A Php Loginscript For Your Site

A Php Loginscript For Your Site

Open Discussion

Free Web Hosting, No Ads Portal

Free Web Hosting

Welcome Guest ( Log In | Register)

Open Discussion > CONTRIBUTE > Tutorials

2 Pages

1 2 >

Reply to this topic

Start new topic

A Php Loginscript For Your Site, For everybody

sachavdk View Member Profile Find Member's Posts	Jul 22 2005, 02:09 PM Post #1
Member [Level 1] Group: Members Posts: 62 Joined: 11-July 05 Member No.: 9,266	Many people want to make logins to their site. The easiest way to do this is using PHP. I will describe here all steps creating one. You can copy and paste the code and save it as the name of the file given above the code. Save everything in the same directory. NOTE: However the code can be copied its still no basic php anymore. If you have questions you can ask them but a little knowledge of php is useful. First of all we need to make a login form. This can be an htmlpage. We are going to ask the user for his username and his password. File is named: "login.html" CODE <html> <head><title>My website</title></head> <body> <form action="login.php" method="post"> <!-- action will be the url where the form is posted to, it can be a page (http://yourdomain/login.php) or a page with variables (http://yourdomain/?page=login) for examle. The method is the way the form is submitted. Using GET the form will be submitted using the addressbar and all values will be visible. Since we're sending a password this is defenetly not what we want. That's why we're going to use POST. Post sends the form in an "invisible" way. This means the input can not be viewed by the user. This way of sending can still be hacked but in your case it is probably not important enough to do so. --> <h1>Login</h1> Username: <input type="textbox" name="username"><br> Password: <input type="password" name="password"><br> <input type="submit" value="Login!" name="submit"><br> No an account yet? <a href="register.html">Register</a> </form> </body> </html> That was pretty easy. Now I'm expecting you have your database set up (I use MySQL with these scripts). If not do this now. You will need a table named "tblusers" with fields: * ID, Integer, Null, auto_increment, primary key * Username, Text * Password, Text In the example I will use the following script included in every script so I will have to declare only once my database login settings. Change the settings below to yours. Page is named: "DatabaseConfig.php" CODE <?php // every var gets a prefix "db_" do declare its about the database connection later $db_username="username"; //database username $db_password="password"; //database password $db_host="localhost"; //host of your database $db_database="dbmylogin"; //database name $db_table="tblusers"; // tablename $db_conn = mysql_connect($db_host,$db_username,$db_password) or die (mysql_error()); $db_conn = @mysql_select_db($db_database,$db_conn) or die (mysql_error()); // using the "@" gives a secure connection ?> Thats it for the database. You see this makes things a lot easier. People want to register on your site before they can login. Here's the registration form: Page is named: "register.html" CODE <html> <head><title>My website - Registration</title></head> <body> <form action="registration.php" method="post"> <h1>Registration</h1> Desired username: <input type="textbox" name="username"><br> Desired password: <input type="password" name="password"><br> <input type="submit" value="Register!" name="submit"> <input type="button" value="Login" onClick="javascript:window.location='login.html'"> </form> </body> </html> That's the registration form. Now we have the registration script wich is going to validate username if it exists and if not, register it. Page is named: "registration.php" CODE <?php session_start(); if (!isset($_POST["submit"])) // checks wheter the page is called using the registration form { // it is not called using the registration form header("Location:register.html"); // the script sends the user to the registration page } else { // it is called using the registration form if ($_POST["username"] == NULL \|\| $_POST["password"] == NULL) // check wheter both username and password are filled { // one of the two is not filled echo "<font color=\"red\">Not all fields were filled. Please go <a href=\"javascript:history.back(1)\">back</a> and fill them</font>"; } else { // they are both filled, check wheter the username exists in the database // remember we made "DatabaseConfig.php"? Here it will be included so connection is made with the database. include("DatabaseConfig.php"); // now its simple, otherwise we had to make connection everytime with much more code. $usernameexists = mysql_query("SELECT ID FROM tblusers WHERE username='".$_POST["username"]."'") or die (mysql_error()); if (mysql_num_rows($usernameexists) != 0) { // user exists echo "<font color=\"red\">User exists. Please go <a href=\"javascript:history.back(1)\">back</a> and chose another username.</font>"; } else { // user doesn't exists $add_user = mysql_query("INSERT INTO tblusers (username,password) VALUES ('".$_POST["username"]."','".$_POST["password"]."')"); if ($add_user) { // user is succesfully added echo "<font color=\"red\">You are succesfully registered. You can now <a href=\"login.html\">login</a></font>"; } else { // error occurd echo "<font color=\"red\">An error occurd. Please go <a href=\"javascript:history.back(1)\">back</a> and try again.</font>"; } } // don't forget to close the database connection when you don't need it anymore mysql_close(); } } ?> End of registrationscript Loginscript Page is named: "login.php" CODE <?php session_start(); if (!isset($_POST["submit"])) // checks wheter the page is called using the login form { // it is not called using the registration form header("Location:login.html"); // the script sends the user to the registration page } else { // login form is used, continue with login if ($_POST["username"] == NULL \|\| $_POST["password"] == NULL) // check wheter both username and password are filled { // one of the two is not filled echo "<font color=\"red\">Not all fields were filled. Please go <a href=\"login.html\">back</a> and fill them</font>"; } else { // they are both filled, check wheter the username and password exists in the database, password must be for the same user // remember we made "DatabaseConfig.php"? Here it will be included so connection is made with the database. include("DatabaseConfig.php"); // now its simple, otherwise we had to make connection everytime with much more code. $usernameexists = mysql_query("SELECT ID FROM tblusers WHERE username='".$_POST["username"]."' && password='".$_POST["password"]."'") or die (mysql_error()); if (mysql_num_rows($usernameexists) != 0) { // user exists $_SESSION["mywebsite_userid"] = mysql_result($usernameexists,'',"ID"); ?> <font color="red">You are successfully logged in.</font><br> Go to the secret page: <a href="secret.php">Secret page</a> <?php } else { // user doesn't exists echo "<font color=\"red\">Wrong combination username/password. <a href=\"login.html\">Try login again</a> or <a href=\"register.html\">register</a></font>"; } // don't forget to close the database connection when you don't need it anymore mysql_close(); } } ?> that's the loginscript Now the last script we need is the one who takes care on the secured pages to see if you are logged in. And this is the script to check if you're logged in: It's named "checklogged.php" CODE <?php session_start(); if (!isset($_SESSION["mywebsite_userid"])) { // visitor is not logged in echo "You need to be logged in to see this page. <a href=\"login.html\">Login</a> or <a href=\"register.html\">register an account</a></font>"; die(); } echo "<a href=\"logout.php\">Logout</a><br>"; ?> You use following piece of code in every page you want to secure a page. Just set it in the very top of your script. EVERY PAGE YOU WANT TO SECURE MUST BE A PHP SCRIPT!!! CODE <?php include("checklogged.php"); ?> And ofcourse we need a logout script: Page is named: "logout.php" CODE <?php session_destroy(); echo "You are logged out. <a href=\"login.html\">Login</a>." echo $_SESSION["mywebsite_userid"]; ?> Now that's all. Since I don't know what problems you might have just put them here. PS: for people who don't know php, you can't test it on you pc unless you have a server running on it. But you can test it on trap17. But nevertheless you will have to create you database. You can do that accessing your control panel and go to "MySQL Databases" and create one there. I'm not used to it on trap17 but I think there are people who will help you with that using this topic. The structure and the name of the table you find some higher on this page. Of course then you have to edit the DatabaseConfig.php script with your settings. PPS: important is that posting this in this topic the structure of the code when you past it isn't correct anymore. If you want to use the script simply download the attachment. It's my working script. (list)

Saint_Michael View Member Profile Find Member's Posts	Jul 22 2005, 08:46 PM Post #2
$p4m 0n j00 $h4m3 m3 0nc3 $p4m 0n m3 $h4m3 m3 7\/\/1c3 Group: [HOSTED] Posts: 6,560 Joined: 21-September 04 From: 9r33\|\\| 399$ 4\|\\|D 5P4/\/\ Member No.: 1,218	good but can i add something i did some modifying for the ipb forum login scripts its just a simple way to have people login on o the forums with out need to login through them QUOTE <script language='JavaScript' type="text/javascript"> <!-- function ValidateForm() { var Check = 0; if (document.LOGIN.UserName.value == '') { Check = 1; } if (document.LOGIN.PassWord.value == '') { Check = 1; } if (Check == 1) { alert("Please enter your name and password before continuing"); return false; } else { document.LOGIN.submit.disabled = true; return true; } } //--> </script> [color]<form action="http://www.trap17.com/forums/index.php?act=Login&CODE=01" method="post" name="LOGIN" onsubmit="return ValidateForm()"> <input type="hidden" name="referer" value="http://www.trap17.com/forums/index.php?amp;act=Login&CODE=01" />[/color] <div class="borderwrap"> <div class="row1"> <div class="maintitle"><img src='style_images/vizion/nav_m.gif' border='0' alt='>' width='8' height='8' /> Log In to Trap17.com</div> <table cellspacing="1"> <tr> <td width="60%" valign="top"> <table cellspacing="1"> <tr><td width="50%"><b>Enter your user name</b></td> <td width="50%"><input type="text" size="10" maxlength="64" name="UserName" class="forminput" /></td> </tr> <tr> <td width="50%"><b>Enter your password</b></td> <td width="50%"><input type="password" size="10" name="PassWord" class="forminput" /></td> </tr> </table> <table cellspacing="1"> <tr> <td width="10%"><input type="checkbox" name="CookieDate" value="1" checked="checked" /></td> <td width="90%"><b>Remember me?</b><br /><span class="desc">This is not recommended for shared computers</span></td> </tr> <tr> <td width="10%"><input type="checkbox" name="Privacy" value="1" /></td> <td width="90%"><b>Log in as invisible</b><br /><span class="desc">Don't add me to the active users list</span></td> </tr> </table> </td> </tr> <tr> <td class="formbuttonrow" colspan="2"><input class="button" type="submit" name="submit" value="Log me in" /></td> </tr> </table> </div> </div> </form> the olny thing you have to do is change the url info colored in red, i havn't test it to see if the cookies work but you can successfully login. (list)

thebluekirby View Member Profile Find Member's Posts	Jul 22 2005, 09:01 PM Post #3
Super Member Group: Members Posts: 421 Joined: 17-January 05 From: Somewhere over the rainbow Member No.: 3,317	YES!!! This is like....the exact script I was looking for!!! Thank you SOO much for posting this!!! (list)

sachavdk View Member Profile Find Member's Posts	Jul 22 2005, 10:44 PM Post #4
Member [Level 1] Group: Members Posts: 62 Joined: 11-July 05 Member No.: 9,266	QUOTE(Saint_Michael @ Jul 22 2005, 10:46 PM) good but can i add something i did some modifying for the ipb forum login scripts its just a simple way to have people login on o the forums with out need to login through them the olny thing you have to do is change the url info colored in red, i havn't test it to see if the cookies work but you can successfully login. I did test it neither but it looks great. Though I won't use it because I wrote my own forum and I do not use ipb nor phpBB . Nevertheless people who use ipb will appreciate it I think. (list)

Artanis View Member Profile Find Member's Posts	Jul 23 2005, 06:01 AM Post #5
Member [Level 2] Group: Members Posts: 79 Joined: 18-June 05 Member No.: 8,385	Hmm thanks i been looking for login for php and html on google but they jsut give ma useless code that doesnt work. (list)

electriic ink View Member Profile Find Member's Posts	Jul 23 2005, 06:06 AM Post #6
Incest is a game the whole family can play. Group: [MODERATOR] Posts: 1,223 Joined: 11-February 05 From: Heaven Member No.: 3,709	Thanks so much for this sachavdk. This is exactly the kind of script I've been hunting the web for (list)

Saint_Michael View Member Profile Find Member's Posts	Jul 23 2005, 08:47 PM Post #7
$p4m 0n j00 $h4m3 m3 0nc3 $p4m 0n m3 $h4m3 m3 7\/\/1c3 Group: [HOSTED] Posts: 6,560 Joined: 21-September 04 From: 9r33\|\\| 399$ 4\|\\|D 5P4/\/\ Member No.: 1,218	actually it should be universal, all your doing is changing the url info, so it shouold work for all forums. (list)