PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Moderator: General Moderators
designedfree4u
Forum Newbie
Posts: 6 Joined: Wed Mar 19, 2008 3:15 pm
Post
by designedfree4u » Wed Mar 19, 2008 3:23 pm
Here's what i have so far, all it does is display jonny 4, but i want it to get the users name from the form and display it as "welcome 'username' on account.php page when the user logs in.
login.php
Code: Select all
<?php
session_start();
$username = 'jonny4';
setcookie('username', $username);
$user_area_location = 'account.php'; // Location of the user area
// Connect to MySQL database:
$username="";
$password="";
$database="";
mysql_connect(localhost,$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$error = array();
if($_GET['action']) {
switch($_GET['action']) {
case 'logoff':
unset($_SESSION['loggedIn']);
array_push($error, 'You were logged off.');
break;
}
}
if(!$error) {
if(empty($_POST['username'])) { array_push($error, 'You didn\'t supply a username'); }
if(empty($_POST['password'])) { array_push($error, 'You didn\'t supply a password'); }
}
if(!$error){
$result = @mysql_query('SELECT name, email FROM `users` WHERE username = \''.mysql_real_escape_string($_POST['username']).'\' AND password = \''.mysql_real_escape_string(md5($_POST['password'])).'\'');
if($row = @mysql_fetch_row($result)) {
$_SESSION['loggedIn'] = true;
header('Location: '.$user_area_location);
die('<a href="'.$user_area_location.'">Go to your user account</a>');
}else{
array_push($error, 'The credentials you provided were not correct');
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login</title>
</head>
<body>
<table width="284" height="162" border="0" cellpadding="0" cellspacing="2">
<form method="post" action="login.php">
<?php if(isset($error) && $error) { ?>
<tr>
<td colspan="2"> <ul>
<?php foreach($error as $key => $value) echo '<li>'.$value.'</li>'; ?>
</ul></td>
</tr>
<?php } ?>
<tr>
<td>Username:</td>
<td><input type="text" name="username" /></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="submit" value="Login!" /></td>
</tr>
<tr>
<td colspan="2">Not a User? <a href="register.php">Register Here</a></td>
</tr>
</form>
</table>
</body>
</html>
This displays the username on the account.php page
Thanks for the help in advance.
I know proboubly the better way in doing this is to do through sessions but i'm just not php savy enough "yet". Maybe point me in the right direction?
www.WeAnswer.IT
Forum Newbie
Posts: 24 Joined: Wed Mar 19, 2008 6:33 pm
Post
by www.WeAnswer.IT » Wed Mar 19, 2008 7:12 pm
Your code had some very basic errors in it. My recommendation to you before going any further is to read some basic PHP tutorials. It's hard to learn a programming language without knowing the basics.
Here are some basic tutorials:
http://us3.php.net/tut.php
http://www.w3schools.com/php/default.asp
Here is your code. I tried to fix it up for you, although it's not perfect. Let me know if you have any problems with it.
Code: Select all
<?php
session_start();
if(isset($_REQUEST['submit']))
{
$username = $_POST['username'];
$password = md5($_POST['password']);
setcookie('username', $username);
// Location of the user area
$user_area_location = 'account.php';
// Connect to MySQL database:
$username="";
$password="";
$database="";
mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$error = array();
if(isset($_GET['action']))
{
switch($_GET['action'])
{
case 'logoff':
session_destroy();
array_push($error, 'You were logged off.');
break;
}
}
if(count($error) == 0)
{
if(empty($_POST['username']))
{
array_push($error, 'You didn\'t supply a username');
}
if(empty($_POST['password']))
{
array_push($error, 'You didn\'t supply a password');
}
$result = @mysql_query('SELECT name FROM `users` WHERE username = \''.mysql_real_escape_string($username).'\' AND password = \''.
$password.'\'');
if(mysql_num_rows($result) > 0)
{
$_SESSION['loggedIn'] = true;
header('Location: '.$user_area_location);
exit; // stops the script from running after redirect
}
else
{
array_push($error, 'The credentials you provided were not correct');
}
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login</title>
</head>
<body>
<table width="284" height="162" border="0" cellpadding="0" cellspacing="2">
<form method="post" action="login.php">
<?php if((isset($error)) && (count($error) > 0)): ?>
<tr>
<td colspan="2"> <ul>
<?php foreach($error as $message) { echo '<li>'.$message.'</li>'; } ?>
</ul></td>
</tr>
<?php endif; ?>
<tr>
<td>Username:</td>
<td><input type="text" name="username" value="<?= isset($_REQUEST['username']) ? $_REQUEST['username'] : '' ?>" /></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="submit" value="Login!" /></td>
</tr>
<tr>
<td colspan="2">Not a User? <a href="register.php">Register Here</a></td>
</tr>
</form>
</table>
</body>
</html>
And on your account.php page:
Code: Select all
<html>
... whatever ...
<body>
<?php
session_start();
if(!isset($_COOKIE['username']) || !isset($_SESSION['loggedIn']))
{
// the user is not logged in
header("Location: login.php");
exit;
}
// Connect to MySQL database:
$username="";
$password="";
$database="";
mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = sprintf("SELECT * FROM `users` WHERE username = '%s' LIMIT 1",
mysql_real_escape_string($_COOKIE['username'])));
$result = mysql_query($query);
if(mysql_numrows($result) < 1)
{
// the username doesn't exist, error!
header("Location: login.php");
exit;
}
$accountData = mysql_fetch_assoc($result);
?>
<span>Your username is <?= $accountData['username'] ?> and your e-mail is <?= $accountData['email'] ?> and your name is <?= $accountData['email'] ?></span>
</body>
</html>
designedfree4u
Forum Newbie
Posts: 6 Joined: Wed Mar 19, 2008 3:15 pm
Post
by designedfree4u » Fri Mar 21, 2008 9:57 am
I'm trying to do tutorials and i also bought the dummies sql book. Thanks for your help.
I got this error i made sure there was a ; but thats not the problem. your first page on your reply post is login.php
Parse error: syntax error, unexpected T_STRING in /home/jaybirdf/public_html/login.php on line 39
designedfree4u
Forum Newbie
Posts: 6 Joined: Wed Mar 19, 2008 3:15 pm
Post
by designedfree4u » Fri Mar 21, 2008 2:35 pm
ya getting all kinds of errors with that solution
www.WeAnswer.IT
Forum Newbie
Posts: 24 Joined: Wed Mar 19, 2008 6:33 pm
Post
by www.WeAnswer.IT » Sun Mar 23, 2008 4:23 pm
Change array_push($error, 'You didn't supply a username'); to array_push($error, 'You didn\'t supply a username'); to fix the first error you described. Sorry for taking so long to respond, I wasn't getting phpdn e-mails.