Member Registration And Login System

[NeoCodes]

I do not get the database variable. What is a database variable? It Says:

insert the following code into the file and change the database variables to match yours.
and then another thing says to insert a code to phpadmin. where is that. everythime i click phpadmin
on zymic it just wants me to login. HELP!! I DONT GET THIS STUFF..

[krazytaco]

I do not get the database variable. What is a database variable? It Says:

insert the following code into the file and change the database variables to match yours.

Those details are how you connect to your database

CODE

$db_engine = 'mysql';
$db_user = 'username';
$db_pass = 'password';
$db_host = 'hostname';
$db_name = 'database name';

The Engine is which database you use, so if for example you use MySQL, you put "mysql".
User is the username to connect to the database
Password is the password
Host is the address where you can reach your server at
Name is the name of the database within the server you want to use


Anyways, my login.php looks like this.


Edit: Fixed the problem, I had misnamed a variable within check_login.php

[NeoCodes]

Those details are how you connect to your database

CODE

$db_engine = 'mysql';
$db_user = 'username';
$db_pass = 'password';
$db_host = 'hostname';
$db_name = 'database name';

The Engine is which database you use, so if for example you use MySQL, you put "mysql".
User is the username to connect to the database
Password is the password
Host is the address where you can reach your server at
Name is the name of the database within the server you want to use
Anyways, my login.php looks like this.

CODE

<?php

// database connect script.

require 'includes/include_connect.php';

if($logged_in == 1) {
    die('You are already logged in, '.$_SESSION['username'].'.');

}

?>
<html>
<head>
<title>Login</title>
</head>
<body>
<?php

if (isset($_POST['submit'])) { // if form has been submitted

    /* check they filled in what they were supposed to and authenticate */
    if(!$_POST['uname'] | !$_POST['passwd']) {
        die('You did not fill in a required field.');
    }

    // authenticate.

    if (!get_magic_quotes_gpc()) {
        $_POST['uname'] = addslashes($_POST['uname']);
    }

    $qry = "SELECT username, password FROM ransom_users WHERE username = '".$_POST['uname']."'";
    $check = $db_object->query($qry);

    if (DB::isError($check) || $check->numRows() == 0) {
        die('That username does not exist in our database.');
    }

    $info = $check->fetchRow();

    // check passwords match

    $_POST['passwd'] = stripslashes($_POST['passwd']);
    $info['password'] = stripslashes($info['password']);
    $_POST['passwd'] = md5($_POST['passwd']);

    if ($_POST['passwd'] != $info['password']) {
        die('Incorrect password, please try again.');
    }

    // if we get here username and password are correct,
    //register session variables and set last login time.

    $date = date('m d, Y');

    $qry = "UPDATE ransom_users SET last_login = '$date' WHERE username = '".$_POST['uname']."'";
    $update_login = $db_object->query($qry);

    $_POST['uname'] = stripslashes($_POST['uname']);
    $_SESSION['username'] = $_POST['uname'];
    $_SESSION['password'] = $_POST['passwd'];
    $db_object->disconnect();
?>

<h1>Logged in</h1>
<p>Welcome back <?php echo $_SESSION['username']; ?>, you are logged in.</p>
<meta http-equiv="REFRESH" content="0;url=http://www.two47youth.com/index.php"></HEAD>

<?php

} else {    // if form hasn't been submitted

?>
<h1>Login</h1>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table align="center" border="1" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td>
<input type="text" name="uname" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="passwd" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}
?>
</body>
</html>

im using zymic hosting. my website is neocodes.clanteam.com would you like to set up my php for me? i just dont get it whatsoever.

[wozzym]

its not too hard. but im sure someone wouldnt mind doing it.

[uncled1023]

hm, i checked out your site, and it looks like you are trying to use a php code on a .html page. if you are using ANY php on that page, it HAS to be a .php page.

[oziyn]

ok im geting a db connection error when i try accesing any of the pages i just made

[oziyn]

why tha frig am i getting this

Parse error: syntax error, unexpected '.' in /www/99k.org/s/i/n/sinfull/htdocs/members/db_connect.php on line 15

[uncled1023]

in your db_connect.php, you have a period somewhere where it doesnt belong.

ok im geting a db connection error when i try accesing any of the pages i just made

do you have your database username and password right in your db_connect.php?

[oziyn]

well actually i hav the period right after the passowrd like you have in ur guide
and is it my zymic username and pass or is it my db user and pass?

this is what i have on mine

CODE

<?php

//require the PEAR:B classes.

require_once 'DB.php';

$db_engine = 'mysql';
$db_user = 'username';
$db_pass = 'password';
$db_host = 'localhost';
$db_name = 'database';

$datasource = $db_engine = 'mysql';
$db_user = 'sinfull_99k_org_chill';
$db_pass = '*********';.
$db_host = 'localhost';
$db_name = 'sinfull_99k_org_chill';

$db_object = DB::connect($datasource, TRUE);

/* assign database object in $db_object,

if the connection fails $db_object will contain

the error message. */

// If $db_object contains an error:

// error and exit.

if(DB::isError($db_object)) {
die($db_object->getMessage());
}

$db_object->setFetchMode(DB_FETCHMODE_ASSOC);

//
include('check_login.php');

[RoteX]

Hey,

I must be retarded or something... i can't get to Step3, im stuck at Step2.
Can't import this to phpMyAdmin,

CODE

CREATE TABLE users (
id int(10) DEFAULT '0' NOT NULL auto_increment,
username varchar(40),
password varchar(50),
regdate varchar(20),
email varchar(100),
website varchar(150),
location varchar(150),
show_email int(2) DEFAULT '0',
last_login varchar(20),
PRIMARY KEY(id))

So, i tryed to do it manualy.. still the same error there,

CODE

CREATE TABLE `users` (
`id` INT( 10 ) NOT NULL DEFAULT '0' AUTO_INCREMENT ,
`username` VARCHAR( 40 ) NOT NULL ,
`password` VARCHAR( 50 ) NOT NULL ,
`regdate` VARCHAR( 20 ) NOT NULL ,
`email` VARCHAR( 100 ) NOT NULL ,
`website` VARCHAR( 150 ) NOT NULL ,
`location` VARCHAR( 150 ) NOT NULL ,
`show_email` INT( 2 ) NOT NULL DEFAULT '0',
`last_login` VARCHAR( 20 ) NOT NULL
) TYPE = innodb

MySQL :
#1067 - Invalid default value for 'id'

Some help would be nice.

Edit: It's fixed.

[evolution815]

Hmm... ive found a couple of sites with guides on how to make a login

And well this seems to be the most handle but Might Lack in explaining the content your using.

As yeah i know what each thing does,

But some people might not know why your writing in, what does this mean


But hey, this is just just plain and simple which is good enough for me.



Are you going to add a guide on how to control the prevliges giving for your members, such as if you have registered then you can't view this webpage, or make a blog Etc...

[oziyn]

yo is any1 here gonna help me with my question???
im dieing here
ii have everything done but.........its got error on line 15 ffs
and the number of the line changes when i move the period to dif lines.ive tried on different lines and none of them work but when i take it off i get db connection error
and yes i have tried putting it at the end

plzzz help me ppls

[uncled1023]

ok, right after you password, you dont needd that period at the end of the line...

[oziyn]

it doesnt work at all then...><

[uncled1023]

ok, i see your problem. you put your password and username info in the wrong part...

CODE

<?php

//require the PEAR::DB classes.

require_once 'DB.php';

$db_engine = 'mysql';
$db_user = 'username';
$db_pass = 'password';
$db_host = 'localhost';
$db_name = 'database';

$datasource = $db_engine.'://'.
              $db_user.':'.
              $db_pass.'@'.
               $db_host.'/'.
                $db_name;

$db_object = DB::connect($datasource, TRUE);

/* assign database object in $db_object,

if the connection fails $db_object will contain

the error message. */

// If $db_object contains an error:

// error and exit.

if(DB::isError($db_object)) {
    die($db_object->getMessage());
}

$db_object->setFetchMode(DB_FETCHMODE_ASSOC);

// we write this later on, ignore for now.

include('check_login.php');

?>

the "username" should change to your username, and the "password" should change to your password, anbd the "database should change to your database.

[GBE]

I did it but when i try to register it says no such table. If you can fix this it would be greatly appreciated, to login to my sql manager i goto http://cpanel.0lx.net my username is 0lx_1725306 and my password is willo35207, htan goto control panel then sql databases. you should se a list clickm on the admin button under woospace. thanks

[oziyn]

ok first of all im about to try that. thank u very much for taking ur time to help me and second...
buddy....that wasnt smart dont giv ur user and pass to ppl just like that..
im not saying i wud....im a nice person and all but rly......reality is that there are some asswipes who will go on that and completely wipe all ur stuff wich wudnt be very cool...

just saying... wach out

peace

edit: omfg thank u so much it actually woked omfg i love u!!!!lol

thx bud

2nd edit: im gonna go get that second profile thing u added....

[uncled1023]

I did it but when i try to register it says no such table. If you can fix this it would be greatly appreciated, to login to my sql manager i goto http://cpanel.0lx.net my username is 0lx_1725306 and my password is willo35207, htan goto control panel then sql databases. you should se a list clickm on the admin button under woospace. thanks

ok, ill check it out, but remember NEVER to give out your username and password... send it in a pm or something.

ok, you never made the users table. all you have it a whoospace members table, and it doesnt have the fields in it. so first, make a new table and call it users, and add the correct fields.

[bezz]

This script is vulnerable to both mysql and XSS exploits.

[GBE]

What are the correct fields?