**************************** config.php ***********************************
Code: Select all
<?php
$server = "localhost"; // server to connect to.
$database = "mydata"; // the name of the database.
$db_user = "root"; // mysql username to access the database with.
$db_pass = ""; // mysql password to access the database with.
$table = "users"; // the table that this script will set up and use.
?>
*************************** create.php *************************************
Code: Select all
<?php
include ("config.php");
// connect to the mysql server
$link = mysql_connect($server, $db_user, $db_pass)
or die ("Could not connect to mysql because ".mysql_error());
// select the database
mysql_select_db($database)
or die ("Could not select database because ".mysql_error());
// create table on database
$create = "create table $table (
id smallint(5) NOT NULL auto_increment,
username varchar(30) NOT NULL default '',
password varchar(32) NOT NULL default '',
PRIMARY KEY (id),
UNIQUE KEY username (username)
);";
mysql_query($create)
or die ("Could not create tables because ".mysql_error());
echo "Complete.";
?>
************** list.php ******************************
Code: Select all
<?php
include "config.php";
mysql_connect($server, $db_user, $db_pass) or die (mysql_error());
$result = mysql_db_query($database, "select * from $table order by id desc") or die (mysql_error());
if (mysql_num_rows($result)) {
echo "list of users:<ul>";
while ($qry = mysql_fetch_array($result)) {
echo "<li>$qry[username]</li>";
}
echo "</ul>end list of users.";
}
?>
****************** login.html *************************
Code: Select all
<html>
<head>
<title>User Registration</title>
</head>
<body>
<form action="login.php" method="post">
Username: <input type="text" name="username" size="20"><br>
Password: <input type="password" name="password" size="20"><br>
<input type="submit" value="Log In">
</form>
</body>
</html>
************** login.php ****************************
Code: Select all
<?php
ob_start();
include("config.php");
// connect to the mysql server
$link = mysql_connect($server, $db_user, $db_pass)
or die ("Could not connect to mysql because ".mysql_error());
// select the database
mysql_select_db($database)
or die ("Could not select database because ".mysql_error());
$match = "select id from $table where username = '".$_POST['username']."'
and password = '".$_POST['password']."';";
$qry = mysql_query($match)
or die ("Could not match data because ".mysql_error());
$num_rows = mysql_num_rows($qry);
if ($num_rows <= 0) {
echo "Sorry, there is no username $username with the specified password.<br>";
echo "<a href=login.html>Try again</a>";
exit;
} else {
setcookie("loggedin", "TRUE", time()+(3600 * 24));
setcookie("mysite_username", "$username");
echo "You are now logged in!<br>";
echo "Continue to the <a href=members.php>members</a> section.";
}
ob_end_flush();
?>
**************************** logout.php ***********************************
Code: Select all
<?php
// expire cookie
setcookie ("loggedin", "", time() - 3600);
echo "You are now logged out.<br>";
echo "<a href=\"login.html\">Log in</a>";
?>
***************** members.php ***************************************
Code: Select all
<html>
<head>
<title>Members' Section</title>
</head>
<body>
<?php
if (!isset($_COOKIE['loggedin'])) die("You are not logged in!<br><a href=login.html>log in</a>");
$mysite_username = $HTTP_COOKIE_VARS["mysite_username"];
echo "you are logged in as $mysite_username.<p>";
?>
<a href="logout.php">Log out</a>
</body>
</html>
***************************** register.html ************************
Code: Select all
<html>
<head>
<title>User Registration</title>
</head>
<body>
<form action="register.php" method="post">
Pick a Username: <input type="text" name="username" size="20"><br>
Pick a Password: <input type="password" name="password" size="20"><br>
<input type="submit" value="Sign Up">
</form>
</body>
</html>
************************* register.php ***********************
Code: Select all
<?php
include("config.php");
// connect to the mysql server
$link = mysql_connect($server, $db_user, $db_pass)
or die ("Could not connect to mysql because ".mysql_error());
// select the database
mysql_select_db($database)
or die ("Could not select database because ".mysql_error());
// check if the username is taken
$check = "select id from $table where username = '".$_POST['username']."';";
$qry = mysql_query($check)
or die ("Could not match data because ".mysql_error());
$num_rows = mysql_num_rows($qry);
if ($num_rows != 0) {
echo "Sorry, there the username $username is already taken.<br>";
echo "<a href=register.html>Try again</a>";
exit;
} else {
// insert the data
$insert = mysql_query("insert into $table values ('NULL', '".$_POST['username']."', '".$_POST['password']."')")
or die("Could not insert data because ".mysql_error());
// print a success message
echo "Your user account has been created!<br>";
echo "Now you can <a href=login.html>log in</a>";
}
?>