Login Page help?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
dave_55
Forum Newbie
Posts: 19
Joined: Mon Mar 31, 2008 8:33 am

Login Page help?

Post by dave_55 »

Hi I have already created this simple login page that works. Can anyone help me, i would like the user to be able to register themselfs a USERNAME AND PASSWORD so that the admin wont have to input their details into a database????

How is this done and can anyone show me please??

My code already is:

checklogin.php

<?php
$host = "localhost"; //login to the server
$username = "Dave"; //username login
$password = "*****"; //password login
$db_name = "logintest"; //database name change to lincoln
$tbl_name = "members"; //members tabel

$db = mysql_pconnect($host, $username, $password) or trigger_error(mysql_error(),E_USER_ERROR);
// Check user inputs against database.

$myusername = $_POST['myusername'];
$mypassword = $_POST['mypassword'];
session_start();

mysql_select_db($db_name, $db);
$query_check = sprintf("SELECT * FROM $tbl_name WHERE username = '$myusername'");
$check = mysql_query($query_check) or die(mysql_error());
$row_check = mysql_fetch_assoc($check);
$totalRows_check = mysql_num_rows($check);

// If the passwords match.
if($mypassword == $row_check['password'])

{
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}

else {
echo "Wrong Username or Password";
}
?>

login_success.php
<?
session_start();
if (!session_is_registered(myusername)) {
header ("location:login.php");
}
?>

<html>
<head><title>welcome</title>
</head>
<body>
<h1>Login Successsful</h1>

<p>
<a href="logout.php">Log Out!</a></p>

</body>
</html>

logout.php
<?
session_start();
session_destroy();
?>

<html>
<head><title>Thanks</title>
</head>
<body>
<h1>You've Logged Out</h1>


</body>
</html>

login.php
<head>

<title>login page</title>

<style type = "text/css">
#loginform {
border 2px solid #600;
background-colour: #FFC;
width: 280px
}

forms {
margins: 5px;
}

label {
display: block;
width: 90px;
float: left;
clear: both;
}

label, input {
margin-bottom: 4px;
}

</style>
</head>
<body>

<div id ="loginform">
<form method="post" action="checklogin.php" name="form1">
<label for = "username">Username:</label>
<input type="text" name="myusername" id="username" />
<label for = "password">Password:</label>
<input type="text" name="mypassword" id="password" />
<input type="submit" name="submit" value="Login" />



</div>


</body>
</html>
User avatar
aceconcepts
DevNet Resident
Posts: 1424
Joined: Mon Feb 06, 2006 11:26 am
Location: London

Re: Login Page help?

Post by aceconcepts »

Without using a database you will never actually store their details.

If this is the case then you could use encoded SESSIONS.
dave_55
Forum Newbie
Posts: 19
Joined: Mon Mar 31, 2008 8:33 am

Re: Login Page help?

Post by dave_55 »

Hey again,

No I dont mind using a database as i already have one for the login, i just didnt want a administrator to have to input the info by hand.

So next to the login button there would be a registration page instead. Is there any tutorials i can look at for this???
User avatar
aceconcepts
DevNet Resident
Posts: 1424
Joined: Mon Feb 06, 2006 11:26 am
Location: London

Re: Login Page help?

Post by aceconcepts »

This is a good site for beginners and reference: http://www.tizag.com/

Have you ever created html forms before?
thaynejo
Forum Newbie
Posts: 14
Joined: Tue Apr 01, 2008 9:06 am

Re: Login Page help?

Post by thaynejo »

I recently set up a registration page for a site I worked on. I recommend using code similar to the following when storing the data in the database:

Code: Select all

 
$salt = "f34Afag4fAASDF";  \\ Random character string (put into a config.php file that is included on every page)
$query = "INSERT INTO table (username, password) VALUES (" . $_POST['username'] . ", " . md5($salt . $_POST['password']) . ")";
mysql_query($sql);
 
Then you just need to create a form that will collect the information you need from the user and POST it to a page with the above code. Then when verifying the login, you need to make the following change as well:

Code: Select all

// If the passwords match.
if(md5($salt . $mypassword) == $row_check['password'])
And do that every time you verify the password.

I also recommend that the variables for the database connection be stored in the config.php file mentioned earlier. That way if they change for whatever reason, you do not have to search through every page to make the change.
User avatar
aceconcepts
DevNet Resident
Posts: 1424
Joined: Mon Feb 06, 2006 11:26 am
Location: London

Re: Login Page help?

Post by aceconcepts »

Do remember that you cannot decode MD5 - it is a one-way encryption method!
AMCH
Forum Commoner
Posts: 31
Joined: Sun Mar 30, 2008 4:39 pm

Re: Login Page help?

Post by AMCH »

On a side-note to encryption, I tend to use the password variable as the salt as well which means it's different for everyone (assuming their passwords are different). It basically takes what they enter as their password and encrypts it using itself as the salt.

Example:

Code: Select all

$encrypted_password = crypt($password, $password);
Post Reply