PHP Login System
Posted: Mon Mar 17, 2014 11:51 pm
Hello! I am a somewhat experienced HTML and CSS web developer who is delving into PHP and JavaScript for the first time. I am also an employee for a small business owner who is need of a simple PHP login system that will display some information for a select group of people. I would like to eventually take the time to learn PHP fully and properly, but I am a bit rushed as it is to produce an immediate result and would greatly appreciate any help offered.
I found a PHP basic membership login system already prebuilt at this tutorial: http://www.developphp.com/view.php?tid=762 For the most part, it suits my needs (I can connect to a database on HostMonster), but I need a few modifications.
Firstly, my boss does not want a system with a username and password login, but rather just a simple password only login. Yes, not very secure, but my boss has his reasons for it. My question is: What do I need to remove and/or add to make a simple password only login system?
This is the script from the index.php page:
This is the script from the login.php page:
Second, I need a way to prevent users from changing their account information with this login system. Can I just delete the links to the member account and member profile pages? And if I do, how do I tell the login system to take the user to a page where the user sees information from a MySQL table.
There are other things I may need to ask, but this is a start.
Thanks!
I found a PHP basic membership login system already prebuilt at this tutorial: http://www.developphp.com/view.php?tid=762 For the most part, it suits my needs (I can connect to a database on HostMonster), but I need a few modifications.
Firstly, my boss does not want a system with a username and password login, but rather just a simple password only login. Yes, not very secure, but my boss has his reasons for it. My question is: What do I need to remove and/or add to make a simple password only login system?
This is the script from the index.php page:
Code: Select all
<?php
session_start(); // Must start session first thing
/*
Created By Adam Khoury @ www.flashbuilding.com
-----------------------June 20, 2008-----------------------
*/
// See if they are a logged in member by checking Session data
$toplinks = "";
if (isset($_SESSION['id'])) {
// Put stored session variables into local php variable
$userid = $_SESSION['id'];
$username = $_SESSION['username'];
$toplinks = '<a href="member_profile.php?id=' . $userid . '">' . $username . '</a> •
<a href="member_account.php">Account</a> •
<a href="logout.php">Log Out</a>';
} else {
$toplinks = '<a href="join_form.php">Register</a> • <a href="login.php">Login</a>';
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>My Homepage</title>
<style type="text/css">
<!--
body {margin: 0px}
-->
</style></head>
<body>
<table style="background-color: #CCC" width="100%" border="0" cellpadding="12">
<tr>
<td width="78%"><h1>My Website Logo</h1></td>
<td width="22%"><?php echo $toplinks; ?></td>
</tr>
</table>
<div style="padding:12px">
<h2>Welcome to the home page of my website.</h2>
<p>This is where we do a summary or showcase of content the site has to offer.</p>
</div>
</body>
</html>Code: Select all
<?php
/*
Created By Adam Khoury @ www.flashbuilding.com
-----------------------June 20, 2008-----------------------
*/
if ($_POST['email']) {
//Connect to the database through our include
include_once "connect_to_mysql.php";
$email = stripslashes($_POST['email']);
$email = strip_tags($email);
$email = mysql_real_escape_string($email);
$password = ereg_replace("[^A-Za-z0-9]", "", $_POST['password']); // filter everything but numbers and letters
$password = md5($password);
// Make query and then register all database data that -
// cannot be changed by member into SESSION variables.
// Data that you want member to be able to change -
// should never be set into a SESSION variable.
$sql = mysql_query("SELECT * FROM members WHERE email='$email' AND password='$password' AND emailactivated='1'");
$login_check = mysql_num_rows($sql);
if($login_check > 0){
while($row = mysql_fetch_array($sql)){
// Get member ID into a session variable
$id = $row["id"];
session_register('id');
$_SESSION['id'] = $id;
// Get member username into a session variable
$username = $row["username"];
session_register('username');
$_SESSION['username'] = $username;
// Update last_log_date field for this member now
mysql_query("UPDATE members SET lastlogin=now() WHERE id='$id'");
// Print success message here if all went well then exit the script
header("location: member_profile.php?id=$id");
exit();
} // close while
} else {
// Print login failure message to the user and link them back to your login page
print '<br /><br /><font color="#FF0000">No match in our records, try again </font><br />
<br /><a href="login.php">Click here</a> to go back to the login page.';
exit();
}
}// close if post
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login to your profile</title>
<script type="text/javascript">
<!-- Form Validation -->
function validate_form ( ) {
valid = true;
if ( document.logform.email.value == "" ) {
alert ( "Please enter your User Name" );
valid = false;
}
if ( document.logform.pass.value == "" ) {
alert ( "Please enter your password" );
valid = false;
}
return valid;
}
<!-- Form Validation -->
</script>
</head>
<body>
<div align="center">
<h3><br />
<br />
Log in to your account here<br />
<br />
</h3>
</div>
<table align="center" cellpadding="5">
<form action="login.php" method="post" enctype="multipart/form-data" name="logform" id="logform" onsubmit="return validate_form ( );">
<tr>
<td class="style7"><div align="right">Email Address:</div></td>
<td><input name="email" type="text" id="email" size="30" maxlength="64" /></td>
</tr>
<tr>
<td class="style7"><div align="right">Password:</div></td>
<td><input name="password" type="password" id="password" size="30" maxlength="24" /></td>
</tr>
<tr>
<td> </td>
<td><input name="Submit" type="submit" value="Login" /></td>
</tr>
</form>
</table>
</body>
</html>There are other things I may need to ask, but this is a start.
Thanks!