Login system, lets try and modify
Posted: Sun Oct 19, 2008 6:50 am
I tried to make login system so here it is, try it and help to improve it.
Sql database table
Add at page top, what you want protect.
Login.php
config.php
testlog.php
Sql database table
Code: Select all
CREATE TABLE `andmed`.`login` (
`id` INT NOT NULL AUTO_INCREMENT ,
`username` VARCHAR( 62 ) NOT NULL ,
`password` VARCHAR( 33 ) NOT NULL ,
`time` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
PRIMARY KEY ( `id` )
) ENGINE = InnoDB
Code: Select all
require_once('Login.php');
$login = Login::getInstance();
if ($login->isLogged()) {
echo 'You are in';
}
Code: Select all
<?php
session_start();
require_once('config.php');
class Login {
private $sql;
private static $instance = null;
protected function __construct() {
$this->sql = new mysqli(Config::HOST, Config::USER, Config::PASS, Config::DB);
if (mysqli_connect_error()) {
exit('Error with db connection');
}
}
public static function getInstance() {
if (self::$instance == null) {
$c = __CLASS__;
self::$instance = new $c;
}
return self::$instance;
}
public function isLogged() {
if (isset($_SESSION['user']) && isset($_SESSION['pass'])) {
$stmt = $this->sql->prepare("SELECT `id` , `username` , `password`
FROM `login`
WHERE (
`username` = ?
AND
`password` = ?)");
$stmt->bind_param('ss', $_SESSION['user'], $_SESSION['pass']);
$stmt->execute();
$stmt->store_result();
return ($stmt->num_rows == 1) ? true : false;
} else {
return false;
}
}
public function login($username, $password) {
if (strlen($username) > 3 && strlen($password) > 3) {
$stmt = $this->sql->prepare("SELECT `id` , `username` , `password`
FROM `login`
WHERE (
`username` = ?
AND
`password` = ?)");
$stmt->bind_param('ss', $username, md5($password + Config::SALT));
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows == 1) {
$_SESSION['user'] = $username;
$_SESSION['pass'] = md5($password + Config::SALT);
return true;
} else {
return false;
}
} else {
return false;
}
}
public function logout() {
unset($_SESSION['user']);
unset($_SESSION['pass']);
session_destroy();
}
public function __destruct() {
$this->sql->close();
}
}
?>
Code: Select all
<?php
class Config {
const HOST = 'localhost';
const USER = 'root';
const PASS = '';
const DB = 'andmed';
const SALT = 'ThisWillBeSalt';
}
?>
Code: Select all
<?php
require_once('Login.php');
$login = Login::getInstance();
if (isset($_POST['login'])) {
if ($login->login($_POST['user'], $_POST['pass'])) {
header('Location: mysqli_prep.php');
} else {
echo '<p>Problem with login</p>';
}
}
?>
Login test
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<p>User: <input type="text" name="user" value="" /></p>
<p>Pass: <input type="password" name="pass" value="" /></p>
<p> <input type="submit" name="login" value="Log in" /></p>
</form>