Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    Regular Coder
    Join Date
    Jul 2002
    Location
    Earth
    Posts
    113
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Please Help Me With This Sign In Code

    PHP Code:
    <?php 
        
    // Login Routine and Logout Routine 
        // 
        // VARS: 
        // $user 
        // $password 
        // zcommon.php for std set of vars and message text 

        // Include common variables and message text 
        // include 'zcommon.php'; 
        // Normally these would come from an include file. Since this is 
        // an example, we'll just put them here: 
        // db login parameters 
        
    $dbhost "YOURHOSTHERE"
        
    $dbuser "YOURUSERHERE"
        
    $dbpassword "YOURPASSHERE"
        
    $db "YOURDBHERE"
        
    $sysadminemail "sjohnson@fuzzygroup.com"

        switch (
    $action) { 
            case 
    login
                
    process_login(); 
                die(); 
            case 
    logout
                
    //null out cookies at start of login routine 
                // note on using cookies. 
                // MUST BE SET before ANY http output. 
                // They TRAVEL in the http HEADER so have to go first. 
                
    setcookie ("ck_username"""); 
                
    setcookie("ck_password"""); 
                
    setcookie("ck_user_id"""); 
                die(); 
        } 

        function 
    process_login() { 
            global 
    $dbhost
            global 
    $dbuser
            global 
    $dbpassword
            global 
    $db

            
    // define homepage and text variables 
            
    global $homepage
            global 
    $homedir
            global 
    $sysadminemail
            global 
    $userstable

            
    //form vars 
            
    global $username
            global 
    $password

            
    // Connecting, selecting database 
            
    $link mysql_connect("$dbhost""$dbuser""$dbpassword"
                or die(
    "Could not connect"); 

            
    mysql_select_db("$db"
                or die(
    "Could not select database"); 

            
    //Check that the user exists in the db and if not, create an 
            // error page 
            
    $query "SELECT user_id FROM imsaver_users WHERE " 
            
    "username='$username'"
            
    $result mysql_query($query
                or die(
    "Query failed at userid retrieval stage."); 

            
    //Logic concept: if the user_id doesn't exist, an empty string 
            // or "" will be returned with the $user_id call below. 
            // We can test this to see if the user has entered the username 
            // correctly 
            
    $num_rows mysql_num_rows($result); 
            
    $row mysql_fetch_array($result); 
            
    $user_id $row[0]; 

            
    //very important for user friendliness -- tell them 
            // what the login error was -- incorrect 
            // username or incorrect password 
            // first test -- did the username exist 
            
    if ($user_id == "") { 
                print 
    "<HTML>"
                print 
    "<HEAD>"
                print 
    "<TITLE>"
                print 
    "Incorrect username"
                print 
    "</TITLE>"
                print 
    "<BODY>"
                print 
    "<CENTER>"
                print 
    "<B><CENTER>We're sorry but the username that you"
                print 
    "entered doesn't seem to exist in our database.<BR>"
                print 
    "Perhaps you entered it in error. Press the back button "
                print 
    "to try again."
            } 
            else { 
                
    //this means that there was 1 result from the query so that 
                // username exists in the database 

                //now have to verify password. Basically same code. 

                
    $query "SELECT password " 
                
    " FROM imsaver_users " 
                
    " WHERE username='$username'"

                
    $result mysql_query($query
                    or die(
    "Query failed at userid retrieval stage."); 

                
    //Encrypt the password the user entered since our 
                // database stores it in encrypted fashion and we need to 
                // compare it this way 
                 
    $encryptedpassword md5($password); 

                 
    $row mysql_fetch_array($result); 

                
    //grab the password from the row array, 0th element 
                // since only 1 column selected 
                // have to use a variable $passwordfromdb so we don't 
                // overwrite our $password variable from the form var 
                
    $passwordfromdb $row[0]; 

                if (
    $encryptedpassword == $passwordfromdb) { 
                    
    //set our cookies for our future security checks 
                     
    setcookie ("ck_username"$username); 
                     
    setcookie("ck_password"$password); 
                     
    setcookie("ck_user_id"$user_id); 

                    
    // Create our results page showing them they are logged in 
                     
    print "<HTML>"
                     print 
    "<HEAD>"
                     print 
    "<TITLE>"
                     print 
    "You're Logged In!"
                     print 
    "</TITLE>"
                     print 
    "<BODY>"
                     print 
    "You're Logged In"
                    
    //This needs to have a link added of course 
                    //If you wanted to automatically take them to the main screen 
                    // then use the header function to redirect them 
                     
    print "Click Here to Continue"
                     print 
    "</BODY>"
                     print 
    "</HTML>"

                    
    //close the database 
                    // Closing connection 
                    
    mysql_close($link); 
                } 
                else { 
                    
    //passwords didn't match so make an error page 
                    
    print "<HTML>"
                    print 
    "<HEAD>"
                    print 
    "<TITLE>"
                    print 
    "Incorrect password"
                    print 
    "</TITLE>"
                    print 
    "<BODY>"
                    print 
    "<CENTER>"
                    print 
    "<B><CENTER>We're sorry but the password that you entered"
                    print 
    "doesn't match with the one in our database.<BR>"
                    print 
    "Press the back button to try again."
                    print 
    "</CENTER>"
                    print 
    "</BODY>"
                    print 
    "</HTML>"

                    
    // Closing connection 
                     
    mysql_close($link); 
                } 
            } 
        } 

    ?>
    PLEASE HELP ME WITH THIS CODE. each time i try to use it, firstly, it doesn't mask the user name and id, and secondly, it gives me a blank page. this is the form i'm suppose to use with it.


    <form name=registration action="logme.php" method="get">
    Username:
    <input name="username" type="text" width="10"><BR>
    Password:
    <input name="password" type="password" width="10"><BR>
    <INPUT TYPE=SUBMIT VALUE="Log In">
    </form>
    Life is funny, especially when you're poor.

  • #2
    Regular Coder
    Join Date
    Jul 2002
    Location
    Earth
    Posts
    113
    Thanks
    0
    Thanked 0 Times in 0 Posts
    this is the sign up code. some things like 'user id' and stuff doesn't seem to match at all.


    PHP Code:
    <? 
        
    // User Sign Up PHP Script 
        // 
        // This script validates information, saves it to the database 
        // displays it to them 
        // and sends it to them via email 
        // 
        // vars: 
        // $signupusername 
        // $signuppassword 
        // $signuppasswordverify 
        // $signupemailaddress 
        // 
        // Note have to use signup* vars initially to make it 
        // clear to ourselves that 
        // we're dealing with signupotherwise 

        // Include common variables and message text 
        // include 'zcommon.php'; 
        // Normally these would come from an include file. Since this is 
        // an example, we'll just put them here: 
        // db login parameters 

        
    $dbhost "YOURHOSTHERE"
        
    $dbuser "YOURUSERHERE"
        
    $dbpassword "YOURPASSHERE"
        
    $db "YOURDBHERE"
        
    $sysadminemail "sjohnson@fuzzygroup.com";  


        
    // null out cookies if new user 
        // null out cookies at start of sign in routine 
        // all cookies begin with "ck_" to indicate that they are a cookie 
        // helps troubleshoot mysterious cookie errors 
        // note on using cookies. 
        // MUST BE SET before ANY http output. 
        // They TRAVEL in the http HEADER so have to go first. 
        
    setcookie ("ck_user"""); 
        
    setcookie ("ck_password"""); 
        
    setcookie ("ck_user_id"""); 

        
    // 0th check that passwords match 
        
    if($signuppassword!=$signuppasswordverify) { 
            
    create_error_page_passwordsnotmatch(); 
        } 
        else { 
            
    // their passwords match so enter next validation stage 
            // first test that their username isn't already in use 

            // Connecting, selecting database 
            
    $link mysql_connect("$dbhost""$dbuser""$dbpassword"
                or die(
    "Could not connect"); 
            
    // select the database 
            
    mysql_select_db("$db"
                or die(
    "Could not select database"); 
            
    // try and select the username that the user entered to see if 
            // it is already in the db 
            
    $query "SELECT username " 
            
    " FROM users " 
            
    " WHERE username='$signupusername'"

            
    $result mysql_query($query
                or die(
    "Query failed at username unique testing stage."); 

            
    // logic -- if the num_rows is 1 then the username is already 
            // in use and they have to choose another 
            
    $num_rows mysql_num_rows($result); 
            
    // don't need to get it -- its the same as what we already have 

            // num_rows can't ever be >= to 1 since unique constraint 
            // on the column of data 
            
    if ($num_rows == 1) { 
                
    create_error_page_usernameinuse(); 
            } 
            else { 
                
    // NOTE -- Depending on how you want to define 
                // a valid password (5 chars, 6 chars 
                // plus a number, etc), that would go here 

                //Capture the ipaddress and call MD5 
                
    $ipaddress getenv ("REMOTE_ADDR"); 
                
    $encryptedpassword md5($signuppassword); 

                
    //try and add them to the database 
                
    $query "INSERT INTO users " 
                
    " ( username, password, date, ipaddress ) " 
                
    " VALUES ('$signupusername','$encryptedpassword', " 
                
    " NOW(), '$ipaddress')"

                
    //execute the query 
                
    $result mysql_query($query
                or die(
    "Query failed at user insertion stage."); 

                
    //now query the db back for the user_id variable 
                
    $query "SELECT user_id " 
                
    " FROM users " 
                
    " WHERE username='$signupusername'"

                
    // get the result 
                
    $result mysql_query($query
                or die(
    "Query failed at userid retrieval stage."); 

                
    //get the user_id from the result 
                
    $num_rows mysql_num_rows($result); 
                
    $row mysql_fetch_array($result); 
                
    $user_id $row[0]; 

                
    // send the cookies now. MUST BE FIRST THING OUTPUT 
                
    setcookie ("ck_username""$signupusername"); 
                
    setcookie ("ck_password""$signuppassword"); 
                
    setcookie ("ck_user_id""$user_id"); 

                
    //Define the $title variable for the page title 
                
    $title "Thanks for Signing Up!"

                
    //Set up the page header 
                
    PrintPageHeader("$title"); 

                
    //Print out the body of the page 
                // Note that some basic html formatting is used 
                // here to make it look better 

                
    print "<TABLE WIDTH=728 BGCOLOR=WHITE><TR><TD>"
                print 
    "<H1>Thank You...</H1>"
                print 
    "<HR>"
                print 
    "<CENTER>Thanks for playing! "
                print 
    "Seriously, we appreciate your signing"
                print 
    "up.</CENTER><BR><BR>"
                print 
    "Here is the information that you entered:"
                print 
    "<UL>"
                print 
    "<LI>Username: $signupusername</LI>"
                print 
    "<LI>Password: $signuppassword</LI>"
                print 
    "<LI>Email Address: $emailaddress</LI>"
                print 
    "</UL>"
                print 
    "<BR>We have also emailed this to the email "
                print 
    "address you gave us.<BR>"
                print 
    "</TD>"
                print 
    "</TR>"
                print 
    "<TABLE>"

                
    //Usually you want to add a link to your 
                // application's home page here. 
                // Left as an exercise for the reader. 

                //handle sending out the email if we got an email address! 
                
    if ($emailaddress != "") { 
                    
    // compose the email 
                    
    $to $emailaddress
                    
    $subject "Your IMSaver Account"
                    
    $message "Hi there, " 
                    
    "Your account has been created and is ready for use." 
                    
    "" 
                    
    "" 
                    
    "Your username is: $signupusername" 
                    
    "Your password is: $signuppassword" 
                    
    "" 
                    
    "Thanks for signing up for YOURNAMEHERE." 
                    
    "http://YOURURLHERE/" 
                    
    "" 
                    
    "YOURNAMEHERE"
                    
    // send the email 
                    
    mail($to$subject$message"From: [email]YOU@YOU.COM[/email]""YOU@YOU.COM"); 
                } 

                
    //Set up the footer of the page 
                
    PrintPageFooter(""); 
            } 
        } 

        
    // start of functions 

        
    function PrintPageHeader ($title) { 
            print 
    "<HTML>"
            print 
    "<HEAD>"
            print 
    "<TITLE>"
            print 
    "$title"
            print 
    "</TITLE>"
            print 
    "</HEAD>"
            print 
    "<BODY>"
        } 

        function 
    PrintPageFooter ($title) { 
            print 
    "</BODY>"
            print 
    "</HTML>"
        } 


        function 
    create_error_page_passwordsnotmatch() { 
            
    //Define the $title variable for the page title 
            
    $title "We're Sorry But You're Passwords Don't Match!"

            
    //Set up the page header 
            
    PrintPageHeader("$title"); 

            print 
    "<TABLE WIDTH=728 BGCOLOR=WHITE><TR><TD>"
            print 
    "<H1>We're Sorry...</H1>"
            print 
    "<HR>"
            print 
    "<BR>"
            print 
    "We're sorry but You didn't enter matching passwords. "
            print 
    "&nbsp;Please make sure that you enter your password "
            print 
    "in the Password field and the Verify Password fields "
            print 
    "and that both are the same.<BR><BR>"
            print 
    "Please press the back button and make sure that the "
            print 
    "passwords match."

            
    // close container table 
            
    print "</TD></TR></TABLE>"

            
    //Set up the footer of the page 
            
    PrintPageFooter(""); 
        } 


        function 
    create_error_page_usernameinuse() { 
            
    //Define the $title variable for the page title 
            
    $title "We're Sorry But that Username is Already in Use..."

            
    //Set up the page header 
            
    PrintPageHeader("$title"); 

            print 
    "<TABLE WIDTH=728 BGCOLOR=WHITE><TR><TD>"

            print 
    "<H1>We're Sorry...</H1>"
            print 
    "<HR>"
            print 
    "<BR>You entered a Username that another person is using"
            print 
    "<BR>Press Back to try again."
            
    // close container table 
            
    print "</TD></TR></TABLE>"

            
    //Set up the footer of the page 
            
    PrintPageFooter(""); 
        } 

    ?>
    Life is funny, especially when you're poor.

  • #3
    Regular Coder
    Join Date
    Jul 2002
    Location
    Earth
    Posts
    113
    Thanks
    0
    Thanked 0 Times in 0 Posts
    this is the table


    create table users (
    user_id INT NOT NULL PRIMARY KEY AUTO_INCREMENT,
    username CHAR(30) NOT NULL UNIQUE,
    password CHAR(40) NOT NULL,
    email char(75),
    hintquestion CHAR(50),
    hintanswer CHAR(50),
    date DATETIME
    Life is funny, especially when you're poor.

  • #4
    New to the CF scene
    Join Date
    Jul 2002
    Posts
    9
    Thanks
    0
    Thanked 0 Times in 0 Posts
    is that a script from a tutorial site? if so, where?

  • #5
    Regular Coder
    Join Date
    Jul 2002
    Location
    Earth
    Posts
    113
    Thanks
    0
    Thanked 0 Times in 0 Posts
    http://www.phpbeginner.com/columns/s...thentication/1


    i got the sign up to work. seems it was missing a field, but i need a code that checks to make sure that all pages that are 'member' pages, have been logged in.
    Life is funny, especially when you're poor.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •