Can anyone help me with a login script shown on, for example, index.php in a table. When the user logs in, index.php reloads but then shows Welcome, *username* [user pic]. If login fails it reloads index.php but shows an error message. Anyone shed some light? i need it for my online community site.
Andy
Full Version: Login Script
It's not that hard to do, first of all you need a database (ideally) to store the users' details. Then, you need to plan out what information you need to store, a simplified example would be:
Where username is the primary key, and a unique string and password is a fixed length string which cannot be null. Then, you create a registration form, which validates input, checks if the username is taken, and salts and hashes the password. If the input is all well and good then we use an INSERT statement to add that user to the database. The next part is working out a login system. We would take their username and password, hash the password as it was hashed before and sanitise the username then use a SELECT to see if the user exists with that username/password combination. If yes then we log them in. The actual logging in can be done in two ways, the first being a session, and the other being pure cookies (sessions use a cookie, but that is automated so they can be seen as separate). You'll want to look into the security implications of each method and make a choice based on those.
Then, on that page you were describing you could check for a valid login, if we've got one then display a welcome message and if not redirect away and kill the page.
"How to make a login" is really as vague as my answer, and I don't want to write an essay right now. So have a read of the above and if you get stuck then ask some specific questions.
QUOTE
tblUsers(username, password)
Where username is the primary key, and a unique string and password is a fixed length string which cannot be null. Then, you create a registration form, which validates input, checks if the username is taken, and salts and hashes the password. If the input is all well and good then we use an INSERT statement to add that user to the database. The next part is working out a login system. We would take their username and password, hash the password as it was hashed before and sanitise the username then use a SELECT to see if the user exists with that username/password combination. If yes then we log them in. The actual logging in can be done in two ways, the first being a session, and the other being pure cookies (sessions use a cookie, but that is automated so they can be seen as separate). You'll want to look into the security implications of each method and make a choice based on those.
Then, on that page you were describing you could check for a valid login, if we've got one then display a welcome message and if not redirect away and kill the page.
"How to make a login" is really as vague as my answer, and I don't want to write an essay right now. So have a read of the above and if you get stuck then ask some specific questions.
Cheers =] thats helped me a bit. know any good sites where i can get a tutorial on it?
You can try some tutorials here http://www.pixel2life.com/search/php_codin...gin%20system/1/
There's 2 ways of doing this. Follow system 1 if you already have a members system and follow system 2 if you don't.
System 1: ~ Already have a members system
System 2: ~ Don't have a member system
Notes://
The above code only works with the variables $username and $userpic. If these aren't the variables used in your codes then you will need to edit them. Also, do not forget to add your Check login script in the function loggedin.
System 1: ~ Already have a members system
- Simply use a IF/ else if/ ELSE statement. Should look something like below.CODE<?
/**
Check login and Display welcome
**/
function loggedin (){
...your login check here...
}
if (loggedin){ // If logged in successfully
echo '<b>Welcome</b>, $username <div id=\"userpic\"><img src=\"$userpic\"></div>'
}
else if (!loggedin){ // If error in logging in
echo '<em>There was an error logging in</em>'
}
else{ // If not logged in
echo '<b>Welcome</b>, <i>guest</i>.'
}
?>
System 2: ~ Don't have a member system
- Follow Alex's Post then read System 1! (
bet you thought there would be something different here huh)
Notes://
The above code only works with the variables $username and $userpic. If these aren't the variables used in your codes then you will need to edit them. Also, do not forget to add your Check login script in the function loggedin.
I don't understand the purpose of your if/elseif/else there, assuming that loggedin() returns boolean (which is a reasonable assumption) the final branch of the if tree will never be entered, because there are not three possible states.
Also, short-tags (<?) are bad, don't use them on the forums please. Things written here should have portability in mind, and using short-tags automatically renders your script useless on more strict configurations (I for example do not enable short-tags on my local server, it would not work there).
if(loggedin) should be if(loggedin()) because otherwise it takes the constant "loggedin", which is undefined - so it takes the name of the constant as the value - thus always returns true. Try it:
You've also missed a whole load of semicolons there.
Really, I don't see what this contributes, an excerpt of broken code which doesn't explain anything and leaves all of the stuff he was asking about out completely (such as creating the member system and the content of the loggedin() function)...
Also, short-tags (<?) are bad, don't use them on the forums please. Things written here should have portability in mind, and using short-tags automatically renders your script useless on more strict configurations (I for example do not enable short-tags on my local server, it would not work there).
if(loggedin) should be if(loggedin()) because otherwise it takes the constant "loggedin", which is undefined - so it takes the name of the constant as the value - thus always returns true. Try it:
CODE
<?php
function test()
{
return false;
}
echo (test) ? 'true' : 'false'; // outputs "true"
?>
function test()
{
return false;
}
echo (test) ? 'true' : 'false'; // outputs "true"
?>
You've also missed a whole load of semicolons there.
Really, I don't see what this contributes, an excerpt of broken code which doesn't explain anything and leaves all of the stuff he was asking about out completely (such as creating the member system and the content of the loggedin() function)...
I was kinda wingin the code layout because I was at school. Also I *personally* don't like to do what I stated above but that's what I see happening in most login scripts now-a-days. I perfer to use cookies to store the data then use a simple varable to call the data back.
CODE
<?php
if($session->logged_in){
echo '<div id="updates" class="boxed">';
echo '<h2 class="title">Member Tools</h2>';
echo '<div class="content">';
echo '<center>';
echo '[<a href="http://firestudios.zxq.net/upload/index.php" title="Image Upload">Image Upload</a>] ';
echo '[<a href="http://firestudios.zzl.org/upload/index.php" title="General File Upload">File Upload</a>]';
echo '</center>';
echo '</div>';
echo '</div>';
}
?>
if($session->logged_in){
echo '<div id="updates" class="boxed">';
echo '<h2 class="title">Member Tools</h2>';
echo '<div class="content">';
echo '<center>';
echo '[<a href="http://firestudios.zxq.net/upload/index.php" title="Image Upload">Image Upload</a>] ';
echo '[<a href="http://firestudios.zzl.org/upload/index.php" title="General File Upload">File Upload</a>]';
echo '</center>';
echo '</div>';
echo '</div>';
}
?>
CODE
<?php
if($session->logged_in)
{
?>
<div id="updates" class="boxed">
<h2 class="title">Member Tools</h2>
div class="content">
<center>
[<a href="http://firestudios.zxq.net/upload/index.php" title="Image Upload">Image Upload</a>]
[<a href="http://firestudios.zzl.org/upload/index.php" title="General File Upload">File Upload</a>]
</center>
</div>
</div>
<?php
}
?>
if($session->logged_in)
{
?>
<div id="updates" class="boxed">
<h2 class="title">Member Tools</h2>
div class="content">
<center>
[<a href="http://firestudios.zxq.net/upload/index.php" title="Image Upload">Image Upload</a>]
[<a href="http://firestudios.zzl.org/upload/index.php" title="General File Upload">File Upload</a>]
</center>
</div>
</div>
<?php
}
?>
Much cleaner.
CODE
<?php require ("config/config.inc.php");
$member_tbl = $table_prefix . "_member";
$login=$_POST["login"];
$password = $_POST['password2'];
mysql_connect($server,$user,$pass);
mysql_select_db($base);
$sql = "SELECT * FROM $member_tbl WHERE login='$login' AND password='$password'" or die("error with the database");
$res = mysql_query($sql);
$exist = mysql_num_rows($res);
if(!$exist){
print'<table cellspacing="0px" cellpadding="0"><tr><td class="content_top">Connexion error</td></tr>';
print'<tr><td class="content_middle">Please check your login or your pass</td></tr>';
print'<tr><td class="content_bottom"></td></tr></table>';
}
else{
$data= mysql_fetch_assoc($res);
session_start();
$_SESSION['login'] = $data['login'];
include"action/connect.php";
}
?>
$member_tbl = $table_prefix . "_member";
$login=$_POST["login"];
$password = $_POST['password2'];
mysql_connect($server,$user,$pass);
mysql_select_db($base);
$sql = "SELECT * FROM $member_tbl WHERE login='$login' AND password='$password'" or die("error with the database");
$res = mysql_query($sql);
$exist = mysql_num_rows($res);
if(!$exist){
print'<table cellspacing="0px" cellpadding="0"><tr><td class="content_top">Connexion error</td></tr>';
print'<tr><td class="content_middle">Please check your login or your pass</td></tr>';
print'<tr><td class="content_bottom"></td></tr></table>';
}
else{
$data= mysql_fetch_assoc($res);
session_start();
$_SESSION['login'] = $data['login'];
include"action/connect.php";
}
?>
To login on with a session
and after you are login in you need to put in the header of your page between <head></head> or in the header of your script
CODE
<?php session_start();?>
and for the member area
CODE
<?php
//if the member is not logged in
if(!session_is_registered(login)){
print'blablabla';
}
//if the member is already logged in
else{
print'blablabla';
}
?>
//if the member is not logged in
if(!session_is_registered(login)){
print'blablabla';
}
//if the member is already logged in
else{
print'blablabla';
}
?>
i have a tutorial in the tutorial section if you still need it...
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.