Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6
  1. #1
    New to the CF scene
    Join Date
    Feb 2007
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts

    PHP Register/login help needed

    Hi all,

    I'm trying to implement a registration and login system on my website. I have been trying to follow a tutorial on the web which partially works. I created my database in mysql which works fine. i have a html file that contains the form for the user to register. that form then activates a php form to take the users data and insert it in the database.

    My first problem is that if the same username is submitted twice an error is produced by php. the second problem i have is that once the form is submitted by the user the code just outputs some text instead of diverting to another html file that says login unsuccessful. also if a valid record is added i need the php code to call a html file that states the login is successful.

    The second problem is that i need my html login file to go to a html page that says login successful if the user entered the correct details. it would also need to go to a different html file that said login unsuccessful if the wrong details were entered.

    The last problem is that the session code in the login.php file does not work so I have commented it out.

    Here is the code so far:

    MySQL

    CREATE TABLE users (
    id int(10) unsigned NOT NULL auto_increment,
    username varchar(15) NOT NULL default '',
    password varchar(15) NOT NULL default '',
    email varchar(40) NOT NULL default '',
    PRIMARY KEY (id)
    ) TYPE=MyISAM;

    index.html

    <head>
    </head>

    <p><a href="login.html">Login</a> <a href="registration.html">Register</a></p>




    registration.html




    <form name="login" method="post" action="register.php">
    <table border="0" width="225" align="center">
    <tr>
    <td width="219" bgcolor="#999999">
    <p align="center"><font color="white"><span style="font-size:12pt;"><b>Registration</b></span></font></p>
    </td>
    </tr>
    <tr>
    <td width="219">
    <table border="0" width="282" align="center">
    <tr>
    <td width="116"><span style="font-size:10pt;">Name:</span></td>
    <td width="156"><input type="text" name="name" maxlength="100"></td>
    </tr>
    <tr>
    <td width="116"><span style="font-size:10pt;">Email:</span></td>
    <td width="156"><input type="text" name="email" maxlength="100"></td>
    </tr>
    <tr>
    <td width="116"><span style="font-size:10pt;">Username:</span></td>
    <td width="156"><input type="text" name="username"></td>
    </tr>
    <tr>
    <td width="116"><span style="font-size:10pt;">Password:</span></td>
    <td width="156"><input type="password" name="password"></td>
    </tr>
    <tr>
    <td width="116">&nbsp;</td>
    <td width="156">
    <p align="right"><input type="submit" name="submit" value="Submit"></p>
    </td>
    </tr>
    </table>
    </td>
    </tr>
    <tr>
    <td width="219" bgcolor="#999999">&nbsp;</td>
    </tr>
    </table>
    </form>



    register.php


    PHP Code:
    <?PHP

    //Database Information

    $dbhost "myhost";
    $dbname "mydatabase";
    $dbuser "myusername";
    $dbpass "mypassword";

    //Connect to database

    mysql_connect $dbhost$dbuser$dbpass)or die("Could not connect: ".mysql_error());
    mysql_select_db($dbname) or die(mysql_error());

        
    $name $_POST['name'];
    $email $_POST['email'];    
    $username $_POST['username'];
    $password md5($_POST['password']);

    // lets check to see if the username already exists

    $checkuser mysql_query("SELECT username FROM users WHERE username='$username'"); 

    $username_exist mysql_num_rows($checkuser);

    if(
    $username_exist 0){
        echo 
    "I'm sorry but the username you specified has already been taken.  Please pick another one.";
        unset(
    $username);
        include 
    'register.html';
        exit();


    // lf no errors present with the username
    // use a query to insert the data into the database.

    $query "INSERT INTO users (name, email, username, password)
    VALUES('$name', '$email', '$username', '$password')"
    ;
    mysql_query($query) or die(mysql_error());
    mysql_close();

    echo 
    "You have successfully Registered";
        
    ?>

    login.html


    <form name="login" method="post" action="login.php">
    <table border="0" width="225" align="center">
    <tr>
    <td width="219" bgcolor="#999999">
    <p align="center"><font color="white"><span style="font-size:12pt;"><b>Login</b></span></font></p>
    </td>
    </tr>
    <tr>
    <td width="219">
    <table border="0" width="220" align="center">
    <tr>
    <td width="71"><span style="font-size:10pt;">Username:</span></td>
    <td width="139"><input type="text" name="username"></td>
    </tr>
    <tr>
    <td width="71"><span style="font-size:10pt;">Password:</span></td>
    <td width="139"><input type="password" name="password"></td>
    </tr>
    <tr>
    <td width="71">&nbsp;</td>
    <td width="139">
    <p align="right"><input type="submit" name="submit" value="Submit"></p>
    </td>
    </tr>
    </table>
    </td>
    </tr>
    <tr>
    <td width="219" bgcolor="#999999"><font color="white">Not Registered? </font><a href="registration.html" target="_self"><font color="white">Register</font></a><font color="white"> </font><b><i><font color="white">Now!</font></i></b></td>
    </tr>
    </table>
    </form>




    login.php


    PHP Code:
    <?php

    //Database Information

    $dbhost "myhost";
    $dbname "mydatabase";
    $dbuser "myusername";
    $dbpass "mypassword";

    //Connect to database
    $connection mysql_connect($dbhost$dbuser$dbpass)or die("Could not connect: ".mysql_error());
    mysql_select_db($dbname) or die(mysql_error());

    session_start();
    $username $_POST["username"];
    $password md5($_POST["password"]);

    $checkuser mysql_query("SELECT username FROM users WHERE username='$username' and password='$password'"); 

    $username_exist mysql_num_rows($checkuser);

    if(
    $username_exist 0){
        echo 
    "login successfull";
    } else {
        echo 
    "login does not exist";
    }

    #$query = "select * from users where username='$username' and password='$password'";

    #$result = mysql_query($query,$connection);
    #$num_rows = mysql_num_rows($result);

    #if ($num_rows == 0) {
    #$error = "Bad Login";
    #echo "error";
     #   include "login.html";

    #} else {
    #    $_SESSION["username"] = "$username";
    #    include "memberspage.php";
    #echo "success";
    #}

    ?>

    Sorry for the longwinded explaination and I hope I was clear. I would really appriciate some help on this.

    Regards
    Last edited by cobe123; 02-22-2007 at 10:42 AM.

  • #2
    Senior Coder CFMaBiSmAd's Avatar
    Join Date
    Oct 2006
    Location
    Denver, Colorado USA
    Posts
    3,107
    Thanks
    2
    Thanked 326 Times in 318 Posts
    Please go back and edit your post and wrap the code for each file in "PHP" code wrappers. It is extremely difficult to read a mass of code and determine where one file stops and the next one starts when you don't use the PHP code wrappers.

    You can do this by selecting/highlighting each section of code and click on the "PHP" icon. This is the white rectangular paper symbol with the "php" on it, located at the right-hand end of the row of icons above the text area where you enter your post.

    Edit: One thing that I did notice that is causing one of your problems. The register.php file contains the following line -
    PHP Code:
    include 'register.html'
    However, the file name you listed for the first piece of code is - registration.html. I suspect that the include statement should match the file name of the first piece of code.
    Last edited by CFMaBiSmAd; 02-22-2007 at 12:54 AM.
    If you are learning PHP, developing PHP code, or debugging PHP code, do yourself a favor and check your web server log for errors and/or turn on full PHP error reporting in php.ini or in a .htaccess file to get PHP to help you.

  • #3
    New to the CF scene
    Join Date
    Feb 2007
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I have added the php code wrappers to the code I posted. I would appriciate any further input.

  • #4
    Senior Coder timgolding's Avatar
    Join Date
    Aug 2006
    Location
    Southampton
    Posts
    1,519
    Thanks
    114
    Thanked 110 Times in 109 Posts
    For hashing I suggest using sha1() with your php and downloading a javascript sha1 funstion also then hashing the password before the form is submitted.

    I also suggest adding a salt string to the hash. If I were you I would implement this first before continuing

    Any how I do have some md5 based login systems at home I can find the code for you later?
    You can not say you know how to do something, until you can teach it to someone else.

  • #5
    New to the CF scene
    Join Date
    Feb 2007
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I would appriciate your code as my knowledge of php is not as in depth as yours.

  • #6
    Senior Coder
    Join Date
    Jan 2007
    Posts
    1,648
    Thanks
    1
    Thanked 58 Times in 54 Posts
    One concept to move away from is using each .php file as a single step in a process.

    Instead of that, create a .php file that submits to itself. Before displaying anything, check if the user tried to submit. If yes, validate the input. If it validates, use header() to forward to the next page (the succesful login).

    If it didn't validate, print the same page with the username already filled in (since you know this now) and also include the message that the username or password was incorrect.


    PHP Code:
    if (isset($_REQUEST['login'])) {
        
    /* ... validate login here ... */
        
    if ($valid) {
            
    header('Location: succesful.php');
        } else {
            
    $message "Invalid username or password.";
        }

    Code:
    <?php
    if (isset($message)) {
        echo $message;
    }
    <form action="login.php">
    <input type="text" name="username" value="<?php echo (isset($_REQUEST['username']?$_REQUEST['username']:'');?>" />
    <input type="password" name="password" />
    <input type="submit" name="login" value="Login" />
    </form>


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •