Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 12 of 12

Thread: Member Login

  1. #1
    Regular Coder
    Join Date
    Jul 2002
    Location
    Earth
    Posts
    113
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Unhappy Member Login

    Hi, i've just started using php, which I love. I saw the member login info on the www.phpbeginner.com page. it didn't work at all. in fact, i contacted the author of the info and he tried to help me. He even promised to make me an htacess script. So far, it's been 3 months, no script. sooo, i've come to you wise people.

    i just want to use cookies to keep a person logged in. That's all. I want that they sign up to be a member, and once a memeber, they can browse around the site.

    how do i do that?

    oh, and i want to make sure they don't enter pages if they are not logged in. of course.....
    Life is funny, especially when you're poor.

  • #2
    New Coder
    Join Date
    Jul 2002
    Location
    Regina, Saskatchewan, Canada
    Posts
    35
    Thanks
    0
    Thanked 0 Times in 0 Posts
    First, you need to have the form. I will create a basic one here.

    <form name="login" action="login.php" method=post>
    Username: <input type=text name="user"><br>
    Password: <input type=password name="pass"><br>
    <input type=submit value="Submit!">
    </form>

    Once you've had the form submitted, the variables will automatically be processed. So, $user would be the user field, and $pass would be the pass field.

    To set a cookie, the function is setcookie(). Example:

    setcookie("name","value","expire");

    So, in login.php you would put something like this:

    <?php
    if ($user == 'username' && $pass == 'password') {
    setcookie("loggedin",$user,time()+3600);
    echo "Correct! You are logged one!";
    } else {
    echo "Invalid username or password!";
    }
    ?>

    Remember... You said you were a newbie that's the only reason I gave a semi-detailed explaination - it's because I think your an idiot just to let you know.
    Jared Brandt
    IKinsler

  • #3
    Regular Coder
    Join Date
    Jul 2002
    Location
    Earth
    Posts
    113
    Thanks
    0
    Thanked 0 Times in 0 Posts
    you think i'm an idiot? or did you mean 'not because i think...' ?

    ah who cares?

    Thanks for the code!

    *smile*
    Last edited by Trusten; 07-12-2002 at 07:56 PM.
    Life is funny, especially when you're poor.

  • #4
    Regular Coder
    Join Date
    Jul 2002
    Location
    Earth
    Posts
    113
    Thanks
    0
    Thanked 0 Times in 0 Posts
    btw, when they visit other pages, how will it make sure they are logged in? as you said, i'm a newbie.
    Life is funny, especially when you're poor.

  • #5
    Regular Coder
    Join Date
    Jul 2002
    Location
    U.S. (Wish Japan though)
    Posts
    141
    Thanks
    0
    Thanked 0 Times in 0 Posts
    time()+3600
    I know I should just read a tutorial, or I will get called an idiot too, but....

    What does the time()+3600 do exactly? sets a time limit for them to be logged in?

    And I am along with Trusten... How do you make sure they are still logged in?

    Also, how do you make it so they get logged ou if they close the browser?

  • #6
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,075
    Thanks
    11
    Thanked 98 Times in 96 Posts
    time() gives the current unix timestamp i.e. now +3600 seconds so the cookie should last for 1 hour


    + I think IKinsler meant to say something like idiot-proof , probably with no slur intended??? hopefully

    to track your users in other pages Trusten, add this either to all pages you wish to protect, or in an included file

    PHP Code:
    <?
    if(!isset($HTTP_COOKIE_VARS[loggedin])){
    header("location:login.html");
    }
    ?>
    note that sessions are more reliable though so follow spooksters links!
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #7
    Regular Coder
    Join Date
    Jul 2002
    Location
    Earth
    Posts
    113
    Thanks
    0
    Thanked 0 Times in 0 Posts
    whoo hoo!

    thank you!


    yeah, i'm sure he meant nothing by it. but those links are great.

    thanks a lot!


    oh, did i mention that I love you guys?

    *tear*
    Life is funny, especially when you're poor.

  • #8
    Senior Coder missing-score's Avatar
    Join Date
    Jan 2003
    Location
    UK
    Posts
    2,194
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Cool

    Cool Firepages , that worked great. I have been looking for something like this for ages.

    Matt

  • #9
    Regular Coder
    Join Date
    Apr 2003
    Location
    Matewan, WV
    Posts
    201
    Thanks
    0
    Thanked 1 Time in 1 Post
    ok..so this script works extremely well for what im doing...the only thing is..i need to add more than one user which would mean several diff passwords and usernames. How would i do that?

  • #10
    Senior Coder missing-score's Avatar
    Join Date
    Jan 2003
    Location
    UK
    Posts
    2,194
    Thanks
    0
    Thanked 0 Times in 0 Posts

    using a database...

    I have advanced quite alot since I last posted in this thread

    I am hoping you have a database, if not, then there are other ways.

    Using a database:

    Right, create a table in your database called users, or something like that. To make this process more secure than cookies, you may also wish to use sessions...

    make sure the table `users` has the Coluns

    Username | Password | UserId

    Now for the PHP:

    First, the login form page:

    Code:
    <form name="whatever" action="cnf_login.php" method="post">
    Username: <input type="text" name="username" /><br />
    Password: <input type="password" name="pass" /><br />
    <input type="submit" value="Login" />
    </form>
    Now the cnf_login.php file...

    PHP Code:

    session_start
    (); // Starts a PHP session

    $DBuser 'database_user_name'// Database username
    $DBpass 'database_password'// Database password
    $DBhost 'database_host'// Database host, usually localhost
    $DBbase 'database_name'// Database name to use

    $db = @mysql_connect($DBhost,$DBuser,$DBpass) or die('Failed Connection');
    @
    mysql_select_db($DBbase,$db) or die('Database not found');

    $find_user_query "SELECT * FROM `users` WHERE Username='".$_POST['username']."' AND Password='".$_POST['password']."';";

    $find_user mysql_query($find_user_query);

    if(
    mysql_num_rows($find_user) == 1// If a user match is found
    {
          
    $_SESSION['loggedin'] = true;
          
    setcookie('user',$_POST['username'],time()+3600);

          
    $USER mysql_fetch_array($find_user_query);

          
    setcookie('userid',$USER['UserId'],time()+3600);
    }
    else
    {
          echo 
    'User or pass incorrect';

    You can then test for logged in by doing:

    PHP Code:

    session_start
    ();

    if(!isset(
    $_SESSION['loggedin']) || !isset($_COOKIE['user']) || !isset($_COOKIE['userid']))
    {
    // They are not logged in

    This code was quickly written so there may be bugs, if you need more help, or if you dont use mysql, post back or PM me.

  • #11
    Regular Coder
    Join Date
    Apr 2003
    Location
    Matewan, WV
    Posts
    201
    Thanks
    0
    Thanked 1 Time in 1 Post
    id rather not use sql

  • #12
    Senior Coder missing-score's Avatar
    Join Date
    Jan 2003
    Location
    UK
    Posts
    2,194
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Right what I would do ( this is what I did on my first php website when I did not have mysql ) is use several text files....

    I will use the example of my username being user and my password being pass.

    For each user, if you create a file called user_pass.txt ( the users username followed by their password, separated by an underscore, and place it behind your www directory, so inaccessable by a URL.

    eg...

    PHP Code:
    <?php

    if(file_exists("../users/".$_POST['username']."_".$_POST['password'].".txt"))
    {
        
    // Do login stuff
    }
    else
    {
       
    // Failed login
    }
    ?>


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •