Instead of using lots of echos. Why not do 1 command all at once.
E.G
[php]
echo "<form action='myphpfile.php' method='POST'>formcode</form>";
[/php]
Just a little tip, but doesn't make much difference.
|
|
01-15-2009, 11:47 PM
I am going to show you how to make a simple membership system. This included, registering for an account, logging in, security for pages, and logging out.
Now shall we begin? I say yes!
Our database will be setup like the following:
Breakdown:Code:CREATE TABLE IF NOT EXISTS `users` ( `user_id` int(11) NOT NULL auto_increment, `username` varchar(225) NOT NULL default '', `password` varchar(225) NOT NULL default '', `email` varchar(225) NOT NULL default '', PRIMARY KEY (`user_id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1;
user_id is the default value that keeps track of users.
username is the users log in name.
password is the users log in password.
email is the users email, so in later versions of the member system, a forgot password can be added.
Our 1st bit of code will be a file named conf.inc.php. This file holds all of our mysql and function data, so we don’t have to enter it over and over.
Breakdown:Code:<?php $db_user = ""; // Username $db_pass = ""; // Password $db_database = ""; // Database Name $db_host = ""; // Server Hostname $db_connect = mysql_connect ($db_host, $db_user, $db_pass); // Connects to the database. $db_select = mysql_select_db ($db_database); // Selects the database. function form($data) { // Prevents SQL Injection global $db_connect; $data = ereg_replace("[\'\")(;|`,<>]", "", $data); $data = mysql_real_escape_string(trim($data), $db_connect); return stripslashes($data); } ?>
The 1st part is all the mySQL information in order to view and insert data.
The 2nd part prevents SQL injection, so people cant gain unauthorized access.
Our next file will be register.php, it will allow users to register an account so they may login and view parts of the website that others cant.
Breakdown:Code:<?php include("conf.inc.php"); // Includes the db and form info. if (!isset($_POST['submit'])) { // If the form has not been submitted. echo "<form action=\"register.php\" method=\"POST\">"; echo "<table>"; echo "<tr>"; echo "<td colspan=\"2\">Register:</td>"; echo "</tr>"; echo "<tr>"; echo "<td width=\"50%\">Username:</td><td width=\"50%\"><input name=\"username\" size=\"18\" type=\"text\" />"; echo "</tr>"; echo "<tr>"; echo "<td width=\"50%\">Password:</td><td width=\"50%\"><input name=\"password\" size=\"18\" type=\"text\" />"; echo "</tr>"; echo "<tr>"; echo "<td width=\"50%\">Email:</td><td width=\"50%\"><input name=\"email\" size=\"18\" type=\"text\" />"; echo "</tr>"; echo "<tr>"; echo "<td colspan=\"2\"><input type=\"submit\" name=\"submit\" value=\"submit\"</td>"; echo "</tr>"; echo "</table>"; echo "</form>"; } else { // The form has been submitted. $username = form($_POST['username']); $password = md5($_POST['password']); // Encrypts the password. $email = form($_POST['email']); if (($username == "") || ($password == "") || ($email == "")) { // Checks for blanks. exit("There was a field missing, please correct the form."); } $q = mysql_query("SELECT * FROM `users` WHERE username = '$username' OR email = '$email'") or die (mysql_error()); // mySQL Query $r = mysql_num_rows($q); // Checks to see if anything is in the db. if ($r > 0) { // If there are users with the same username/email. exit("That username/email is already registered!"); } else { mysql_query("INSERT INTO `users` (username,password,email) VALUES ('$username','$password','$email')") or die (mysql_error()); // Inserts the user. header("Location: login.php"); // Back to login. } } mysql_close($db_connect); // Closes the connection. ?>
We 1st include the database details and make sure the form has not been submitted. If it has not been submitted then we display the register form.
If the form is submitted, we make some variables so we can incorporate the form() function.
We then make sure that the users email or user name are not already in the database.
Then we insert the user into the database and redirect them to the login page.
The next page is login.php.
Breakdown:Code:<?php include("conf.inc.php"); // Includes the db and form info. session_start(); // Starts the session. if ($_SESSION['logged'] == 1) { // User is already logged in. header("Location: index.php"); // Goes to main page. exit(); // Stops the rest of the script. } else { if (!isset($_POST['submit'])) { // The form has not been submitted. echo "<form action=\"login.php\" method=\"POST\">"; echo "<table>"; echo "<tr>"; echo "<td colspan=\"2\">Login:</td>"; echo "</tr>"; echo "<tr>"; echo "<td width=\"50%\">Username:</td><td width=\"50%\"><input name=\"username\" size=\"18\" type=\"text\" />"; echo "</tr>"; echo "<tr>"; echo "<td width=\"50%\">Password:</td><td width=\"50%\"><input name=\"password\" size=\"18\" type=\"text\" />"; echo "</tr>"; echo "<tr>"; echo "<td colspan=\"2\"><input type=\"submit\" name=\"submit\" value=\"submit\"</td>"; echo "</tr>"; echo "</table>"; echo "</form>"; } else { $username = form($_POST['username']); $password = md5($_POST['password']); // Encrypts the password. $q = mysql_query("SELECT * FROM `users` WHERE username = '$username' AND password = '$password'") or die (mysql_error()); // mySQL query $r = mysql_num_rows($q); // Checks to see if anything is in the db. if ($r == 1) { // There is something in the db. The username/password match up. $_SESSION['logged'] = 1; // Sets the session. header("Location: index.php"); // Goes to main page. exit(); // Stops the rest of the script. } else { // Invalid username/password. exit("Incorrect username/password!"); // Stops the script with an error message. } } } mysql_close($db_connect); // Closes the connection. ?>
1st we include the db and function file, and start the session, telling the browser that sessions will be used.
We then make sure the form has not been submitted in order to show the login form.
If the form has been submitted we make 2 variables for user name and password. We encrypt the password with md5() so it is a bit more secure. (To all those who are experts in PHP, you would normally salt a password to make it harder to crack, but for beginners stick with md5())
We then have a query checking the database if any users match the use rname and password, and if there are matches it will be counted in $r.
If there are matches we set a login session.
Now we will make logout.php.
Breakdown:Code:<?php session_unset(); // Destroys the session. header("Location: login.php"); // Goes back to login. ?>
We destroy all sessions and forward the user to the login page.
And last but not least, the page where you want only logged in users to view.
Breakdown:Code:<?php include("conf.inc.php"); // Includes the db and form info. session_start(); // Starts the session. if ($_SESSION['logged'] != 1) { // There was no session found! header("Location: login.php"); // Goes to login page. exit(); // Stops the rest of the script. } echo "This is the main page!"; echo "<br />"; echo "<a href=\"logout.php\">Logout?</a>" ?>
We include the config page.
Check to see if the logged in session is set, otherwise forward user to login page.
Allow the user to log out if needed.
Well thats the basic member system
Thanks to velocity(not allowed to post website).
I dont own any code
IF you are gonna expand please release it to the community as it will be helpful and people might point out stuff that you have not noticed
Instead of using lots of echos. Why not do 1 command all at once.
E.G
[php]
echo "<form action='myphpfile.php' method='POST'>formcode</form>";
[/php]
Just a little tip, but doesn't make much difference
and the password should be like that becouse it will make it so that there is no html in the user submitted information.$username = htmlspecialchars($username);
$pass = mysql_real_escape_string($input);Originally Posted by Ikin
$pass = strip_tags($input);
That way, its impossible to sql inject, and all html tags are removed, if you jsut do html specialchars() It will just remove the HTML characters? amirite.
do it yourself
how to i add login.php in this scrip i get all the time erros
Code:<html><head> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1"><title>No Limits Content</title> <style> A:Link {color:000000;} <!-- kleur van de link als je er nog niet op hebt geklikt{ } A:Visited {color:000000;text-decoration:none;} <!--kleur van de link die je al bezocht hebt{ } </style> <style type="text/css"> BODY { SCROLLBAR-FACE-COLOR: #D75C03; SCROLLBAR-HIGHLIGHT-COLOR: #CC0000; SCROLLBAR-SHADOW-COLOR: #D75C03; SCROLLBAR-3DLIGHT-COLOR: #D75C03; SCROLLBAR-ARROW-COLOR: #D75C03; SCROLLBAR-TRACK-COLOR: #D75C03; SCROLLBAR-DARKSHADOW-COLOR: #D75C03; } A:link { COLOR: #000000; text-decoration: none; } A:active { COLOR: #000000; text-decoration: none; } A:visited { COLOR: #000000; text-decoration: none; } </style> <style type="text/css"> <!-- .style5 { font-size: 12px; font-family: verdana; } .style8 {font-size: 10px; font-family: verdana; } .style11 {font-size: 10px; font-family: verdana; font-weight: bold; } .style19 {color: #FFFFFF; font-weight: bold; font-family: verdana; font-size: 10px; } .style7 { font-size: 10px; font-family: Verdana; font-weight: bold; } .style22 { font-size: 1px; color: #FFFFFF; } --> </style> </head><body> <table border="0" cellpadding="0" cellspacing="0" width="100%" height="18"> <tbody><tr> <td width="8" height="18"><img src="home_data/left.png" width="8" height="18"></td> <td background="home_data/topbg.png" height="18"><b><font color="#ffffff" size="1" face="Verdana">Logimine</font></b></td> <td width="8" height="18"><img src="home_data/right.png" width="8" height="18"></td> </tr> </tbody></table> <table border="0" cellpadding="0" width="455" height="338"> <tbody> <tr> <td align="middle" valign="top" width="251" height="334"><table id="table9" border="0" cellpadding="0" width="247" height="46"> <tbody> <tr> <td class="style5" id="table" width="243" height="1"><div align="left"> <p align="left"><span class="style8"><br> <br> <br> I WANNA ADD HERE<br> <br> </p> </div></td> </tr> </tbody> </table> </td> <td align="middle" valign="top" width="198" height="334"><table border="0" cellpadding="1" cellspacing="0" width="185"> <tbody> <tr align="middle"> <td><!-- .input { font-family: Verdana; font-size: 8pt} --> </td> </tr> <tr align="middle"> <td class="style5" width="183"><div align="center"><strong class="style7"> <script src="home_data/banner_002.htm"></script><script src="home_data/banner.htm"></script> <br> Foorum</strong><span class="style8"><br> Palun Registeerige <br><a href="#" target="_blank"><strong>Foorumisse</strong></a> </span><span class="style7"><br> </span></div></td> </tr> </tbody> </table> <table id="table10" border="0" cellpadding="0" width="198" height="51"> <tbody> <tr> <td width="3" height="17"> </td> <td width="185" height="17"><table border="0" cellpadding="0" cellspacing="0" width="100%"> <tbody> <tr> <td width="8"><img src="home_data/left.png" alt="l" width="8" height="18"></td> <td background="home_data/topbg.png" width="215"><div class="style19" align="left">Uudised</div></td> <td width="8"><img src="home_data/right.png" alt="l" width="8" height="18"></td> </tr> </tbody> </table></td> <td width="12" height="17"> </td> </tr> <tr> <td valign="top" width="3" height="21"></td> <td id="table" align="middle" valign="top" width="185" height="21"><table border="0" cellpadding="1" cellspacing="0" width="185"> <tbody> <tr align="middle"> <td><!-- .input { font-family: Verdana; font-size: 8pt} --> </td> </tr> <tr align="middle"> <td class="style5" width="183"><div align="left"> <div align="left"><span class="style8">Check these out: <br> <br> - <a href="#" target="_blank"><strong>[16.03.09]Koduleht</strong></a><br> - <a href="" target="main">Rohkem Uuendusi Pole</a><br> </span></div> </div></td> </tr> </tbody> </table> <div class="style8" align="right"> <div align="left"></div> </div></td> <td valign="top" width="12" height="21"></td> </tr> </tbody> </table> </td> </tr> </tbody> </table> <div align="center"><!-- News Powered by CuteNews: http://cutephp.com/ --></div> <style type="text/css"> <!-- .style1 {font-family: Verdana, Arial, Helvetica, sans-serif} --> </style> <font size="1" face="Verdana, Arial, Helvetica, sans-serif"></font><center> <font size="1" face="Verdana, Arial, Helvetica, sans-serif"><font size="1" face="Verdana, Arial, Helvetica, sans-serif"> <table id="table10" border="0" cellpadding="0" width="198" height="51"> <tbody> <tr> <td width="3" height="17"> </td> <td width="185" height="17"><table border="0" cellpadding="0" cellspacing="0" width="100%"> <tbody> <tr> <td width="8"><img src="home_data/left.png" alt="l" width="8" height="18"></td> <td background="home_data/topbg.png" width="1000"><div class="style19 style1" align="left"><font size="1">No Limits </font></div></td> <td width="8"><img src="home_data/right.png" alt="l" width="8" height="18"></td> </tr> </tbody> </table> <br> <table border="0" width="100%"> <tbody><tr> <td width="50%"><p class="style1" align="left"><font size="1">Tere Tulemast No Limits kodulehele.<br> mäng on alles uus niiet midagi pole veel valmiski saanud, täiendan kodulehte, kui leht saab ära fixitud siis panen loomulikult ka mängu püsti. <img src="home_data/gemual.png" align="left">Nagu olete märkanud on meil siin raadio ka, hetkene raadio on "Power Hit Radio".<br> Kui kellegil on oma raadio olemas ning on soovi, et see raadio siin mängiks palume ühendust võtta webmasteriga.</font></p> <font size="1"> </font><p align="left"><span class="style1"><font size="1"><img src="home_data/russalcho.PNG" align="right" width="50" height="95"></font></span><font size="1"><br> </font> </p></td> <td width="50%"> </td> </tr> </tbody></table> </td></tr></tbody></table></font></font></center></body></html>
or use heredoc:
Code:$string = <<<EOF line1 line2 line3 EOF;
Very nice, I will be trying it after my vacantion.
Can I edit the code, tough..?
ya why not?
I swear, everytime someone releases something nice people will say "use this: instead of this.." .. or "dont use that, use this".. "oh you dont have to do that, you can do this:"
SO RETARDED. IF IT WORKS, ITS FINE. FFS.
hes a beastly programmer leave at that. ur just jealous.
GREAT JOB SUBBY!
| « [CHEAP] Website Development Service | Sams teach yourself php in 24 hours! the best beginners book.. » |
| Thread Information |
Users Browsing this ThreadThere are currently 1 users browsing this thread. (0 members and 1 guests) |
