 Simple User System, php, mysql driven |
|
|
|
|
  |
 Mar 18 2007, 08:30 PM
Post
#1
|
|
|
Member [Level 1]  Group: Members Posts: 53 Joined: 24-February 07 From: Latvia Member No.: 39,133  |
Hey!
Maybe you've seen my other tutorials...or my signature.. Anyways I'm going to show you how to make a system so users of your site could register accounts and you could have protected - user only - pages on your site  Ok, so we start by creating a config.php file. CODE <?php $dbhost = 'database host'; $dbname = 'database name'; $dbusername = 'database username'; $dbuserpass = 'database password'; mysql_connect ($dbhost, $dbusername, $dbuserpass); mysql_select_db($dbname) or die('Cannot select database'); ?> Fill in the values of your host and upload it. Here are querie to run in PHPmyadmin SQL CREATE TABLE `users` ( `id` INT( 11 ) NOT NULL AUTO_INCREMENT , `username` VARCHAR( 255 ) NOT NULL , `password` VARCHAR( 255 ) NOT NULL , PRIMARY KEY ( `id` ) ) TYPE = MYISAM ; Next, lets create index.php. CODE <?php //start the session so you would stay logged in //always must be on top session_start(); //include config.php file include('config.php'); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>The site</title> </head> <body> <center><a href="?p=idx">Home</a> - <a href="?p=page">Protected page</a> <?php $p=$_GET['p']; //see my ?id= browsing tutorial switch($p){ default: //if user isn't logged in lets show him the log in form if(!isset($_SESSION['username'])){ ?> <form action='login.php' method='POST'> Username: <input type='text' name='username'><br> Password: <input type='password' name='password'><br> <input name="login" type="submit" value="Submit"><br> Not <a href="register.php">registered</a>? </form> <?} else{ //$_SESSION['username'] = the current users //username. It will be echoed like "Hi, user!" echo "<br><br>Hi, ".$_SESSION['username']."!"; echo "<a href='logout.php'>Log out</a>";} break; case 'page': //you can use it like this or use include() if(!isset($_SESSION['username'])){ echo '<br><br>Log in to see this page!';}else{ echo '<br><br>Only user who is logged in can see this!..and you see this so this means you are logged in;]'; } } ?> </center> </body> </html> You see the explanations in the code. Now we need a file that will log the user in, right? Right! Create a file called login.php CODE <?php //start session and include conf... session_start(); include'config.php'; //get the variables from form and adding some little security $submit=$_POST['login']; $username = mysql_real_escape_string(strip_tags(htmlspecialchars($_POST['username']))); $password = md5($_POST['password']); //if submit button is pressed if ($submit){ if((!$username) || (!$password) || ($username=='') || ($password=='')){ header("Refresh: 2;".$_SERVER['HTTP_REFERER']); echo'<center>Please enter both - username and password!</center>'; } //lets see if the user exists by making a query which selects //submitted username and password from the database //and the we use mysql_num_rows() to count the results returned //if there is a user with a username and password like that $c will be 1 //as it will be counted otherwise it'll stay 0. $sql=mysql_query("SELECT * FROM `users` WHERE `username` = '".$username."' AND `password`= '".$password."'") OR die(mysql_error()); $c=mysql_num_rows($sql); if($c>0){ $r=mysql_fetch_array($sql); //set $_SESSION['username'] to the username from database $_SESSION['username'] = $r['username']; header("Refresh: 2; url=index.php?i=idx"); echo'<center>Login successfull!</center>'; //else, if there werent any records found show an error and //return the user to index. }else{ header("Refresh: 2; url=index.php?i=idx"); echo "<center>You couldn't be logged in!</center>"; }} ?> Ok, so the user is logged in, everything's fine ... but uh-oh...how can user log in if he's not registered ?  make a file called register.php CODE <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Register!</title> </head> <body> <form action='<?=$_SERVER['PHP_SELF']?>' method='POST'> Username: <input type='text' name='username'><br> Password: <input type='password' name='password'><br> <input name="register" type="submit" value="Submit"> </form> <?php include('config.php'); ///variables... $submit=$_POST['register']; $username = mysql_real_escape_string(strip_tags(htmlspecialchars($_POST['username']))); $password = md5($_POST['password']); //if button is pressed if($submit){ //if username is not blank..same for pass if(($username) and ($password) and ($username!==NULL) and ($password!==NULL)){ $sql="INSERT INTO `users` (`id`,`username`,`password`) VALUES ('NULL','".$username."','".$password."')"; mysql_query($sql) or die(mysql_error()); echo "Congratulations! You are registered!<br><a href='index.php'>Log in</a>"; } } ?> </body> </html> and the logout.php CODE <? session_start(); $_SESSION = array(); header("Location: index.php"); ?> I'll add some more explanations later...don't have time now sorry. But you have the code...and if you have questions - ask. Preview |
 |
 
|
|
Mar 22 2007, 03:04 PM
Post
#2
|
|
|
Advanced Member Group: Members Posts: 144 Joined: 22-March 07 Member No.: 40,472 |
nice tutorial
allot of comments i like it |
|
|
|
|
Mar 22 2007, 06:39 PM
Post
#3
|
|
|
Newbie [Level 1] Group: Members Posts: 21 Joined: 20-March 07 Member No.: 40,392 |
nice tut indeed, really good, maybee i can use it. One question, is it possible, when you already have a forum, that u can make a quick login on your main page so you can login for the forum.. ? <-- bit vague I think?
 when u dont get it say it, dont really know how to say it in english 
|
|
|
|
|
Mar 22 2007, 07:04 PM
Post
#4
|
|
|
Member [Level 1] Group: Members Posts: 53 Joined: 24-February 07 From: Latvia Member No.: 39,133 |
Well, I can show you how to make so you can have a little login form in your site that will log you in to forums, but it wont log you into the site...
If it's MYbb maybe I could make you a site you can but...yeah..
|
|
|
|
|
Apr 1 2007, 10:41 PM
Post
#5
|
|
|
Newbie [Level 2] Group: Members Posts: 36 Joined: 27-December 05 Member No.: 16,252 |
Not a bad code. Could be very useful to the users that are new to PHP.
|
|
|
|
 Apr 13 2007, 06:00 PM
Post
#6
|
|
|
Super Member Group: Members Posts: 292 Joined: 27-January 07 From: Winter is cold here. Member No.: 37,984  |
In register.php-
QUOTE <form action='<?=$_SERVER['PHP_SELF']?>' method='POST'> Could i change the form action to register.php, and make the php code register.php and the HTML code to index.php?id=register? I think that would work... But just checking first. This post has been edited by Imtay22: Apr 13 2007, 06:01 PM |
|
|
|
|
Apr 13 2007, 06:44 PM
Post
#7
|
|
|
A computer once beat me at chess, but it was no match for me at kick boxing.  Group: [MODERATOR] Posts: 3,882 Joined: 24-July 05 From: In Trouble Again... still? Member No.: 9,787 |
QUOTE <form action='<?=$_SERVER['PHP_SELF']?>' method='POST'> Php replaces the $_SERVER['PHP_SELF'] with register.php, so that would not be required. And I think keeping the register script separate from the index.php is a good thing. It modularizes the code so that the Index page is cleaner and the register script is separate, so any changes to it are easier to figure. Just my take on it. You would need to adjust the index page to cause the register script to be called if you make the changes you are considering. |
|
|
|
|
Apr 14 2007, 02:21 PM
Post
#8
|
|
|
Super Member Group: Members Posts: 292 Joined: 27-January 07 From: Winter is cold here. Member No.: 37,984 |
Okay thank you Jim. I was just wondering...
|
|
|
|