Jump to content

[URGENT REQUEST] Edit Password and Profile coding php

jenny21

By jenny21
in PHP Coding Help

Recommended Posts

jenny21 Newbie

jenny21

Posted
Posted

Hello my name is Jenny from asia, I would like to request help for develop this script login

I would like to request to you guys, how to create coding for edit password and edit profile for this scripts i share bellow :

 

description

  1.  config.php - This script contains the database connection details. Edit this file to specify your own database's connection details.

  2. register-form.php - A simple registration form

  3. register-exec.php - Handler script for the the above form. This script will create member accounts for you.

  4. login-form.php - Login form

  5. login-exec.php - Handler script for the above login form. This script authenticates the login details and then sets up a session for the user.

  6. logout.php - Script used to logout a user from the session.

  7. member-index.php - Sample password protected page.

  8. member-profile.php - Sample password protected page.

  9. auth.php - Include this script at the top of any page you want to password protect. This script checks whether the user is logged in or not.

 

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<title>Login Form</title>

<link href="loginmodule.css" rel="stylesheet" type="text/css" />

</head>

<body>

<p> </p>

<form id="loginForm" name="loginForm" method="post" action="login-exec.php">

  <table width="300" border="0" align="center" cellpadding="2" cellspacing="0">

    <tr>

      <td width="112"><b>Login</b></td>

      <td width="188"><input name="login" type="text" class="textfield" id="login" /></td>

    </tr>

    <tr>

      <td><b>Password</b></td>

      <td><input name="password" type="password" class="textfield" id="password" /></td>

    </tr>

    <tr>

      <td> </td>

      <td><input type="submit" name="Submit" value="Login" /></td>

    </tr>

  </table>

</form>

</body>

</html>

 

Login-Exec as the process login checking

 

<?php

//Start session

session_start();

 

//Include database connection details

require_once('config.php');

 

//Array to store validation errors

$errmsg_arr = array();

 

//Validation error flag

$errflag = false;

 

//Connect to mysql server

$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);

if(!$link) {

die('Failed to connect to server: ' . mysql_error());

}

 

//Select database

$db = mysql_select_db(DB_DATABASE);

if(!$db) {

die("Unable to select database");

}

 

//Function to sanitize values received from the form. Prevents SQL injection

function clean($str) {

$str = @trim($str);

if(get_magic_quotes_gpc()) {

$str = stripslashes($str);

}

return mysql_real_escape_string($str);

}

 

//Sanitize the POST values

$login = clean($_POST['login']);

$password = clean($_POST['password']);

 

//Input Validations

if($login == '') {

$errmsg_arr[] = 'Login ID missing';

$errflag = true;

}

if($password == '') {

$errmsg_arr[] = 'Password missing';

$errflag = true;

}

 

//If there are input validations, redirect back to the login form

if($errflag) {

$_SESSION['ERRMSG_ARR'] = $errmsg_arr;

session_write_close();

header("location: login-form.php");

exit();

}

 

//Create query

$qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'";

$result=mysql_query($qry);

 

//Check whether the query was successful or not

if($result) {

if(mysql_num_rows($result) == 1) {

//Login Successful

session_regenerate_id();

$member = mysql_fetch_assoc($result);

$_SESSION['SESS_MEMBER_ID'] = $member['member_id'];

$_SESSION['SESS_FIRST_NAME'] = $member['firstname'];

$_SESSION['SESS_LAST_NAME'] = $member['lastname'];

session_write_close();

header("location: member-index.php");

exit();

}else {

//Login failed

header("location: login-failed.php");

exit();

}

}else {

die("Query failed");

}

?>

 

If users not exist will be redirect here

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<title>Login Failed</title>

<link href="loginmodule.css" rel="stylesheet" type="text/css" />

</head>

<body>

<h1>Login Failed </h1>

<p align="center"> </p>

<h4 align="center" class="err">Login Failed!<br />

  Please check your username and password</h4>

</body>

</html>

 

Config.php

<?php

define('DB_HOST', 'localhost');

    define('DB_USER', 'admin');

    define('DB_PASSWORD', '');

    define('DB_DATABASE', 'l');

?>

 

 

This is for register form

 

<?php

session_start();

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<title>Login Form</title>

<link href="loginmodule.css" rel="stylesheet" type="text/css" />

</head>

<body>

<?php

if( isset($_SESSION['ERRMSG_ARR']) && is_array($_SESSION['ERRMSG_ARR']) && count($_SESSION['ERRMSG_ARR']) >0 ) {

echo '<ul class="err">';

foreach($_SESSION['ERRMSG_ARR'] as $msg) {

echo '<li>',$msg,'</li>';

}

echo '</ul>';

unset($_SESSION['ERRMSG_ARR']);

}

?>

<form id="loginForm" name="loginForm" method="post" action="register-exec.php">

  <table width="300" border="0" align="center" cellpadding="2" cellspacing="0">

    <tr>

      <th>First Name </th>

      <td><input name="fname" type="text" class="textfield" id="fname" /></td>

    </tr>

    <tr>

      <th>Last Name </th>

      <td><input name="lname" type="text" class="textfield" id="lname" /></td>

    </tr>

    <tr>

      <th width="124">Login</th>

      <td width="168"><input name="login" type="text" class="textfield" id="login" /></td>

    </tr>

    <tr>

      <th>Password</th>

      <td><input name="password" type="password" class="textfield" id="password" /></td>

    </tr>

    <tr>

      <th>Confirm Password </th>

      <td><input name="cpassword" type="password" class="textfield" id="cpassword" /></td>

    </tr>

    <tr>

      <td> </td>

      <td><input type="submit" name="Submit" value="Register" /></td>

    </tr>

  </table>

</form>

</body>

</html>

 

and register process

 

<?php

//Start session

session_start();

 

//Include database connection details

require_once('config.php');

 

//Array to store validation errors

$errmsg_arr = array();

 

//Validation error flag

$errflag = false;

 

//Connect to mysql server

$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);

if(!$link) {

die('Failed to connect to server: ' . mysql_error());

}

 

//Select database

$db = mysql_select_db(DB_DATABASE);

if(!$db) {

die("Unable to select database");

}

 

//Function to sanitize values received from the form. Prevents SQL injection

function clean($str) {

$str = @trim($str);

if(get_magic_quotes_gpc()) {

$str = stripslashes($str);

}

return mysql_real_escape_string($str);

}

 

//Sanitize the POST values

$fname = clean($_POST['fname']);

$lname = clean($_POST['lname']);

$login = clean($_POST['login']);

$password = clean($_POST['password']);

$cpassword = clean($_POST['cpassword']);

 

//Input Validations

if($fname == '') {

$errmsg_arr[] = 'First name missing';

$errflag = true;

}

if($lname == '') {

$errmsg_arr[] = 'Last name missing';

$errflag = true;

}

if($login == '') {

$errmsg_arr[] = 'Login ID missing';

$errflag = true;

}

if($password == '') {

$errmsg_arr[] = 'Password missing';

$errflag = true;

}

if($cpassword == '') {

$errmsg_arr[] = 'Confirm password missing';

$errflag = true;

}

if( strcmp($password, $cpassword) != 0 ) {

$errmsg_arr[] = 'Passwords do not match';

$errflag = true;

}

 

//Check for duplicate login ID

if($login != '') {

$qry = "SELECT * FROM members WHERE login='$login'";

$result = mysql_query($qry);

if($result) {

if(mysql_num_rows($result) > 0) {

$errmsg_arr[] = 'Login ID already in use';

$errflag = true;

}

@mysql_free_result($result);

}

else {

die("Query failed");

}

}

 

//If there are input validations, redirect back to the registration form

if($errflag) {

$_SESSION['ERRMSG_ARR'] = $errmsg_arr;

session_write_close();

header("location: register-form.php");

exit();

}

 

//Create INSERT query

$qry = "INSERT INTO members(firstname, lastname, login, passwd) VALUES('$fname','$lname','$login','".md5($_POST['password'])."')";

$result = @mysql_query($qry);

 

//Check whether the query was successful or not

if($result) {

header("location: register-success.php");

exit();

}else {

die("Query failed");

}

?>

 

Now I'm really confused to coding edit password and edit-process.php

because the script use MD5 protection

 

Please help me to build coding content edit password and profile. I will wait for your reply very soon mate

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.