Code: Select all
<?php
$var = var
?>Along with that, I would like to add password encryption to my login and register script but I have no clue how to do it with the way I wrote the scripts.
Here is the register script:
Code: Select all
<?php
//include files
include('db.inc.php');
//check for post submission
if (isSet($_POST['submit'])) {
//check that both fields have something in them
if (empty($_POST['username']) || empty($_POST['password1']) || empty($_POST['password2']) || empty($_POST['firstname']) || empty($_POST['lastname']) || empty($_POST['email'])) {
echo "<head><meta http-equiv=refresh content="2;
URL=register.php"></head><b>You did not fill in all fields!</b><BR>Please wait. You will be redirected in two seconds.";
exit;
}
if (($_POST['password1']) != ($_POST['password2'])) {
echo "<head><meta http-equiv=refresh content="2;
URL=register.php"></head><b>Your passwords do not match!</b><BR>Please wait. You will be redirected in two seconds.";
exit;
}
//mysql query
$query = "SELECT * FROM users WHERE username ='{$_POST['username']}'";
$result = mysql_query($query) or die(mysql_error());
//check for username already in database
if (mysql_num_rows($result) == "0" || mysql_num_rows($result) > 1) {
//submit information
$query = "INSERT INTO users VALUES ('', '{$_POST['username']}', '{$_POST['password1']}', '{$_POST['firstname']}', '{$_POST['lastname']}', '{$_POST['email']}', '00-00-0000', '00-00-0000', '1', '1', '1', '1', '1')";
$result = mysql_query($query) or die(mysql_error());
//display confirmation and redirect
echo "<head><meta http-equiv=refresh content="2;
URL=index.php"></head><b>Registration Successful!</b><BR>Please wait. You will be redirected in two seconds.";
} else {
echo "<head><meta http-equiv=refresh content="2;
URL=register.php"></head><b>Username Already Taken!</b><BR>Please wait. You will be redirected in two seconds.";
exit;
}
} else {
//print login forum
echo <<< FORM
<style type="text/css"> .style9 {font-family: Verdana; font-size: 10px; color: #333333; } </style>
<form action="{$_SERVER['PHP_SELF']}" method="post">
<table align="center" border="0" cellspacing="0" cellpadding="3">
<tr>
<td><span class="style9">Desired Username:</span></td>
<td><input type="text" name="username" maxlength="40"></td>
</tr>
<tr>
<td><span class="style9">Password:</span></td>
<td><input type="password" name="password1" maxlength="40"></td>
</tr>
<tr>
<td><span class="style9">Confirm Password:</span></td>
<td><input type="password" name="password2" maxlength="40"></td>
</tr>
<tr>
<td><span class="style9">First Name:</span></td>
<td><input type="test" name="firstname" maxlength="50"></td>
</tr>
<tr>
<td><span class="style9">Last Name:</span></td>
<td><input type="test" name="lastname" maxlength="50"></td>
</tr>
<tr>
<td><span class="style9">E-mail Address:</span></td>
<td><input type="test" name="email" maxlength="50"></td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" name="submit" value="Register">
<input type="hidden" name="submit" value="submitted" /></td>
</tr>
</table>
</form>
FORM;
?>Code: Select all
<?php
//include files
include('db.inc.php');
//check for post submission
if(isSet($_POST['submit'])) {
//check that both fields have something in them
if(empty($_POST['username']) || empty($_POST['password'])) {
echo "<head><meta http-equiv=refresh content="2;
URL=index.php"></head><b>Login Invalid</b><BR>Please wait. You will be redirected in two seconds.";
exit;
}
//mysql query
$query = "SELECT * FROM users WHERE username ='{$_POST['username']}' AND password = '{$_POST['password']}'";
$result = mysql_query($query) or die(mysql_error());
//check for results
if(mysql_num_rows($result) == "0" || mysql_num_rows($result) > 1) {
echo "<head><meta http-equiv=refresh content="2;
URL=index.php"></head><b>Login Invalid</b><BR>Please wait. You will be redirected in two seconds.";
//define session variables
} else {
$row = mysql_fetch_row($result);
$_SESSION['auth'] = "1";
$_SESSION['id'] = $row['0'];
$_SESSION['username'] = $row['1'];
$_SESSION['password'] = $row['2'];
$_SESSION['firstname'] = $row['3'];
$_SESSION['lastname'] = $row['4'];
$_SESSION['email'] = $row['5'];
$_SESSION['dateofbirth'] = $row['6'];
$_SESSION['datecreated'] = $row['7'];
$_SESSION['userlevel'] = $row['8'];
$_SESSION['pref_backcolor'] = $row['9'];
$_SESSION['pref_top'] = $row['10'];
$_SESSION['pref_middle'] = $row['11'];
$_SESSION['pref_bottom'] = $row['12'];
echo "<head><meta http-equiv=refresh content="2;
URL=index1.php"></head><b>Login Successful!</b><BR>Please wait. You will be redirected in two seconds.";
}
} else {
//print login forum
echo <<< FORM
<style type="text/css">
<!--
.style9 {font-family: Verdana; font-size: 10px; color: #333333; }
-->
</style>
<form action="{$_SERVER['PHP_SELF']}" method="post">
<table align="center" border="0" cellspacing="0" cellpadding="3">
<tr>
<td><span class="style9">Username:</span></td>
<td><input type="text" name="username" maxlength="40"></td>
</tr>
<tr>
<td><span class="style9">Password:</span></td>
<td><input type="password" name="password" maxlength="50"></td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" name="submit" value="Signin">
<input type="hidden" name="submit" value="submitted" /></td>
</tr>
</table>
</form>
FORM;
?>