Need help with database
Posted: Sat Jan 22, 2011 2:51 pm
I've been following tutorials on youtube from php academy and they're excellent tutorials, everything that I've dones from the tutorials has worked up until this point. I was following his tutorial on encrypting a users password when they register and it worked, then once they've registered it says please continue to the login page. So I tested it and logged in and it said logged in successfully, please click here to continue to your account. When I click the link it goes to the account page but it says I must login. I'm wondering where I've gone wrong but here is all the code and I'll name each page that the code is on. Thanks for your time and help in advance. I also changed the open database info. and some other personal info.
pages
register.php
html registration form in register.php
signin.php
login.php
myaccount.php
logout.php
pages
register.php
Code: Select all
<?php
$submit = $_POST['submit'];
//form data
$name = strip_tags($_POST['name']);
$email = strip_tags($_POST['email']);
$phone = strip_tags($_POST['phone']);
$username = strtolower(strip_tags($_POST['username']));
$password = strip_tags($_POST['password']);
$repeatpassword = strip_tags($_POST['repeatpassword']);
$date = date("Y-m-d");
if (submit)
{
//open database
$connect = mysql_connect("localhost","r2d2","1234");
mysql_select_db("phplogin"); //select database
$namecheck = mysql_query("SELECT username FROM users WHERE username='$username'");
$count = mysql_num_rows($namecheck);
if ($count!=0)
{
die ("Username is already taken!");
}
//check for existance
if ($name&&$email&&$phone&&$username&&$password&&$repeatpassword)
{
if ($password==$repeatpassword)
{
//check char length of name and username
if (strlen($name)>100||strlen($username)>100)
{
echo "Full Name or Username is too long. Maximum length for both is 100 characters.";
}
else
{
//check password length
if (strlen($password)<6)
{
echo "Password must be at least 6.";
}
else
{
//register the user
//encrypt password
$password = md5($password);
$repeatpassword = md5($repeatpassword);
$queryreg = mysql_query("
INSERT INTO users VALUES ('','$name','$email','$phone','$username','$password','$date')
");
die("Great! You've successfully been registered.<br><a href='http://www.website.ca/signin.php' target='_self'>Click here to sign in.</a>");
}
}
}
else
echo "Your passwords don't match!";
}
}
?>Code: Select all
<form action="register.php" method="POST">
<div id="nametitle"><span class="th18">Full Name:</span>
</div>
<div id="namefield"><input name="name" type="text" class="th17" id="name" tabindex="1" size="30" maxlength="100" value="<?php echo $name; ?>" />
</div>
<div id="nameexample"><span class="th20">Eg. Joe Smith</span>
</div>
<div id="emailtitle"><span class="th18">Email:</span>
</div>
<div id="emailfield"><input name="email" type="text" class="th17" id="email" tabindex="2" size="30" maxlength="150" value="<?php echo $email; ?>" />
</div>
<div id="emailexample"><span class="th20">Eg. joesmith@mail.com</span>
</div>
<div id="phonetitle"><span class="th18">Telephone:</span>
</div>
<div id="phonefield"><input name="phone" type="text" class="th17" id="phone" tabindex="3" size="30" maxlength="12" value="<?php echo $phone; ?>" />
</div>
<div id="phoneexample"><span class="th20">Eg. 434-222-2332</span>
</div>
<div id="usertitle"><span class="th18">Username:</span>
</div>
<div id="userfield"><input name="username" type="text" class="th17" id="username" tabindex="4" size="30" maxlength="100" value="<?php echo $username; ?>" />
</div>
<div id="checkusername"><a href="http://www.website.ca/checkname.php" target="_self" class="th5">Check Availability</a>
</div>
<div id="passtitle"><span class="th18">Password:</span>
</div>
<div id="passfield"><input name="password" type="password" class="th17" id="password" tabindex="5" size="30" maxlength="25">
</div>
<div id="passaccept1"><span class="th20">Must contain at least 6 characters.</span>
</div>
<div id="passtitle2"><span class="th18">Repeat Password:</span>
</div>
<div id="passfield2"><input name="repeatpassword" type="password" class="th17" id="repeatpassword" tabindex="6" size="30" maxlength="25">
</div>
<div id="passaccept2">
</div>
<div id="empty">
</div>
<div id="resetregisterbtn"><input name="submit" type="submit" class="th17" tabindex="7" onclick="MM_validateForm('name','','R','email','','RisEmail','phone','','R','username','','R','password','','R','repeatpassword','','R');return document.MM_returnValue" value="Register" /><input value="Reset" type="reset" name="reset" class="th17" tabindex="8" />
</div>
</form>Code: Select all
<form action="login.php" method="POST">
<div id="usertitle"><span class="th18">Username:</span>
</div>
<div id="userfield"><input name="username" type="text" class="th17" size="30" maxlength="100" tabindex="1">
</div>
<div id="passreset"><a href="http://www.website.ca/passwordreset.php" target="_self" class="th5">Reset Password</a>
</div>
<div id="passtitle"><span class="th18">Password:</span>
</div>
<div id="passfield"><input name="password" type="password" class="th17" size="30" maxlength="25" tabindex="2">
</div>
<div id="submitbtn"><input value="sign in" type="submit" class="th17" tabindex="3" />
</div>
</form>Code: Select all
<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
if ($username&&$password)
{
$connect = mysql_connect("localhost","r2d2","1234") or die("Couldn't Connect!");
mysql_select_db("phplogin") or die("Couldn't find database");
$query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrows = mysql_num_rows($query);
if ($numrows!=0)
{
// code to login
while ($row = mysql_fetch_assoc($query))
{
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
// check to see if they match!
if ($username==$dbusername&&md5($password)==$dbpassword)
{
echo "<span class='th21'>You've signed in successfully!</span> <a href='myaccount.php' class='th20'>Click here to continue to your account.</a>";
$_SESSION['username']=$username;
}
else
echo "<span class='th21'>Incorrect password!<a href='http://www.website.ca/signin.php'> Retry.</a></span>";
}
else
die("<span class='th21'>User doesn't exist.<a href='http://www.websiteca/register.php'> Register here.</a></span>");
}
else
die("<span class='th21'>You must be signed in to view your account.<a href='http://www.website.ca/signin.php'> Sign in here.</a></span>");
?>
Code: Select all
<?php
session_start();
if ($_SESSION['username'])
echo "Welcome, ".$_SESSION['username']."!<br><br><a href='logout.php' 'target='_self' class='th9'> → Sign Out</a>";
else
die("You must sign in to access your account.<br> <a href='http://www.website.ca/signin.php' target='_self' class='th20'>Click here to sign in.</a>");
?>
Code: Select all
<?php
session_start();
session_destroy();
echo "<span class='th21'>You've logged out successfully. Auto-redirecting you to the home page.</span>"
?>