How To Make A Complete Login System In Easy Steps
A Tutorial On Creating Entire Login System Along With User Profiles Quick and Easy Using Php And Mysql.
First, let’s make register.php:
CODE
<?
include(”conn.php”); // create a file with all the database connections
if($do_register){ // if the submit button were clicked
if((!$name) || (!$email) || (!$age) || (!$login) || (!$password) || (!$password2)){
print “You can’t let any fields in blank.\n”; // if the user did not put some field
exit;
}
$name = stripslashes($name);
$email = stripslashes($email);
$age = stripslashes($age);
$login = stripslashes($login);
$password = stripslashes($password);
$password2 = stripslashes($password2);
// this is for security reasons
if($password != $password2){ // if passwords didn’t match
print “The password and the confirmation are not the same!\n”;
exit;
}
$password = md5($password);
mysql_query(”INSERT INTO table (name,email,age,login,password) VALUES (’$name’,'$email’,$age,’$login’,'$password’)”) or die (mysql_error());
print “Done!\n”; // if its okay, show this message
exit;
} // close the first “if”
?>
<form action=”register.php” method=”post”>
Name: <input type=”text” name=”name”><br>
Email: <input type=”text” name=”email”><br>
Age: <input type=”text” name=”age”><br>
Login: <input type=”text” name=”login”><br>
Password: <input type=”password” name=”password”><br>
Password Again: <input type=”password” name=”password2″><br>
<input type=”submit” name=”do_register” value=”Sumbit”>
</form>
And now ‘conn.php’, which is ‘included’ in the above file.
CODE
$host = ‘localhost’;
$user = ‘root’;
$pass = ”;
$db = ‘yourdb’;
mysql_connect($host,$user,$pass) or die (”Database is unavaiable. Please try again later.”);
mysql_select_db($db) or die (”Database is unavaiable. Please try again later.”);
And now, login.php:
CODE
<?
include(”conn.php”);
if($do_login){
$login = stripslashes($login); // VERY IMPORTANT FOR SECURITY OF YOUR DATABASE DON’T ERASE IT
$passwd = stripslashes($passwd); // VERY IMPORTANT FOR SECURITY OF YOUR DATABASE DON’T ERASE IT
$check = mysql_query(”SELECT * FROM table WHERE login=’$login’ LIMIT 1;”);
$user = mysql_fetch_array($check);
if($user[password] == md5($passwd)){ // if the writed password and the db password are the same…
setcookie(”login”,”$login”,time()+360000);
setcookie(”pass”,”$passwd”,time()+360000);
// …set the cookies…
header(”Location: userspage.php”); // …and redirect to restrict page
}else{
print “Login or password incorrects!\n”;
exit;
}
}
?>
<form action=”login.php” method=”post”>
Login: <input type=”text” name=”login”><br>
Passwd: <input type=”password” name=”passwd”>
<input type=”submit” name=”do_login” value=”Log-in!”>
</form>
And finally, userspage.php:
CODE
<?
if(isset($HTTP_COOKIE_VARS[”login”])){
?>
Page contents here
<?
}else{
?>
This page is restrict for registered users only!
<?
}
?>
verify.php:
CODE
<?
include(”conn.php”); // include page with the database connection
$cookie = $HTTP_COOKIE_VARS; // to reduce the var’s name :o)
if($cookie[login] && $cookie[pass]){
$login = $cookie[login];
$pass = $cookie[pass];
$usrquery = mysql_query(”SELECT * FROM members WHERE nick=’$login’ AND password=’$pass’;”) or die (mysql_error()); // search for the user
$user = mysql_fetch_array($usrquery);
if($user[level] != ‘Admin’)
header(”Location: notfound.htm”); // if the user is not an admin, redirect to an error page
}
?>
admin.php:
CODE
<?
include(”verify.php”); // it will verify if the user is an admin
?>
<!– Here, the table with all the members –>
<table width=”100%” border=”0″ cellspacing=”0″ cellpadding=”0″>
<tr>
<td>
<form method=”post” action=”members.php”>
<table width=”100%” border=”0″ cellspacing=”3″ cellpadding=”0″>
<tr bgcolor=”#333333″>
<th width=”6%” class=”header”><font size=”1″>Editar</font></th>
<th width=”1%” class=”header”><font size=”1″>ID</font></th>
<th width=”24%” class=”header”><font size=”1″>Name</font></th>
<th width=”13%” class=”header”><font size=”1″>Age</font></th>
<th width=”40%” class=”header”><font size=”1″>E-Mail</font></th>
<th width=”11%” class=”header”><font size=”1″>Details…</font></th>
</tr>
<?
$query = mysql_query(”SELECT * FROM members ORDER BY id;”);
if(!mysql_fetch_array($query)) // If there is no members
print “<tr><td align=\”center\” colspan=\”7\”><font color=\”#FFFFFF\” size=\”2\”><b>Sorry, there is no members registered.</b></font></td></tr>\n”;
// Show you a message
while($profiles = mysql_fetch_array($query))
{
?>
<tr bgcolor=”#666666″>
<td> <div align=”center”><input type=”checkbox” name=”id[]” value=”<?=$profiles[id]?>”></div></td>
<td> <div align=”center”><?=$profiles[id]?></div></td>
<td> <div align=”center”><?=$profiles[name]?></div></td>
<td> <div align=”center”><?=$profiles[age]?></div></td>
<td> <div align=”center”><?=$profiles[email]?></div></td>
<td> <div align=”center”><a href=”profiles.php?op=edit&id=<?=$profiles[id]?>” target=”_blank”>More info…</a></div></td>
</tr>
<?
}
?>
</table>
</td>
</tr>
</table>
</form>
Done, now, profiles.php (used to see and edit member information):
CODE
<?
include(”verify.php”); // always put this page, or everybody would have access to this page
function Update (&$member, $table, $data)
{
global $id;
$items = explode(” “,$data);
$update = “”;
$i = 0;
while ($tmp = $items[$i++])
{
$data = $member[$tmp];
if (is_numeric($data))
$update .= “$tmp=$data”;
else
{
sqlQuotes($data);
$update .= “$tmp=’$data’”;
}
if ($items[$i]) $update .= “,”;
}
mysql_query(”UPDATE $table SET $update WHERE id=$member[id];”);
}
// this function is really nice!!
switch($op){
case ‘edit’: // if you’re trying to edit/see info
$profile = mysql_fetch_array(mysql_query(”SELECT * FROM members WHERE id=$id;”)); // save the user informations on an variable
?>
<!– now, lets show an table –>
<form action=”profiles.php?op=doedit&memberid=<?=$profile[id]?>” method=”post”>
<table width=”100%” border=”0″ cellspacing=”3″ cellpadding=”0″>
<tr>
<td width=”25%”><font color=”#FFFFFF”>ID</font></td>
<td width=”75%”><input name=”id” type=”text” id=”id” value=”<?=$profile[id]?>” size=”2″></td>
</tr>
<tr>
<td><font color=”#FFFFFF”>Name</font></td>
<td><input name=”name” type=”text” id=”nome” value=”<?=$profile[name]?>” maxlength=”32″></td>
</tr>
<tr>
<td><font color=”#FFFFFF”>Age</font></td>
<td><input name=”age” type=”text” value=”<?=$profile[age]?>” maxlength=”32″></td>
</tr>
<tr>
<td><font color=”#FFFFFF”>Country</font></td>
<td><input name=”country” type=”text” id=”estado” value=”<?=$profile[country]?>” size=”2″ maxlength=”2″></td>
</tr>
<tr>
<td><font color=”#FFFFFF”>City</font></td>
<td><input name=”city” type=”text” id=”cidade” value=”<?=$profile[city]?>”></td>
</tr>
<tr>
<td><font color=”#FFFFFF”>ICQ</font></td>
<td><input name=”icq” type=”text” id=”icq” value=”<?=$profile[icq]?>”></td>
</tr>
<tr>
<td height=”22″><font color=”#FFFFFF”>MSN</font></td>
<td><input name=”msn” type=”text” id=”msn” value=”<?=$profile[msn]?>”></td>
</tr>
<tr>
<td><font color=”#FFFFFF”>HP</font></td>
<td><input name=”hp” type=”text” id=”hp” value=”<?=$profile[hp]?>” size=”40″></td>
</tr>
<tr>
<td><font color=”#FFFFFF”>E-mail</font></td>
<td><input name=”email” type=”text” id=”email” value=”<?=$profile[email]?>” maxlength=”60″></td>
</tr>
<tr>
<td colspan=”2″> </td>
</tr>
<tr>
<td colspan=”2″><div align=”center”>
<input type=”submit” value=”Save”>
<input type=”reset” value=”Reset”>
</div></td>
</tr>
</table>
</form>
<?
break;
case ‘doedit’:
if(!$memberid)
return;
$profile[name] = $name;
$profile[age] = $age;
$profile[country] = $country;
$profile[city] = $city;
$profile[icq] = $icq;
$profile[msn] = $msn;
$profile[hp] = $hp;
$profile[email] = $email;
Update($profile,”members”,”name age country city icq msn hp email”);
mysql_query(”UPDATE members SET id=$id WHERE id=$memberid;”); // update user’s id
EndNow(”Details saved!<br><br><a href=\”admin.php\”>Back</a>”);
break;
}
?>
Try to don’t only copy the code and post into your site. If you do it, you will learn nothing with this tut. I hope it have been usefull for you!
This post has been edited by jlhaslip: Jan 6 2006, 07:58 AM
Webhosting - 0.99$/Pay monthly 1 GB Space, 5GB BW, Cpanel etcdel.icio.us Digg it Earthlink Furl iFeedReaders ma.gnolia Maple.nu Netvouz Netscape RawSugar reddit Scuttle Shadows Simpy Spurl StumbleUpon Wink Yahoo MyWeb
