Here’s the register form. This can be any file extension you like. I’d recommend calling it register.html.
CODE
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Register</title>
</head>
<body>
<h1>Register</h1>
<table><tr>
<form action=register.php method=post>
<td width="81">Username:</td>
<td width="247"><input name="username" size="30" autocomplete="off" value="" type="text" /></td>
</tr><tr>
<td>Password:</td>
<td><input name="password" size="30" type="password" /></td>
</tr>
<tr>
<td>First Name:</td>
<td><input name="firstname" size="30" type="text" /></td>
</tr>
<tr>
<td>Last Name:</td>
<td><input name="lastname" size="30" type="text" /></td>
</tr>
<tr>
<td>Age:</td>
<td><input name="age" size="30" maxlength="2" /></td>
</tr>
</table>
<p><input type="submit" class="button" value="Register" /></p>
</form>
</body>
</html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Register</title>
</head>
<body>
<h1>Register</h1>
<table><tr>
<form action=register.php method=post>
<td width="81">Username:</td>
<td width="247"><input name="username" size="30" autocomplete="off" value="" type="text" /></td>
</tr><tr>
<td>Password:</td>
<td><input name="password" size="30" type="password" /></td>
</tr>
<tr>
<td>First Name:</td>
<td><input name="firstname" size="30" type="text" /></td>
</tr>
<tr>
<td>Last Name:</td>
<td><input name="lastname" size="30" type="text" /></td>
</tr>
<tr>
<td>Age:</td>
<td><input name="age" size="30" maxlength="2" /></td>
</tr>
</table>
<p><input type="submit" class="button" value="Register" /></p>
</form>
</body>
</html>
Now create a MySQL database. Then create a file that will be called
CODE
mysql-connect.php
. Here is the file:CODE
<?php
$con = mysql_connect("DB_HOST","DB_USER","DB_PASS");
mysql_select_db("DB_NAME", $con);
?>
$con = mysql_connect("DB_HOST","DB_USER","DB_PASS");
mysql_select_db("DB_NAME", $con);
?>
Replace DB_HOST with the host of your database. This is usually “localhost”, but some hosts differ. Replace DB_USER with the username for your database, and DB_PASS with the password of your database and then replace DB_NAME with the name of your database. Enough with this file, let’s get onto the actual registration script. Save this as
CODE
register.php
.CODE
<?php
include 'mysql-connect.php';
$username = $_POST['username'];
$password = $_POST['password'];
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$age = $_POST['age'];
$ip = $_SERVER['REMOTE_ADDR'];
$result = mysql_num_rows(mysql_query("SELECT * FROM TABLENAME WHERE username='$username'"));
if($result == 1)
{
echo ‘<h1>ERROR!</h1>The username you have chosen already exists!’;
}
else
{
mysql_query("INSERT INTO TABLENAME (username, password, firstname, lastname, age, ip)
VALUES ('$username', '$password', '$firstname', '$lastname', '$age', '$ip')");
echo '
<p>Congratulations! You have successfully registered! </p>
<p>Click <a href="login.php">here</a> to login.</p>‘;
?>
include 'mysql-connect.php';
$username = $_POST['username'];
$password = $_POST['password'];
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$age = $_POST['age'];
$ip = $_SERVER['REMOTE_ADDR'];
$result = mysql_num_rows(mysql_query("SELECT * FROM TABLENAME WHERE username='$username'"));
if($result == 1)
{
echo ‘<h1>ERROR!</h1>The username you have chosen already exists!’;
}
else
{
mysql_query("INSERT INTO TABLENAME (username, password, firstname, lastname, age, ip)
VALUES ('$username', '$password', '$firstname', '$lastname', '$age', '$ip')");
echo '
<p>Congratulations! You have successfully registered! </p>
<p>Click <a href="login.php">here</a> to login.</p>‘;
?>
OK, let’s break this down:
CODE
include 'mysql-connect.php';
Include the database connection file.
CODE
$username = $_POST['username'];
$password = $_POST['password'];
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$age = $_POST['age'];
$ip = $_SERVER['REMOTE_ADDR'];
$password = $_POST['password'];
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$age = $_POST['age'];
$ip = $_SERVER['REMOTE_ADDR'];
This part gets all of the variables: username, password, first name, last name, age and ip address.
CODE
$result = mysql_num_rows(mysql_query("SELECT * FROM TABLENAME WHERE username='$username'"));
This checks to see if the username already exists in the database. Make sure you change “TABLENAME” to the name of the table in which the user information is stored.
CODE
if($result == 1)
{
echo ‘<h1>ERROR!</h1>The username you have chosen already exists!’;
}
else
{
mysql_query("INSERT INTO TABLENAME (username, password, firstname, lastname, age, ip)
VALUES ('$username', '$password', '$firstname', '$lastname', '$age', '$ip')");
echo '
<p>Congratulations! You have successfully registered! </p>
<p>Click <a href="login.php">here</a> to login.</p>‘;
{
echo ‘<h1>ERROR!</h1>The username you have chosen already exists!’;
}
else
{
mysql_query("INSERT INTO TABLENAME (username, password, firstname, lastname, age, ip)
VALUES ('$username', '$password', '$firstname', '$lastname', '$age', '$ip')");
echo '
<p>Congratulations! You have successfully registered! </p>
<p>Click <a href="login.php">here</a> to login.</p>‘;
If the username already exists, display an error message, and if not, insert the user information into the database and display a login link. Make sure you change “TABLENAME” to the name of the table in which the user information is stored. Now onto the login form. This is quite simple. Just save it as login.php.
CODE
<html>
<head>
<title>Login</title>
</head>
<body>
<form name="login" action="login2.php" method="post">
<table align="center"><tr>
<td class="title">Username</td>
<td><input name="user" size="30" autocomplete="off" value="" type="text" /></td>
</tr><tr>
<td class="title">Password</td>
<td><input name="pass" size="30" type="password" /></td>
</tr></table>
<p style="text-align:center;"><input type="submit" class="button" value="Login" /></p></form>
</body>
</html>
<head>
<title>Login</title>
</head>
<body>
<form name="login" action="login2.php" method="post">
<table align="center"><tr>
<td class="title">Username</td>
<td><input name="user" size="30" autocomplete="off" value="" type="text" /></td>
</tr><tr>
<td class="title">Password</td>
<td><input name="pass" size="30" type="password" /></td>
</tr></table>
<p style="text-align:center;"><input type="submit" class="button" value="Login" /></p></form>
</body>
</html>
Basically, that asks for username and password, and sends them to another file called
CODE
login2.php
which we shall move onto now…CODE
<?php
include 'mysql-connect.php';
$username = $_POST['user'];
$password = $_POST['pass'];
$query1 = mysql_query("SELECT * FROM TABLENAME WHERE username='$username'");
$result = mysql_num_rows($query1);
if($result == 0)
{
include '<h1>Error!</h1>The username you specified does not exist!';
}
else
{
$checkuser = mysql_query("SELECT * FROM TABLENAME WHERE username='$username'");
$row = mysql_fetch_array($checkuser);
$password2 = $row['password'];
$status = $row['status'];
if ($password == $password2)
{
//PUT PASSWORD PROTECTED INFORMATION HERE
}
else
{
echo '<h1>Error!</h1>The username and password combination you entered does not match the ones we have in the database.';
}
}
?>
include 'mysql-connect.php';
$username = $_POST['user'];
$password = $_POST['pass'];
$query1 = mysql_query("SELECT * FROM TABLENAME WHERE username='$username'");
$result = mysql_num_rows($query1);
if($result == 0)
{
include '<h1>Error!</h1>The username you specified does not exist!';
}
else
{
$checkuser = mysql_query("SELECT * FROM TABLENAME WHERE username='$username'");
$row = mysql_fetch_array($checkuser);
$password2 = $row['password'];
$status = $row['status'];
if ($password == $password2)
{
//PUT PASSWORD PROTECTED INFORMATION HERE
}
else
{
echo '<h1>Error!</h1>The username and password combination you entered does not match the ones we have in the database.';
}
}
?>
Let’s break this file down aswell.
CODE
$username = $_POST['user'];
$password = $_POST['pass'];
$password = $_POST['pass'];
This grabs the username and password that they entered.
CODE
$query1 = mysql_query("SELECT * FROM TABLENAME WHERE username='$username'");
$result = mysql_num_rows($query1);
$result = mysql_num_rows($query1);
This checks to see if the user exists in the database. Make sure you change “TABLENAME” to the name of the table in which the user information is stored.
CODE
if($result == 0)
{
include '<h1>Error!</h1>The username you specified does not exist!';
}
{
include '<h1>Error!</h1>The username you specified does not exist!';
}
If not, display an error message.
CODE
else
{
$checkuser = mysql_query("SELECT * FROM TABLENAME WHERE username='$username'");
$row = mysql_fetch_array($checkuser);
{
$checkuser = mysql_query("SELECT * FROM TABLENAME WHERE username='$username'");
$row = mysql_fetch_array($checkuser);
If the user does exist, get the information stored in the database about that user. Make sure you change “TABLENAME” to the name of the table in which the user information is stored.
CODE
$password2 = $row['password'];
Get the user’s password.
CODE
if ($password == $password2)
{
//PUT PASSWORD PROTECTED INFORMATION HERE
}
{
//PUT PASSWORD PROTECTED INFORMATION HERE
}
If the password in the database matches the one they entered, display password protected information.
CODE
else
{
echo '<h1>Error!</h1>The username and password combination you entered does not match the ones we have in the database.';
}
}
{
echo '<h1>Error!</h1>The username and password combination you entered does not match the ones we have in the database.';
}
}
If not, display yet another error message.
OK, that’s the script. Hope you liked it. It was for a website I was making but I have no need for it anymore, so I thought I would post it here so that other people can learn from it.
This /should/ work, but if it doesn't, just let me know and I can advise you on what is wrong and can edit it. We can ALL learn from our mistakes.
