Jump to content

[URGENT REQUEST] Edit Password and Profile coding php

jenny21

By jenny21
in PHP Coding Help

 Share

Recommended Posts

jenny21 Newbie

jenny21

Posted
Posted

Hello my name is Jenny from asia, I would like to request help for develop this script login

I would like to request to you guys, how to create coding for edit password and edit profile for this scripts i share bellow :

 

description

  1.  config.php - This script contains the database connection details. Edit this file to specify your own database's connection details.

  2. register-form.php - A simple registration form

  3. register-exec.php - Handler script for the the above form. This script will create member accounts for you.

  4. login-form.php - Login form

  5. login-exec.php - Handler script for the above login form. This script authenticates the login details and then sets up a session for the user.

  6. logout.php - Script used to logout a user from the session.

  7. member-index.php - Sample password protected page.

  8. member-profile.php - Sample password protected page.

  9. auth.php - Include this script at the top of any page you want to password protect. This script checks whether the user is logged in or not.

 

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<title>Login Form</title>

<link href="loginmodule.css" rel="stylesheet" type="text/css" />

</head>

<body>

<p> </p>

<form id="loginForm" name="loginForm" method="post" action="login-exec.php">

  <table width="300" border="0" align="center" cellpadding="2" cellspacing="0">

    <tr>

      <td width="112"><b>Login</b></td>

      <td width="188"><input name="login" type="text" class="textfield" id="login" /></td>

    </tr>

    <tr>

      <td><b>Password</b></td>

      <td><input name="password" type="password" class="textfield" id="password" /></td>

    </tr>

    <tr>

      <td> </td>

      <td><input type="submit" name="Submit" value="Login" /></td>

    </tr>

  </table>

</form>

</body>

</html>

 

Login-Exec as the process login checking

 

<?php

//Start session

session_start();

 

//Include database connection details

require_once('config.php');

 

//Array to store validation errors

$errmsg_arr = array();

 

//Validation error flag

$errflag = false;

 

//Connect to mysql server

$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);

if(!$link) {

die('Failed to connect to server: ' . mysql_error());

}

 

//Select database

$db = mysql_select_db(DB_DATABASE);

if(!$db) {

die("Unable to select database");

}

 

//Function to sanitize values received from the form. Prevents SQL injection

function clean($str) {

$str = @trim($str);

if(get_magic_quotes_gpc()) {

$str = stripslashes($str);

}

return mysql_real_escape_string($str);

}

 

//Sanitize the POST values

$login = clean($_POST['login']);

$password = clean($_POST['password']);

 

//Input Validations

if($login == '') {

$errmsg_arr[] = 'Login ID missing';

$errflag = true;

}

if($password == '') {

$errmsg_arr[] = 'Password missing';

$errflag = true;

}

 

//If there are input validations, redirect back to the login form

if($errflag) {

$_SESSION['ERRMSG_ARR'] = $errmsg_arr;

session_write_close();

header("location: login-form.php");

exit();

}

 

//Create query

$qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'";

$result=mysql_query($qry);

 

//Check whether the query was successful or not

if($result) {

if(mysql_num_rows($result) == 1) {

//Login Successful

session_regenerate_id();

$member = mysql_fetch_assoc($result);

$_SESSION['SESS_MEMBER_ID'] = $member['member_id'];

$_SESSION['SESS_FIRST_NAME'] = $member['firstname'];

$_SESSION['SESS_LAST_NAME'] = $member['lastname'];

session_write_close();

header("location: member-index.php");

exit();

}else {

//Login failed

header("location: login-failed.php");

exit();

}

}else {

die("Query failed");

}

?>

 

If users not exist will be redirect here

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<title>Login Failed</title>

<link href="loginmodule.css" rel="stylesheet" type="text/css" />

</head>

<body>

<h1>Login Failed </h1>

<p align="center"> </p>

<h4 align="center" class="err">Login Failed!<br />

  Please check your username and password</h4>

</body>

</html>

 

Config.php

<?php

define('DB_HOST', 'localhost');

    define('DB_USER', 'admin');

    define('DB_PASSWORD', '');

    define('DB_DATABASE', 'l');

?>

 

 

This is for register form

 

<?php

session_start();

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<title>Login Form</title>

<link href="loginmodule.css" rel="stylesheet" type="text/css" />

</head>

<body>

<?php

if( isset($_SESSION['ERRMSG_ARR']) && is_array($_SESSION['ERRMSG_ARR']) && count($_SESSION['ERRMSG_ARR']) >0 ) {

echo '<ul class="err">';

foreach($_SESSION['ERRMSG_ARR'] as $msg) {

echo '<li>',$msg,'</li>';

}

echo '</ul>';

unset($_SESSION['ERRMSG_ARR']);

}

?>

<form id="loginForm" name="loginForm" method="post" action="register-exec.php">

  <table width="300" border="0" align="center" cellpadding="2" cellspacing="0">

    <tr>

      <th>First Name </th>

      <td><input name="fname" type="text" class="textfield" id="fname" /></td>

    </tr>

    <tr>

      <th>Last Name </th>

      <td><input name="lname" type="text" class="textfield" id="lname" /></td>

    </tr>

    <tr>

      <th width="124">Login</th>

      <td width="168"><input name="login" type="text" class="textfield" id="login" /></td>

    </tr>

    <tr>

      <th>Password</th>

      <td><input name="password" type="password" class="textfield" id="password" /></td>

    </tr>

    <tr>

      <th>Confirm Password </th>

      <td><input name="cpassword" type="password" class="textfield" id="cpassword" /></td>

    </tr>

    <tr>

      <td> </td>

      <td><input type="submit" name="Submit" value="Register" /></td>

    </tr>

  </table>

</form>

</body>

</html>

 

and register process

 

<?php

//Start session

session_start();

 

//Include database connection details

require_once('config.php');

 

//Array to store validation errors

$errmsg_arr = array();

 

//Validation error flag

$errflag = false;

 

//Connect to mysql server

$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);

if(!$link) {

die('Failed to connect to server: ' . mysql_error());

}

 

//Select database

$db = mysql_select_db(DB_DATABASE);

if(!$db) {

die("Unable to select database");

}

 

//Function to sanitize values received from the form. Prevents SQL injection

function clean($str) {

$str = @trim($str);

if(get_magic_quotes_gpc()) {

$str = stripslashes($str);

}

return mysql_real_escape_string($str);

}

 

//Sanitize the POST values

$fname = clean($_POST['fname']);

$lname = clean($_POST['lname']);

$login = clean($_POST['login']);

$password = clean($_POST['password']);

$cpassword = clean($_POST['cpassword']);

 

//Input Validations

if($fname == '') {

$errmsg_arr[] = 'First name missing';

$errflag = true;

}

if($lname == '') {

$errmsg_arr[] = 'Last name missing';

$errflag = true;

}

if($login == '') {

$errmsg_arr[] = 'Login ID missing';

$errflag = true;

}

if($password == '') {

$errmsg_arr[] = 'Password missing';

$errflag = true;

}

if($cpassword == '') {

$errmsg_arr[] = 'Confirm password missing';

$errflag = true;

}

if( strcmp($password, $cpassword) != 0 ) {

$errmsg_arr[] = 'Passwords do not match';

$errflag = true;

}

 

//Check for duplicate login ID

if($login != '') {

$qry = "SELECT * FROM members WHERE login='$login'";

$result = mysql_query($qry);

if($result) {

if(mysql_num_rows($result) > 0) {

$errmsg_arr[] = 'Login ID already in use';

$errflag = true;

}

@mysql_free_result($result);

}

else {

die("Query failed");

}

}

 

//If there are input validations, redirect back to the registration form

if($errflag) {

$_SESSION['ERRMSG_ARR'] = $errmsg_arr;

session_write_close();

header("location: register-form.php");

exit();

}

 

//Create INSERT query

$qry = "INSERT INTO members(firstname, lastname, login, passwd) VALUES('$fname','$lname','$login','".md5($_POST['password'])."')";

$result = @mysql_query($qry);

 

//Check whether the query was successful or not

if($result) {

header("location: register-success.php");

exit();

}else {

die("Query failed");

}

?>

 

Now I'm really confused to coding edit password and edit-process.php

because the script use MD5 protection

 

Please help me to build coding content edit password and profile. I will wait for your reply very soon mate

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.