I don't expect you to do any more for me, though.

**Nile** · 02-16-2009, 01:09 AM

Here:

Code:

<?php
     session_start();
     $host="localhost";    // Host name
     $username="username"; // Mysql username
     $password="password"; // Mysql password
     $db_name="database";  // Database name 

     mysql_connect("$host", "$username", "$password")or die("cannot connect");
     mysql_select_db("$db_name")or die("cannot select DB");

     if(@mysql_query("INSERT INTO Persons (id, username, password) 
     VALUES ('', '$user', '$pass')") && $_SESSION['done']){
       $_SESSION['done'] == true;
     }
?>

**Schmoopy** · 02-16-2009, 01:14 AM

Ok, well I know a way but using my code I sort of want you to figure it out for yourself and see if you can learn that way

I'll give you a few tips and you get back to me:

Use sessions again, have a value that is set to true after they have queried the database.

In the code implement a way to stop the database being queried if the value has changed.

Example: $queried = false;

Make an if statement to see if $queried = true and skip the database query if it is so.

Hope that makes sense and you can use it to alter your code,

Good luck

Edit: Nile pretty much said it... Just alter your code around that.

**george-** · 02-16-2009, 03:24 PM

I can't get that code to work properly. I'm quite confused about this.

The following code:

Code:

     
     if(@mysql_query("INSERT INTO Persons (id, username, password) 
     VALUES ('', '$user', '$pass')") && $_SESSION['done'])
     {
       $_SESSION['done'] == true;
     }

To me means: if the MySQL query AND the $_SESSION['done'] variable are equal to TRUE, then $_SESSION['done'] is compared with true.

I'm not sure whether that was a typo but I think it probably is. I changed the comparison operator to the assign operator but it still didn't work.

It's the session variables that are confusing me in all this. There is $_SESSION['done'] being used as a parameter in the if statement, but there is no previous declaration for it. I come from programming in C so that doesn't make sense to me. Does this also count as a variable declaration?

I tried to make a declaration for it anyway but it still didn't work.

From my understanding the $_SESSION variables are stored on the server?

So if it does also count as a declaration, the following code SHOULD work:

Code:

     if($_SESSION['done']) /* if true */
     {
       @mysql_query("INSERT INTO Persons (id, username, password) 
                                               VALUES ('', '$user', '$pass')")
       $_SESSION['done'] = false; 
     }

If $_SESSION['done'] == true; execute the query and set $_SESSION['done'] to false. Then, next time it performs the check, the parameters won't be right and it won't be executed again.

But that doesn't work either. So what am I actually doing wrong? I know that if the parameter $_SESSION['done'] DOES count as a declaration, then every time the page is refreshed it's just gonna get set back to true, so obviously that method won't work.

How can I make sure it doesn't get set back to true each time the page is refreshed?

I've lost myself

Please help me with this session variable stuff

Thanks for reading!

**Nile** · 02-16-2009, 03:30 PM

I'm sorry:

Code:

     if(@mysql_query("INSERT INTO Persons (id, username, password) 
     VALUES ('', '$user', '$pass')") && unset($_SESSION['done']))
     {
       $_SESSION['done'] == true;
     }