Hi Anoop.
You would have to create a table for the user names, which should be a unique field, and the password, which should be hashed. This table can obviously have more fields if you want it to.
The password field should not contain the actual password, but rather a hashed version. This is for security reasons, so nobody, not even you, can steal the passwords (without a huge effort at least). Not even if they manage to steal the server computer!
So assuming you use MySQL the table could look like this:
-
CREATE TABLE `User` (
-
UserID Int Unsigned Auto_Increment Not Null,
-
UserName VarChar(150) Not Null UNIQUE,
-
Password Char(40) Not Null
-
)
-
So then when you insert a user into the database, you could do something like this:
-
INSERT INTO `User` (UserName, Password)
-
VALUES('username', SHA('password'))
-
And to validate a user you could execute a query like this:
-
SELECT UserID FROM `User`
-
WHERE UserName = 'username' AND Password = SHA('password');
-
If that returns a single row, your user is valid. If it returns no rows your user is invalid.
Hope this helps you.