PHP
Login System
Rate This Article
Tutorial8 Rating: 5.0/5 (2 votes cast)
Creating a login script
for your site can make it look very professional. Our script is
very simple and easy to implement. There are very few requirements
in order to make it work, first is to have a PHP enabled server.
Usually if your server is Linux based you can run PHP, check with
your hosting company. Second you will need a database, for our
example we will use a MySQL database, which again usually comes
with a Linux based server. Our tutorial will track users with
cookies.
Database
First we need to create the database to store users. Since this
is a very simple login script we will only be using the username
and password fields, but you can create as many as you wish. Below
is the SQL statement you will need to run in your SQL query.
CREATE TABLE users (ID MEDIUMINT NOT NULL AUTO_INCREMENT
PRIMARY KEY, username VARCHAR(60), password VARCHAR(60))
That statement creates a database table called users with 3 fields:
password, username, and ID. The ID field is not used by you, but
keeps a unique count within the database and can be used with
a more advanced tutorial to pull information from the database
easily.
Before we begin here is neat code that will
allow you to run php in a .html or .htm page:
This goes in your .htaccess text file. If you do not know what
that is ask you hosting provider.
AddHandler application/x-httpd-php52 .php .htm
.html
Registration Page(added.php)
<?php
// Connects to your Database
mysql_connect("your.hostaddress.com", "username",
"password") or die(mysql_error());
mysql_select_db("Database_Name") or die(mysql_error());
//This code runs if the form has been submitted
if (isset($_POST['submit'])) {
//This makes sure they did not leave any fields
blank
if (!$_POST['username'] | !$_POST['pass'] | !$_POST['pass2'] )
{
die('You did not complete all of the required fields');
}
// checks if the username is in use
if (!get_magic_quotes_gpc()) {
$_POST['username'] = addslashes($_POST['username']);
}
$usercheck = $_POST['username'];
$check = mysql_query("SELECT username FROM users WHERE username
= '$usercheck'")
or die(mysql_error());
$check2 = mysql_num_rows($check);
//if the name exists it gives an error
if ($check2 != 0) {
die('Sorry, the username '.$_POST['username'].' is already in
use.');
}
// this makes sure both passwords entered match
if ($_POST['pass'] != $_POST['pass2']) {
die('Your passwords did not match. ');
}
// here we encrypt the password and add slashes
if needed
$_POST['pass'] = md5($_POST['pass']);
if (!get_magic_quotes_gpc()) {
$_POST['pass'] = addslashes($_POST['pass']);
$_POST['username'] = addslashes($_POST['username']);
}
// now we insert it into the database
$insert = "INSERT INTO users (username, password)
VALUES ('".$_POST['username']."', '".$_POST['pass']."')";
$add_member = mysql_query($insert);
?>
<h1>Registered</h1>
<p>Thank you, you have registered - you may now login</a>.</p>
?php
}
else
{
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>"
method="post">
<table border="0">
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="60">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="10">
</td></tr>
<tr><td>Confirm Password:</td><td>
<input type="password" name="pass2" maxlength="10">
</td></tr>
<tr><th colspan=2><input type="submit"
name="submit" value="Register"></th></tr>
</table>
</form>
<?php
}
?>
The code above first checks to see if a form was
submitted, if so it checks to make sure all data is valid (passwords
are the same, and username is not already taken). If everything
checks out it adds the user to the database, if not then it displays
the appropriate error.
If the form has not been submitted, they only see a blank form ready
to be filled with information.
Continued on Part 2
|
