Hola,

Tengo instalado PHCDownload (http://www.phpcredo.com/) un administrador de descargas usando Bases de datos que por cierto ha sido util. La puedo recomendar. ^^ ^^

Con relacionado a este me encontre interesante unir myPHPscripts DbAuth (http://www.myphpscripts.net) utilizando el mismo bases de datos de PHCDownload "fstore_users" para provocar una autoidentificacion de descarga de archivo en PHCDownload.

Donde haciendo un cambio de tabla (mas abajo en negrita) "CREATE TABLE dbauth_register(
id INT NOT NULL AUTO_INCREMENT,
PRIMARY KEY(id),
user VARCHAR(30),
email VARCHAR(30),
password VARCHAR(32),
regtime VARCHAR(30),
register VARCHAR(30))")
or die(mysql_error());
echo 'Registration Database Created.<br>';

por la tabla actual

"CREATE TABLE `fstore_users` (
`user_id` int(10) NOT NULL auto_increment,
`user_group_id` int(10) unsigned NOT NULL default '0',
`user_name` text,
`user_email` varchar(255) default NULL,
`user_password` varchar(32) default NULL,
`user_timestamp` int(10) unsigned NOT NULL default '0',
`user_downloads` int(10) unsigned NOT NULL default '0',
`user_bandwidth` bigint(20) unsigned NOT NULL default '0',
`user_active` enum('Y','N') NOT NULL default 'N',
PRIMARY KEY (`user_id`),
UNIQUE KEY `user_email` (`user_email`)
) ENGINE=MyISAM AUTO_INCREMENT=2 DEFAULT CHARSET=utf8; provoca mal funcionamiento como "login incorrect" "cannot recover password" " Mysql_num_rows ERROR supplied argument is not a valid MySQL result resource".

************He aqui los codigos dbauth.php********************
<? session_start();

// Your MySQL Database server
$dbserver = "localhost";

// Your MySQL Database
$db = "dbauth";

// Your MySQL Database user
$dbuser = "dbauth_user";

// Your MySQL Database password
$dbpass = "dbauth_pass";

// Self Registration: 1 to enable, 0 to disable
$registration = 1;

// Headers in system emails: ie. Registration, Password Reset
$headers = 'From: DBAuth Website <[email protected]>';

//=============================================================================================
//=========================== Do not change anything below this line ==========================
//=============================================================================================

$redirect = $_SERVER['HTTP_REFERER'];
function head() {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>myPHPscripts DBAuth</title>
</head>
<body>
<div align="center">

<div>
<table class="header">
<tr>
<td>
DBAuth 1.0
</td>
</tr>
</table>
</div>
<br>
<?
}
function foot() {
?>
<br>
<div>
<table class="footer">
<tr>
<td>
<? echo base64_decode('REJBdXRoICZjb3B5OyAyMDA3IDxhIGhyZWY9Imh0dHA6Ly93d3cubXlwaHBzY3JpcHRzLm5ldCIgdGFyZ2V0PSJfYmxhbmsiPm15UEhQc2NyaXB0cy5uZXQ8L2E+'); ?>
</td>
</tr>
</table>
</div>

</div>

</body>
</html>
<?
exit();
}

function db_register_create() {
mysql_query("CREATE TABLE dbauth_register(
id INT NOT NULL AUTO_INCREMENT,
PRIMARY KEY(id),
user VARCHAR(30),
email VARCHAR(30),
password VARCHAR(32),
regtime VARCHAR(30),
register VARCHAR(30))")
or die(mysql_error());
echo 'Registration Database Created.<br>';
}
function db_user_create() {
mysql_query("CREATE TABLE dbauth_users(
id INT NOT NULL AUTO_INCREMENT,
PRIMARY KEY(id),
user VARCHAR(30),
email VARCHAR(320),
password VARCHAR(32))")
or die(mysql_error());
echo 'User Database Created.<br>';
echo '<meta http-equiv="refresh" content="2;url=?create">';
}
function checktable() {
if(mysql_num_rows( mysql_query("SHOW TABLES LIKE '".dbauth_users."'"))) {
}
else {
db_user_create();
$_SESSION['install'] = 1;
}
if (mysql_num_rows( mysql_query("SHOW TABLES LIKE '".dbauth_register."'"))) {
}
else {
db_register_create();
}
}
function strip_ext($strName) {
$ext = strrchr($strName, '?');
if($ext !== false) {
$strName = substr($strName, 0, -strlen($ext));
}
return $strName;
}
function form_create() {
?>
<table class="password"><tr><td class="password_topbar">Create an Account</td></tr><tr><td><br>
<form action="dbauth.php" method="post">
Email:<br>
<input type="text" name="email"><br>
User:<br>
<input type="text" name="user"><br>
Password:<br>
<input type="password" name="password"><br>
Verify Password:<br>
<input type="password" name="verify"><br><br>
<input type="submit" name="create" value="Create" class="btn">
</form>
</td></tr></table>
<?
}
function form_password_change() {
?>
<table class="password"><tr><td class="password_topbar">Change Your Password</td></tr><tr><td><br>
<form action="dbauth.php" method="post">
User:<br>
<input type="text" name="user"><br>
Password:<br>
<input type="password" name="password"><br>
New Password:<br>
<input type="password" name="new_password"><br>
Verify Password:<br>
<input type="password" name="verify"><br><br>
<input type="submit" name="pass_reset" value="Change" class="btn">
</form>
</td></tr></table>
<?
}
function form_login() {
?>
<table class="password">
<tr><td class="password_topbar" colspan="2">Please Log In</td></tr>
<tr>
<td colspan="2">
<br>
<form action="dbauth.php" method="post">
User:<br>
<input type="text" name="user"><br>
Password:<br>
<input type="password" name="password"><br><br>
<input type="submit" name="login" value="Log In" class="btn">
</form>
</td>
</tr>
<tr>
<td style="text-align:left;padding:5px;"><a href="?pass_reset">Forgot Password</a></td>
<td style="text-align:right;padding:5px;"><a href="?pass_change">Change Password</a></td>
</tr>
</table>
<?
}
function form_password_reset() {
?>
<table class="password"><tr><td class="password_topbar">Password Reset</td></tr><tr><td><br>
<form action="dbauth.php" method="post">
Email<br>
<input type="text" name="email"><br><br>
<input type="submit" name="pass_reset" value="Reset" class="btn">
</form>
</td></tr></table>
<?
}
mysql_connect($dbserver, $dbuser, $dbpass) or die(mysql_error());
mysql_select_db($db) or die(mysql_error());
checktable();
mysql_close();
if (isset($_REQUEST['pass_change'])) {
head();
form_password_change();
foot();
}
if (isset($_REQUEST['pass_reset'])) {
if (isset($_REQUEST['password']) && isset($_REQUEST['new_password']) && isset($_REQUEST['verify']) && isset($_REQUEST['user'])) {
mysql_connect($dbserver, $dbuser, $dbpass) or die(mysql_error());
mysql_select_db($db) or die(mysql_error());
$user = $_REQUEST['user'];
$new_password = md5(mysql_real_escape_string($_REQUEST['new_password']));
$insert_password = md5(mysql_real_escape_string($_REQUEST['password']));
$sql_password = mysql_query("SELECT * FROM dbauth_users WHERE password='$insert_password' AND user='$user'") or die(mysql_error());
$result_password = mysql_num_rows($sql_password);
if ($_REQUEST['password'] == "" || $_REQUEST['new_password'] == "" || $_REQUEST['verify'] == "" || $_REQUEST['user'] == "") {
head();
echo '<meta http-equiv="refresh" content="2;url=';
echo strip_ext($redirect);
echo '">';
echo '<strong><font color="red">Please fill out all the form fields.</font></strong><br>';
foot();
mysql_close();
}
else if ($_REQUEST['new_password'] != $_REQUEST['verify']) {
head();
echo '<meta http-equiv="refresh" content="2;url=';
echo strip_ext($redirect);
echo '">';
echo '<strong><font color="red">Your new passwords do not match.</font></strong><br>';
foot();
mysql_close();
}
else if ($result_password == "1") {
mysql_query("UPDATE dbauth_users SET password = '$new_password' WHERE password = '$insert_password' AND user='$user'") or die(mysql_error());
head();
echo '<meta http-equiv="refresh" content="2;url=';
echo strip_ext($redirect);
echo '">';
echo '<strong>You password has been changed.</strong><br>';
foot();
mysql_close();
}
else {
head();
echo '<meta http-equiv="refresh" content="2;url=';
echo strip_ext($redirect);
echo '">';
echo '<strong><font color="red">Your password cannot be verified.</font></strong><br>';
foot();
mysql_close();
}
}
else if (isset($_REQUEST['email'])) {
mysql_connect($dbserver, $dbuser, $dbpass) or die(mysql_error());
mysql_select_db($db) or die(mysql_error());
$base_password = rand(10000000,99999999);
$new_password = md5($base_password);
$email = $_REQUEST['email'];
$insert_email = mysql_real_escape_string($_REQUEST['email']);
$sql_email = mysql_query("SELECT * FROM dbauth_users WHERE email='$insert_email'") or die(mysql_error());
$result_email = mysql_num_rows($sql_email);
if ($result_email == "1") {
mysql_query("UPDATE dbauth_users SET password = '$new_password' WHERE email = '$email'") or die(mysql_error());
$msg = 'Your password has been reset to: ' . $base_password;
mail($email, 'Password Reset', $msg, $headers);
head();
echo '<meta http-equiv="refresh" content="2;url=';
echo strip_ext($redirect);
echo '">';
echo '<strong>You password has been reset. Check your email for the new password.</strong><br>';
foot();
mysql_close();
}
else {
head();
echo '<meta http-equiv="refresh" content="2;url=';
echo strip_ext($redirect);
echo '">';
echo '<strong><font color="red">That email address does not exist!</font></strong><br>';
foot();
}
}
else {
head();
form_password_reset();
foot();
}
}
if (isset($_REQUEST['reg'])) {
mysql_connect($dbserver, $dbuser, $dbpass) or die(mysql_error());
mysql_select_db($db) or die(mysql_error());
$insert_reg = mysql_real_escape_string($_REQUEST['reg']);
$sql_reg = mysql_query("SELECT * FROM dbauth_register WHERE register='$insert_reg'");
$result_reg = mysql_num_rows($sql_reg);
if ($result_reg == "1") {
mysql_query("INSERT INTO dbauth_users (user, email, password) SELECT user, email, password FROM dbauth_register WHERE register='$insert_reg'");
mysql_query("DELETE FROM dbauth_register WHERE register='$insert_reg'");
head();
echo '<meta http-equiv="refresh" content="2;url=';
echo strip_ext($redirect);
echo '">';
echo '<strong>Your account has been registered.</strong><br>';
foot();
mysql_close();
}
}
if ($registration == 1 || isset($_SESSION['install'])) {
if (isset($_REQUEST['email']) && isset($_REQUEST['user']) && isset($_REQUEST['password']) && isset($_REQUEST['verify']) && isset($_REQUEST['create'])) {
mysql_connect($dbserver, $dbuser, $dbpass) or die(mysql_error());
mysql_select_db($db) or die(mysql_error());
$insert_user = mysql_real_escape_string($_REQUEST['user']);
$insert_email = mysql_real_escape_string($_REQUEST['email']);
$insert_pass = md5(mysql_real_escape_string($_REQUEST['password']));
$user_sql = mysql_query("SELECT * FROM dbauth_users WHERE user='$insert_user'");
$user_result = mysql_num_rows($user_sql);
$email_sql = mysql_query("SELECT * FROM dbauth_users WHERE email='$insert_email'");
$email_result = mysql_num_rows($email_sql);
if($user_result == "1"){
head();
echo '<meta http-equiv="refresh" content="2;url=';
echo strip_ext($redirect);
echo '">';
echo '<strong><font color="red">That username already exists!</font></strong><br>';
foot();
mysql_close();
}
else if($email_result == "1"){
head();
echo '<meta http-equiv="refresh" content="2;url=';
echo strip_ext($redirect);
echo '">';
echo '<strong><font color="red">That email address already exists!</font></strong><br>';
foot();
mysql_close();
}
else if ($_REQUEST['password'] != $_REQUEST['verify']) {
head();
echo '<meta http-equiv="refresh" content="2;url=';
echo strip_ext($redirect);
echo '">';
echo '<strong><font color="red">The passwords do not match!</font></strong><br>';
foot();
mysql_close();
}
else if ($_REQUEST['email'] == "") {
head();
echo '<meta http-equiv="refresh" content="2;url=';
echo strip_ext($redirect);
echo '">';
echo '<strong><font color="red">The email cannot be blank!</font></strong><br>';
foot();
mysql_close();
}
else if ($_REQUEST['password'] == "") {
head();
echo '<meta http-equiv="refresh" content="2;url=';
echo strip_ext($redirect);
echo '">';
echo '<strong><font color="red">The password cannot be blank!</font></strong><br>';
foot();
mysql_close();
}
else if ($_REQUEST['user'] == "") {
head();
echo '<meta http-equiv="refresh" content="2;url=';
echo strip_ext($redirect);
echo '">';
echo '<strong><font color="red">The user cannot be blank!</font></strong><br>';
foot();
mysql_close();
}
else {
head();
$reg_string = rand(1000000,9999999) . rand(1000000,9999999) . rand(1000000,9999999);
$time = time();
$regtime = time()+604800;
mysql_query("DELETE FROM dbauth_register WHERE regtime < $time") or die(mysql_error());
mysql_query("INSERT INTO dbauth_register(user, email, password, regtime, register) VALUES('$insert_user', '$insert_email', '$insert_pass', '$regtime', '$reg_string' )") or die(mysql_error());
$msg = 'Your confirmation url is ';
$msg = $msg . strip_ext($redirect) . '?reg=' . $reg_string;
mail($_REQUEST['email'], 'User Registration - Confirmation', $msg, $headers);
echo '<meta http-equiv="refresh" content="2;url=';
echo $_SESSION['referrer'];
echo '">';
echo '<strong>User Created. Please check your email to complete your registration.</strong><br>';
session_unset($_SESSION['install']);
foot();
mysql_close();
}
}
else if (!isset($_REQUEST['user']) && !isset($_REQUEST['password']) && !isset($_REQUEST['verify']) && isset($_REQUEST['create'])) {
head();
form_create();
foot();
}
}
if (!isset($_SESSION['logged_in'])) {
if (isset($_REQUEST['user']) && isset($_REQUEST['password'])) {
mysql_connect($dbserver, $dbuser, $dbpass) or die(mysql_error());
mysql_select_db($db) or die(mysql_error());
$insert_user = mysql_real_escape_string($_REQUEST['user']);
$insert_pass = md5(mysql_real_escape_string($_REQUEST['password']));
$sql_user = mysql_query("SELECT * FROM dbauth_users WHERE user='$insert_user' AND password='$insert_pass'");
$sql_reg = mysql_query("SELECT * FROM dbauth_register WHERE user='$insert_user'");
$result_user = mysql_num_rows($sql_user);
$result_reg = mysql_num_rows($sql_reg);
if($result_user == "1" && $result_reg == "0"){
head();
echo '<meta http-equiv="refresh" content="2;url=';
echo strip_ext($redirect);
echo '">';
echo '<strong>Login & Password Accepted.</strong><br>';
$_SESSION['logged_in'] = 1;
$_SESSION['username'] = $insert_user;
foot();
mysql_close();
}
else if ($result_user == "1" && $result_reg == "1") {
head();
echo '<meta http-equiv="refresh" content="2;url=';
echo strip_ext($redirect);
echo '">';
echo '<strong><font color="red">Your email address has not been validated. Please check your email for the confirmation message.</font></strong><br>';
foot();
mysql_close();

}
else {
head();
echo '<meta http-equiv="refresh" content="2;url=';
echo strip_ext($redirect);
echo '">';
echo '<strong><font color="red">Invalid Login.</font></strong><br>';
foot();
mysql_close();
}
}
else {
head();
form_login();
if ($registration == 1) {
$_SESSION['referrer'] = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
echo '<table><tr><td class="register"><a href="?create">Register</a></td></tr></table>';
}
foot();

}
}
else if (isset($_SESSION['logged_in'])) {
if (isset($_REQUEST['logout'])) {
head();
session_unset($_SESSION['logged_in']);
session_unset($_SESSION['username']);
session_unset($_SESSION['referrer']);
echo '<meta http-equiv="refresh" content="2;url=';
echo strip_ext($redirect);
echo '">';
echo '<strong>Logging Out.</strong><br>';
foot();
}
else {
?>
<style type="text/css">
#logout{position:absolute;right:5px;top:5px;height:12px;width:50px;background:#000000;border:1px solid #000000;padding:0px;font-family:arial;font-size:12px;text-align:center;}
#logout a{display:block;color:#FFFFFF;text-decoration:none;background:transparent;}
#logout a:hover{display:block;color:#000000;text-decoration:none;background:#FFFFFF;}
</style>
<div id="logout">
<a class="logout" href="?logout">Logout</a>
</div>
<?
}
}
?>

Agradezco vuestra ayuda,
Saludos,