webby121 Posted March 16, 2011 Share Posted March 16, 2011 Hi im trying to create a sign up page for my website that contains different paths dependin on the membership that you select. I am an unexperienced programmer and need help as nothing is working at the moment. I would appreciate if people could reply to this post as soon as possible as I need it sorted today! Below is my code! Can you please send me suggestive improvement? Thanks <?php if (isset ($_POST['firstname'])){ //grab data from the form $username = preg_replace('#[^A-Za-z0-9]#i', '', $_POST['username']); // filter everything but letters and numbers $firstname = preg_replace('#[^A-Za-z]#i', '', $_POST['firstname']); // filter everything but Letters $lastname = preg_replace('#[^A-Za-z]#i', '', $_POST['lastname']); // filter everything but Letters $phone = preg_replace('#[^0-9]#i', '', $_POST['phone']); // filter everything but numbers $address= preg_replace('#[^A-Za-z]#i', '', $_POST['address']); // filter everything but Letters $postcode= preg_replace('#[^A-Za-z]#i', '', $_POST['postcode']); // filter everything but Letters $town= preg_replace('#[^A-Za-z]#i', '', $_POST['town']); // filter everything but Letters $housenumber= preg_replace('#[^0-9]#i', '', $_POST['housenumber']); // filter everything but numbers $b_m = preg_replace('#[^0-9]#i', '', $_POST['birth_month']); // filter everything but numbers $b_d = preg_replace('#[^0-9]#i', '', $_POST['birth_day']); // filter everything but numbers $b_y = preg_replace('#[^0-9]#i', '', $_POST['birth_year']); // filter everything but numbers $email1 = $_POST['email1']; $email2 = $_POST['email2']; $pass1 = $_POST['pass1']; $pass2 = $_POST['pass2']; $email1 = stripslashes($email1); $pass1 = stripslashes($pass1); $email2 = stripslashes($email2); $pass2 = stripslashes($pass2); $email1 = strip_tags($email1); $pass1 = strip_tags($pass1); $email2 = strip_tags($email2); $pass2 = strip_tags($pass2); //connect to db $connection = mysql_connect('linuxproj.ecs.soton.ac.uk', 'db_alw3g08', 'pasta'); $db = mysql_select_db('db_alw3g08', $connection); $emailCHecker = mysql_real_escape_string($email1); $emailCHecker = str_replace("`", "", $emailCHecker); // Database duplicate username check setup for use below in the error handling if else conditionals $sql_uname_check = mysql_query("SELECT username FROM Members WHERE username='$username'"); $uname_check = mysql_num_rows($sql_uname_check); // Database duplicate e-mail check setup for use below in the error handling if else conditionals $sql_email_check = mysql_query("SELECT email FROM Members WHERE email='$emailCHecker'"); $email_check = mysql_num_rows($sql_email_check); // Error handling for missing data if ((!$username) || (!$firstname) || (!$lastname) || (!$address) || (!$postcode) || (!$town) || (!$b_m) || (!$b_d) || (!$b_y) || (!$email1) || (!$email2) || (!$pass1) || (!$pass2)) { $errorMsg = 'ERROR: You did not submit the following required information:<br /><br />'; if(!$username){ $errorMsg .= ' * User Name<br />'; } if(!$firstname){ $errorMsg .= ' * First Name<br />'; } if(!$lastname){ $errorMsg .= ' * Last Name<br />'; } if(!$address){ $errorMsg .= ' * Address<br />'; } if(!$postcode){ $errorMsg .= ' * postcode<br />'; } if(!$town){ $errorMsg .= ' * town<br />'; } if(!$b_m){ $errorMsg .= ' * Birth Month<br />'; } if(!$b_d){ $errorMsg .= ' * Birth Day<br />'; } if(!$b_y){ $errorMsg .= ' * Birth year<br />'; } if(!$email1){ $errorMsg .= ' * Email Address<br />'; } if(!$email2){ $errorMsg .= ' * Confirm Email Address<br />'; } if(!$pass1){ $errorMsg .= ' * Login Password<br />'; } if(!$pass2){ $errorMsg .= ' * Confirm Login Password<br />'; } } else if ($email1 != $email2) { $errorMsg = 'ERROR: Your Email fields below do not match<br />'; } else if ($pass1 != $pass2) { $errorMsg = 'ERROR: Your Password fields below do not match<br />'; } else if (strlen($username) < 6) { $errorMsg = "<u>ERROR:</u><br />Your User Name is too short. 6 - 20 characters please.<br />"; } else if (strlen($username) > 20) { $errorMsg = "<u>ERROR:</u><br />Your User Name is too long. 6 - 20 characters please.<br />"; } else if ($uname_check > 0){ $errorMsg = "<u>ERROR:</u><br />Your User Name is already in use inside of our system. Please try another.<br />"; } else if ($email_check > 0){ $errorMsg = "<u>ERROR:</u><br />Your Email address is already in use inside of our system. Please use another.<br />"; } else { // Error handling is ended, process the data and add member to database $email1 = mysql_real_escape_string($email1); $pass1 = mysql_real_escape_string($pass1); // Add MD5 Hash to the password variable $password = md5($pass1); // Convert Birthday to a DATE field type format(YYYY-MM-DD) out of the month, day, and year supplied $dateofbirth = "$b_y-$b_m-$b_d"; // Add user info into the database table for the main site table $sql = mysql_query("INSERT INTO members (username, firstname, lastname, email, password, dateofbirth, phone, lastlogin) VALUES('$username','$firstname','$lastname','$email1','$password', '$dateofbirth','$phone', now())") or die (mysql_error()); $sql = mysql_query("INSERT INTO address (address, postcode, town, housenumber) VALUES('$adress','$postcode,'$town','$housenumber'") or die (mysql_error()); $id = mysql_insert_id() } else { // if the form is not posted with variables, place default empty variables so no warnings or errors show $errorMsg = ""; $username = ""; $firstname = ""; $lastname = ""; $phone = ""; $address = ""; $postcode = ""; $town = ""; $housenumber = ""; $b_m = ""; $b_d = ""; $b_y = ""; $email1 = ""; $email2 = ""; $pass1 = ""; $pass2 = ""; } Quote Link to comment https://forums.phpfreaks.com/topic/230793-login-page/ Share on other sites More sharing options...
Adam Posted March 16, 2011 Share Posted March 16, 2011 Are you requesting a review of the code here, or have a specific problem with it? Quote Link to comment https://forums.phpfreaks.com/topic/230793-login-page/#findComment-1188122 Share on other sites More sharing options...
webby121 Posted March 16, 2011 Author Share Posted March 16, 2011 Hi Im having an issue with it as it seems none of it works! I havent worked with more then one table before so im not sure how you input data into multiple tables that contain foreign keys. Can you please check by code and re write any issues that you may find! Regards Quote Link to comment https://forums.phpfreaks.com/topic/230793-login-page/#findComment-1188126 Share on other sites More sharing options...
Adam Posted March 16, 2011 Share Posted March 16, 2011 If you can name some specific errors/problems one (or even a couple) at a time, I'm happy to help. I'm not going to debug & fix the whole code for you though. Quote Link to comment https://forums.phpfreaks.com/topic/230793-login-page/#findComment-1188128 Share on other sites More sharing options...
webby121 Posted March 16, 2011 Author Share Posted March 16, 2011 At the moment there is no error message! When I select the sign up page nothing appears apart from a blank page? Regards Alex Quote Link to comment https://forums.phpfreaks.com/topic/230793-login-page/#findComment-1188132 Share on other sites More sharing options...
floridaflatlander Posted March 16, 2011 Share Posted March 16, 2011 Do you have your display errors set to off? Quote Link to comment https://forums.phpfreaks.com/topic/230793-login-page/#findComment-1188160 Share on other sites More sharing options...
webby121 Posted March 16, 2011 Author Share Posted March 16, 2011 sorry im not to sure what you mean? how do you change it to on? Thanks for the reply Quote Link to comment https://forums.phpfreaks.com/topic/230793-login-page/#findComment-1188161 Share on other sites More sharing options...
floridaflatlander Posted March 16, 2011 Share Posted March 16, 2011 If you are on a your own computer search your php.ini file and find and set the value to on, like display_errors = on If you are on a public host go to your control panel and set it to on but be aware that anyone that goes to your site can see your errors and info while it is on. Also where is your database connection? if they are signing up for the first time what are they inserting into? I see several semicolons missing. Turning your diplay errors on will be a God send. Quote Link to comment https://forums.phpfreaks.com/topic/230793-login-page/#findComment-1188164 Share on other sites More sharing options...
webby121 Posted March 16, 2011 Author Share Posted March 16, 2011 The database connection is provided but im not sure if it is the right area? The user signs up there information on a form! Can you please re write my script? Quote Link to comment https://forums.phpfreaks.com/topic/230793-login-page/#findComment-1188165 Share on other sites More sharing options...
floridaflatlander Posted March 16, 2011 Share Posted March 16, 2011 Not me, maybe you can go to the phpfreaks php freelancing board and get help. Quote Link to comment https://forums.phpfreaks.com/topic/230793-login-page/#findComment-1188170 Share on other sites More sharing options...
floridaflatlander Posted March 16, 2011 Share Posted March 16, 2011 PS I hope that info in your connection isn't your real pw and db. If it is you need to change it ASAP or yesterday as one of my old bosses used to say. Anyway go to the free lancing board if your in a hurry or take your time and play with it. Quote Link to comment https://forums.phpfreaks.com/topic/230793-login-page/#findComment-1188174 Share on other sites More sharing options...
webby121 Posted March 16, 2011 Author Share Posted March 16, 2011 how do u delete posts Quote Link to comment https://forums.phpfreaks.com/topic/230793-login-page/#findComment-1188176 Share on other sites More sharing options...
jamesjmann Posted March 16, 2011 Share Posted March 16, 2011 You definitely need help... For one, you're going to want to change the if ($_POST["firstname"]) to if ($_POST["submit"]), where $_POST["submit"] is the submit button. So, <?php $submit = $_POST["submit"]; //If the submit button has been pressed if ($submit) { //process information //handle errors //if none, login/register user //If the submit button has not yet been pressed } else { ?> display form html <?php } ?> Also, I find that error trapping works best when done like this: <?php display_form() { $signup_form = "html form"; return $signup_form; //NOTE: In the html of the form, you could write if statements underneath each field checking to see which errors were found, and then displaying the messages for those errors. For example: echo "<input type="text" name="name" id="name"><br>"; if ($name_format) { echo "The format for your name is wrong!"; } } //Errors_found is initially false $errors_found = false; if ($email == 0 || $email == false || !isset($email)) { $errors_found = true; } //The above if statement would be used to check all fields to make sure they are not empty. //Then, you could use regular expressions to check the format of the email, username, password, or any other field if (!ereg("^[[:alpha:]](\_)*(\-)*([a-z0-9-A-Z])*", $username)) { $errors_found = true; //Create new variable that displays error message in form if true $username_format = true; } //After you are done using if statements to check all of the fields, you would then start your "action" code like this: //If any errors were found if ($errors_found) { display_form(); } else { //Registers user mysql_query(INSERT INTO members VALUES values); //Puts member in table of offline members, til he/she logs in mysql_query(INSERT INTO members_offline (username) VALUES ($username)); mysql_close(); } ?> Also, you may have to declare some variables global in order to pass them from the function to the main script and vice versa. Hope this helps! Quote Link to comment https://forums.phpfreaks.com/topic/230793-login-page/#findComment-1188187 Share on other sites More sharing options...
webby121 Posted March 16, 2011 Author Share Posted March 16, 2011 Your right there im only a basic programmer! Can you go through my code if you dont mind and show me all the errors you can find? Regards Alex Quote Link to comment https://forums.phpfreaks.com/topic/230793-login-page/#findComment-1188191 Share on other sites More sharing options...
jamesjmann Posted March 16, 2011 Share Posted March 16, 2011 Your right there im only a basic programmer! Can you go through my code if you dont mind and show me all the errors you can find? Regards Alex If you want you can just use my script. It works really nice and has a lot of great features. You may have to create a separate file called connect.php and select.php for connecting to and selecting your database, respectively. Also, just replace my form variables with your own. Register.php <?php //**************************************** //***************Includes*************** //**************************************** require_once "arrays.php"; require_once "connect.php"; require_once "select.php"; //**************************************** //****************Action****************** //**************************************** switch ($_GET["action"] { default: case "index": //If the user is not a member already if (!$_SESSION["member"]) { display_form(); } else { //Tell them that they are already a member echo "You are already a member."; } break; case "process": //If the user is not logged in (not a member) if (!$_SESSION["member"]) { //And if the submit button has been clicked... if (isset($nm_submit)) { //Process the registration form process_form(); } else { //If the user did not click the submit button echo "Either you have not filled out all of the information or you ended up her by mistake! Please hit the back button to start over."; } } else { //If the user is logged in, tell them they are already a member echo "You are already a member."; } break; } //**************************************** //***************Functions**************** //**************************************** //........................................ //........Function 1: display_form()...... //........................................ function display_form() { global $mysql_connect; echo "<form name='registration_form' action='?action=process' method='post'> <label for='name'>*Name: </label> <input type='text' name='name' id='name' value='$nm_name'> <label>*Birthdate: </label>"; $dates_months_select = "<select name='bd_month' id='bd_month'>"; foreach ($dates_months as $value => $label) { $dates_months_select .= "<option value='$value'"; if ($nm_bd_month == $value) { $dates_months_select .= " SELECTED"; } $dates_months_select .= ">$label</option>"; } $dates_months_select .= "</select>"; echo $dates_months_select; $dates_days_select = "<select name='bd_day' id='bd_day'>"; foreach ($dates_days as $value => $label) { $dates_days_select .= "<option value='$value'"; if ($nm_bd_day == $value) { $dates_months_select .= " SELECTED"; } $dates_days_select .= ">$label</option>"; } $dates_days_select .= "</select>"; echo $dates_days_select; $dates_years_select = "<select name='bd_year' id='bd_year'>"; foreach ($dates_years as $value => $label) { $dates_years_select .= "<option value='$value'"; if ($nm_bd_year == $value) { $dates_years_select .= " SELECTED"; } $dates_years_select .= ">$label</option>"; } $dates_years_select .= "</select>"; echo $dates_years_select; echo "<label for='country'>*Country: </label>"; $regions_countries_select = "<select name='country' id='country'>"; foreach ($regions_countries as $value => $label) { $regions_countries_select .= "<option value='$value'"; if ($nm_country == $value) { $regions_countries_select .= " SELECTED"; } $regions_countries_select .= ">$label</option>"; } $regions_countries_select .= "</select>"; echo $regions_countries_select; echo "<label for='region'>*State/Region: </label> <input type='text' name='region' id='region' value='$nm_region'> <label for='gender'>*Gender: </label> <label>Male</label> <input type='radio' name='gender' id='gender_male' "; if ($nm_gender == "Male") { echo "SELECTED >"; } echo "<label>Female</label> <input type='radio' name='gender' id='gender_female' "; if ($nm_gender == "Female") { echo "SELECTED >"; } echo "<label for='website'>Website: </label> <input type='text' name='website' id='website' value='$nm_website'> <label for='email'>Email: </label> <input type='text' name='email' id='email' value='$nm_email'>"; if ($nm_field_fm_em) { echo $nm_field_fm_em_msg; } if ($nm_field_ex_em) { echo $nm_field_ex_em_msg; } echo "<label for='username'>Username: </label> <input type='text' name='username' id='username' value='$nm_username'>"; if ($nm_field_fm_un) { echo $nm_field_fm_un_msg; } if ($nm_field_ex_un) { echo $nm_field_ex_un_msg; } echo "<label for='password'>Password: </label> <input type='password' name='password' id='password'>"; if ($nm_field_mt_pw) { echo $nm_field_mt_pw_msg; } echo "<label for='password_confirm'>Confirm Password: </label> <input type='password' name='password_confirm' id='password_confirm'>"; if ($nm_field_mt_pw) { echo $nm_field_mt_pw_msg; } echo "<input type='check' name='newsletter' id='newsletter' CHECKED> <label for='newsletter'>Sign me up for the newsletter!</label> <input type='check' name='tos' id='tos'> <label for='tos'>I agree to the terms of service.</label> <input type='hidden' name='date' id='date' value='"; echo date('F d, Y') . "'>"; echo "<input type='hidden' name='time' id='time' value='"; echo date('g:I:sa') . "'>"; echo "<input type='submit' name='submit' id='submit'> <input type='reset' name='reset' id='reset'> </form>"; } //........................................ //........Function 2: process_form()...... //........................................ function process_form() { global $mysql_connect; //**************************************** //**************Variables*************** //**************************************** //-------------------------------------------------- //---------------Error Trapping--------------- //-------------------------------------------------- $nm_field_fm_un_msg = "*Username must start with a letter and can only contain numbers, underscores, and hyphens."; $nm_field_fm_em_msg = "*You have not entered a correct email format."; $nm_field_ex_un_msg = "*This username already exists!"; $nm_field_ex_em_msg = "*This email address is already in use!"; $nm_field_mt_pw_msg = "*The passwords you entered do not match!"; //-------------------------------------------------- //----------------Invalid Fields---------------- //-------------------------------------------------- $_SESSION["nm_field_fm_un"] = false; $_SESSION["nm_field_fm_em"] = false; $_SESSION["nm_field_ex_un"] = false; $_SESSION["nm_field_ex_em"] = false; $_SESSION["nm_field_mt_pw"] = false; //-------------------------------------------------- //--------------Form Elements-------------- //-------------------------------------------------- //"Strips" any slashes from values and converts html tags into ascii characters; also prevents mysql injection attacks $nm_name = htmlentities (stripslashes (mysql_real_escape_string ($_POST["name"]))); $nm_region = htmlentities (stripslashes (mysql_real_escape_string ($_POST["region"]))); $nm_website = htmlentities (stripslashes (mysql_real_escape_string ($_POST["website"]))); $nm_email = htmlentites (stripslashes (mysql_real_escape_string ($_POST["email"]))); $nm_username = htmlentities (stripslashes (mysql_real_escape_string ($_POST["username"]))); $nm_password = htmlentities (stripslashes (mysql_real_escape_string ($_POST["password"]))); //Drop-downs, radio groups, check boxes, and submit buttons $nm_passwordconfirm = $_POST["password_confirm"]; $nm_date = $_POST["date"]; $nm_time = $_POST["time"]; $nm_country = $_POST["country"]; $nm_gender = $_POST["gender"]; $nm_submit = $_POST["submit"]; $nm_birthdate = $nm_bd_month . " " . $nm_bd_day . ", " . $nm_bd_year; $nm_bd_month = $_POST["bd_month"]; $nm_bd_day = $_POST["bd_day"]; $nm_bd_year = $_POST["bd_year"]; $nm_age = $current_year - $nm_bd_year; $nm_subscribe = $_POST["newsletter"]; $nm_tos = $_POST["tos"]; //-------------------------------------------------- //--------------Miscellaneous--------------- //-------------------------------------------------- //Get current year $current_year = echo date('Y'); //**************************************** //*********Initial If Statements********* //**************************************** //Check Email Format if(!ereg("^[^@]+@([a-z0-9\-]+\.)+[a-z]{2,4}$", $nm_email)) { $nm_errors_found = true; $_SESSION["nm_field_fm_em"] = true; } //Check Username Format if(!ereg("^[[:alpha:]](\_)*(\-)*([a-z0-9-A-Z])*", $nm_username)) { $nm_errors_found = true; $_SESSION["nm_field_fm_un"] = true; } //Check To See If Email Already Exists $email_check = mysql_query("SELECT email FROM fans WHERE email = '$nm_email'"); $do_email_check = mysql_num_rows($email_check); if ($do_email_check > 0) { $nm_errors_found = true; $_SESSION["nm_field_ex_em"] = true; } //Check To See If Username Already Exists $username_check = mysql_query("SELECT username FROM fans WHERE username = '$nm_username'"); $do_username_check = mysql_num_rows($username_check); if ($do_username_check > 0) { $nm_errors_found = true; $_SESSION["nm_field_ex_un"] = true; } //Check To See If Both Passwords Match if ($nm_password != $nm_passwordconfirm) { $nm_errors_found = true; $_SESSION["nm_field_mt_pw"] = true; } //If errors were found, refresh page to show login form if ($nm_errors_found) { display_form(); //If no errors were found... } else { //Register member mysql_query(INSERT INTO fans (id, name, birthdate, country, region, gender, website, email, username, password, date_registered, time_registered, age) VALUES ("", $nm_name, $nm_birthdate, $nm_country, $nm_region, $nm_gender, $nm_website, $nm_email, $nm_username, $nm_password, $nm_date, $nm_time, $nm_age)); //If member clicked the "subscribe to newsletter" box, add member to table "subscribers" if (isset($nm_subscribe)) { mysql_query(INSERT INTO fans_subscribers (username, email) VALUES ($nm_username, $nm_email)); } //Insert member into "offline" table; member remains in this table until he/she logs in for the first time mysql_query(INSERT INTO fans_offline (username) VALUES ($nm_username)); //Close connection mysql_close; //Display "welcome" message echo "Welcome, $nm_username! You may now proceed <A HREF=\"../login.php\">here</A> to login."; //Empty error values from session array unset ($_SESSION["nm_field_fm_un"]); unset ($_SESSION["nm_field_fm_em"]); unset ($_SESSION["nm_field_ex_un"]); unset ($_SESSION["nm_field_ex_em"]); unset ($_SESSION["nm_field_mt_pw"]); } } ?> Login.php <?php //**************************************** //***************Includes***************** //**************************************** require_once "connect.php"; require_once "select.php"; //**************************************** //****************Action****************** //**************************************** switch ($_GET["action"]) { default: case "index": if (!$_SESSION["member"]) { if (!$timeout) { display_form(); } else { echo $timeout_error; } } else { echo "You are already logged in."; } break; case "process": if (!$_SESSION["member"]) { if (!$timeout) { process_form(); } else { echo $timeout_error; } } else { echo "You are already logged in."; } break; } //**************************************** //***************Functions**************** //**************************************** //........................................ //........Function 1: display_form()...... //........................................ function display_form() { global $mysql_connect; echo " <form name=\"login_form\" action=\"?action=process\" method=\"post\">"; if ($rm_field_un || $rm_field_pw) { echo $rm_errors_msg; } echo "<label for="username">Username: </label> <input type=\"text\" name=\"username\" id=\"username\" value=\"$rm_username\"> <label for=\"password\">Password: </label> <input type=\"password\" name=\"password\" id=\"password\"> <a href=\"../fans/forgot_password.php\">Forgot Password?</a> <input type=\"check\" name=\"rememberme_check\" id=\"rememberme_check\" CHECKED> <label for=\"rememberme_check\">Remember me for: </label> <input type=\"text\" name=\"rememberme_days\" id=\"rememberme_days\" value=\"$rememberme_days\"> days <input type=\"hidden\" name=\"ip\" id=\"ip\" value=\""; echo $_SERVER["REMOTE_ADDR"]; echo "\">"; <input type=\"hidden\" name=\"date\" id=\"date\" value=\""; echo date('F d, Y'); echo "\">; <input type=\"hidden\" name=\"time\" id=\"time\" value=\""; echo date('g:I:sa'); echo "\">"; echo "<input type=\"submit\" name=\"submit\" id=\"submit\"> <input type=\"reset\" name=\"reset\" id=\"reset\"> "; } //........................................ //........Function 2: process_form()...... //........................................ function process_form() { global $mysql_connect; //,,,,,,,,,,,,,,,,,,,,,,,,,,,,, //,,,,,,,,,Validation,,,,,,,,,, //,,,,,,,,,,,,,,,,,,,,,,,,,,,,, //When user has failed to login 5 times, a cookie will be created that won't allow them to login until the cookie has expired //In this case, it's 24 hours if ($_SESSION["max_tries"] == 5) { setcookie ("timeout", "timeout", time() + 86400, ".djsmiley.net"); } //While the cookie exists, their timeout exists while ($_COOKIE["timeout"]) { timeout = true; } //Check database to see if both username and password are correct $rm_cl_sql = "SELECT * FROM fans WHERE username = '$rm_username' and password = '$rm_password'"; $rm_cl_result = mysql_query($rm_cl_sql); $rm_cl_count = mysql_num_rows($rm_cl_result); //If username and password do not match... if (!$rm_cl_count) { $rm_errors_found = true; $rm_field_un = true; $rm_field_pw = true; } else { $rm_errors_none = true; $rm_field_un = false; $rm_field_pw = false; } //,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, //,,,,,,,,,,,,,,Variables,,,,,,,,,,,,,,,,, //,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, //----------------------------------------- //--------------Form Elements-------------- //----------------------------------------- //Username and password sent from form $rm_username = mysql_real_escape_string ($_POST["username"]); $rm_password = mysql_real_escape_string ($_POST["password"]); //IP address (records IP the member used last) $rm_ip = $_POST["ip"]; //Submit Button $rm_submit = $_POST["submit"]; //Time Stamp $rm_time = $_POST["time"]; $rm_date = $_POST["date"]; //-------------------------------------------- //---------------Error Trapping--------------- //-------------------------------------------- $rm_errors_found = false; $rm_errors_none = false; $rm_errors_msg = "The username or password you entered is invalid. You have <strong>$tries_left</strong> tries left." //---------------------------------------------- //----------------Invalid Fields---------------- //---------------------------------------------- //Username $rm_field_un = false; //Password $rm_field_pw = false; //---------------------------------------------- //----------------Miscellaneous----------------- //---------------------------------------------- //Timeout $_SESSION["max_tries"] = 0; $tries_left = 5 - $_SESSION["max_tries"]; $timeout_error = "You have reached the maximum number of login tries. Please wait 24 hours before trying again."; //Remember Me $rememberme_check = $_POST["rememberme_check"]; $rememberme_days = $_POST["rememberme_days"]; //Days To Seconds $rememberme_seconds = (($rememberme_days * 24) * 60) * 60); //,,,,,,,,,,,,,,,,,,,,,,,,,,,,, //,,,,,,,,,,,Action,,,,,,,,,,,, //,,,,,,,,,,,,,,,,,,,,,,,,,,,,, //If one or more errors have been found if ($rm_errors_found) { //Add 1 to max_tries $_SESSION["max_tries"] += 1; //Check to see if timeout is true/will only be true if this is the user's 5th try. if ($timeout) { echo $timeout_error; //If timeout is false, it'll check which fields contain invalid information, and decide which errors //exist. It'll then display the login form with error messages displayed } else { display_form(); } //If all of the information the user entered is correct... } else { //Display "Welcome" message echo "Welcome, $rm_username. You are now logged in."; //Insert timestamp into database mysql_query(UPDATE fans SET last_visited_time = $rm_time WHERE username = $rm_username); mysql_query(UPDATE fans SET last_visited_date = $rm_date WHERE username = $rm_username); //Update member's ip address $mysql_query(UPDATE fans SET last_ip = $rm_ip WHERE username = $rm_username); //Insert user into "online" table mysql_query(INSERT INTO fans_online (username) VALUES ('$rm_username'); //Delete user out of "offline" table mysql_query(DELETE FROM fans_offline WHERE username = $rm_username); //Delete user from guest table (assuming their ip address hasn't changed) mysql_query(DELETE FROM fans_guests WHERE ip = $_SESSION["guest"]); //As we are done with all mysql queries, close the connection mysql_close(); //Assign $_POST value of the username they typed into a new $_SESSION variable $_SESSION["member"] = $rm_username; //If they want to be remembered, create cookies that store their information for the number of days they specified. if (isset($rememberme_check)) { setcookie ("username", "$rm_username", $rememberme_seconds, ".djsmiley.net"); setcookie ("password", "$rm_password", $rememberme_seconds, ".djsmiley.net"); } } } ?> Logout.php <?php //**************************************** //***************Sessions***************** //**************************************** session_start(); //**************************************** //***************Includes***************** //**************************************** require_once "connect.php"; require_once "select.php"; //**************************************** //****************Action****************** //**************************************** //Deletes user out of "online" table mysql_query(DELETE FROM fans_online WHERE username = '$_SESSION["member"]'); //Inserts user into "offline" table mysql_query(INSERT INTO fans_offline (username) VALUES ($_SESSION["member"])); //Close mysql connection mysql_close(); //Logs user out unset ($_SESSION["member"]); //Deletes cookies, if they exist if ($_COOKIE["username"] && $_COOKIE["password"]) { setcookie ("username", "", time() - 3600); setcookie ("password", "", time() - 3600); } //Direct user to home page header ("Location: http://www.djsmiley.net/index.php"); ?> Arrays.php (Contains a list of arrays for common form menu items) <?php //*********************************************************************************************************************** //*********************************************************************************************************************** //********************************************************Dates******************************************************** //*********************************************************************************************************************** //*********************************************************************************************************************** //*************************** //*************************** //*********months********* //*************************** //*************************** $dates_months = array ("January" => "January", "February" => "February", "March" => "March", "April" => "April", "May" => "May", "June" => "June", "July" => "July", "August" => "August", "September" => "September", "October" => "October", "November" => "November", "December" => "December"); //*************************** //*************************** //**********days*********** //*************************** //*************************** $dates_days = array (1 => 1, 2 => 2, 3 => 3, 4 => 4, 5 => 5, 6 => 6, 7 => 7, 8 => 8, 9 => 9, 10 => 10, 11 => 11, 12 => 12, 13 => 13, 14 => 14, 15 => 15, 16 => 16, 17 => 17, 18 => 18, 19 => 19, 20 => 20, 21 => 21, 22 => 22, 23 => 23, 24 => 24, 25 => 25, 26 => 26, 27 => 27, 28 => 28, 29 => 29, 30 => 30, 31 => 31); //*************************** //*************************** //**********years********** //*************************** //*************************** $dates_years = array (2011 => 2011, 2010 => 2010, 2009 => 2009, 2008 => 2008, 2007 => 2007, 2006 => 2006, 2005 => 2005, 2004 => 2004, 2003 => 2003, 2002 => 2002, 2001 => 2001, 2000 => 2000, 1999 => 1999, 1998 => 1998, 1997 => 1997, 1996 => 1996, 1995 => 1995, 1994 => 1994, 1993 => 1993, 1992 => 1992, 1991 => 1991, 1990 => 1990, 1989 => 1989, 1988 => 1988, 1987 => 1987, 1986 => 1986, 1985 => 1985, 1984 => 1984, 1983 => 1983, 1982 => 1982, 1981 => 1981, 1980 => 1980, 1979 => 1979, 1978 => 1978, 1977 => 1977, 1976 => 1976, 1975 => 1975, 1974 => 1974, 1973 => 1973, 1972 => 1972, 1971 => 1971, 1970 => 1970, 1969 => 1969, 1968 => 1968, 1967 => 1967, 1966 => 1966, 1965 => 1965, 1964 => 1964, 1963 => 1963, 1962 => 1962, 1961 => 1961, 1960 => 1960, 1959 => 1959, 1958 => 1958, 1957 => 1957, 1956 => 1956, 1955 => 1955, 1954 => 1954, 1953 => 1953, 1952 => 1952, 1951 => 1951, 1950 => 1950, 1949 => 1949, 1948 => 1948, 1947 => 1947, 1946 => 1946, 1945 => 1945, 1944 => 1944, 1943 => 1943, 1942 => 1942, 1941 => 1941, 1940 => 1940, 1939 => 1939, 1938 => 1938, 1937 => 1937, 1936 => 1936, 1935 => 1935, 1934 => 1934, 1933 => 1933, 1932 => 1932, 1931 => 1931, 1930 => 1930, 1929 => 1929, 1928 => 1928, 1927 => 1927, 1926 => 1926, 1925 => 1925, 1924 => 1924, 1923 => 1923, 1922 => 1922, 1921 => 1921, 1920 => 1920, 1919 => 1919, 1918 => 1918, 1917 => 1917, 1916 => 1916, 1915 => 1915, 1914 => 1914, 1913 => 1913, 1912 => 1912, 1911 => 1911); //*********************************************************************************************************************** //*********************************************************************************************************************** //*******************************************************Regions******************************************************* //*********************************************************************************************************************** //*********************************************************************************************************************** //*************************** //*************************** //********countries******** //*************************** //*************************** $regions_countries = array ("United States" => "United States", "Afghanistan" => "Afghanistan", "Albania" => "Albania", "Algeria" => "Algeria", "Andorra" => "Andorra", "Angola" => "Angola", "Antigua and Barbuda" => "Antigua and Barbuda", "Antilles" => "Antilles", "Argentina" => "Argentina", "Armenia" => "Armenia", "Australia" => "Australia", "Austria" => "Austria", "Azerbaijan" => "Azerbaijan", "Bahamas" => "Bahamas", "Bahrain" => "Bahrain", "Bangladesh" => "Bangladesh", "Barbados" => "Barbados", "Belarus" => "Belarus", "Belgium" => "Belgium", "Benin" => "Benin", "Bhutan" => "Bhutan", "Bolivia" => "Bolivia", "Bosnia" => "Bosnia", "Botswana" => "Botswana", "Brazil" => "Brazil", "Brunei" => "Brunei", "Bulgaria" => "Bulgaria", "Burkina Faso" => "Burkina Faso", "Burundi" => "Burundi", "Cambia" => "Cambia", "Cambodia" => "Cambodia", "Cameroon" => "Cameroon", "Canada" => "Canada", "Cape Verde" => "Cape Verde", "Central African Republic" => "Central African Republic", "Chad" => "Chad", "Chile" => "Chile", "China" => "China", "Columbia" => "Columbia", "Comoros" => "Comoros", "Congo" => "Congo", "Costa Rica" => "Costa Rica", "Cote D’ivoire" => "Cote D’ivoire", "Croatia" => "Croatia", "Cuba" => "Cuba", "Cyprus" => "Cyprus", "Czech Rep." => "Czech Rep.", "Dem. Rep. of Congo" => "Dem. Rep. of Congo", "Denmark" => "Denmark", "Djibouti" => "Djibouti", "Dominica" => "Dominica", "Dominican Republic" => "Dominican Republic", "Ecuador" => "Ecuador", "Egypt" => "Egypt", "El Salvador" => "El Salvador", "Equatorial" => "Equatorial", "Eritrea" => "Eritrea", "Estonia" => "Estonia", "Ethiopia" => "Ethiopia", "Federated States of Micronesia" => "Federated States of Micronesia", "Fiji Islands" => "Fiji Islands", "Finland" => "Finland", "France" => "France", "French Guiana" => "French Guiana", "Gabon" => "Gabon", "Georgia" => "Georgia", "Germany" => "Germany", "Ghana" => "Ghana", "Greece" => "Greece", "Greenland" => "Greenland", "Grenada" => "Grenada", "Guatemala" => "Guatemala", "Guina Bissau" => "Guina Bissau", "Guinea" => "Guinea", "Guinea" => "Guinea", "Guyana" => "Guyana", "Haiti" => "Haiti", "Honduras" => "Honduras", "Hungary" => "Hungary", "Iceland" => "Iceland", "India" => "India", "Indonesia" => "Indonesia", "Iran" => "Iran", "Iraq" => "Iraq", "Ireland" => "Ireland", "Israel" => "Israel", "Italy" => "Italy", "Jamaica" => "Jamaica", "Japan" => "Japan", "Jordan" => "Jordan", "Kazakhstan" => "Kazakhstan", "Kenya" => "Kenya", "Kiribati" => "Kiribati", "Kosovo" => "Kosovo", "Kuwait" => "Kuwait", "Kyrgyzstan" => "Kyrgyzstan", "Laos" => "Laos", "Latvia" => "Latvia", "Lebanon" => "Lebanon", "Lesotho" => "Lesotho", "Liberia" => "Liberia", "Libya" => "Libya", "Liech" => "Liech", "Lithuania" => "Lithuania", "Lux" => "Lux", "Macedonia" => "Macedonia", "Madagascar" => "Madagascar", "Malawi" => "Malawi", "Malaysia" => "Malaysia", "Maldives" => "Maldives", "Mali" => "Mali", "Marshall Islands" => "Marshall Islands", "Mauritius" => "Mauritius", "Mexico" => "Mexico", "Moldova" => "Moldova", "Monaco" => "Monaco", "Mongolia" => "Mongolia", "Montenegro" => "Montenegro", "Morocco" => "Morocco", "Mozambique" => "Mozambique", "Myanmar" => "Myanmar", "Namibia" => "Namibia", "Nauru" => "Nauru", "Nepal" => "Nepal", "Netherlands" => "Netherlands", "New Zealand" => "New Zealand", "Nicaragua" => "Nicaragua", "Niger" => "Niger", "Nigeria" => "Nigeria", "North Korea" => "North Korea", "Norway" => "Norway", "Oman" => "Oman", "Pakistan" => "Pakistan", "Palau" => "Palau", "Panama" => "Panama", "Papua New Guinea" => "Papua New Guinea", "Paraguay" => "Paraguay", "Peru" => "Peru", "Philippines" => "Philippines", "Poland" => "Poland", "Portugal" => "Portugal", "Puerto Rico" => "Puerto Rico", "Qatar" => "Qatar", "Romania" => "Romania", "Russia" => "Russia", "Rwanda" => "Rwanda", "Samoa" => "Samoa", "San Marino" => "San Marino", "Sao Tome and Principe" => "Sao Tome and Principe", "Saudi Arabia" => "Saudi Arabia", "Senegal" => "Senegal", "Serbia" => "Serbia", "Seychelles" => "Seychelles", "Sierra Leone" => "Sierra Leone", "Singapore" => "Singapore", "Slovakia" => "Slovakia", "Slovenia" => "Slovenia", "Solomon Islands" => "Solomon Islands", "Somalia" => "Somalia", "South Africa" => "South Africa", "South Korea" => "South Korea", "Spain" => "Spain", "Sri Lanka" => "Sri Lanka", "St. Kitt’s and Nevis" => "St. Kitt’s and Nevis", "St. Lucia" => "St. Lucia", "St. Vincent and the Grenadines" => "St. Vincent and the Grenadines", "Suriname" => "Suriname", "Swaziland" => "Swaziland", "Sweden" => "Sweden", "Switzerland" => "Switzerland", "Syria" => "Syria", "Taiwan" => "Taiwan", "Tajikistan" => "Tajikistan", "Tanzania" => "Tanzania", "Thailand" => "Thailand", "Timorese" => "Timorese", "Togo" => "Togo", "Tonga" => "Tonga", "Trinidad & Tobago" => "Trinidad & Tobago", "Tunisia" => "Tunisia", "Turkey" => "Turkey", "Turkmenistan" => "Turkmenistan", "Tuvalu" => "Tuvalu", "Uganda" => "Uganda", "Ukraine" => "Ukraine", "United Arab Emirates" => "United Arab Emirates", "United Kingdom" => "United Kingdom", "Uruguay" => "Uruguay", "Uzbekistan" => "Uzbekistan", "Vanuatu" => "Vanuatu", "Venezuela" => "Venezuela", "Vietnam" => "Vietnam", "Yemen" => "Yemen", "Zambia" => "Zambia", "Zimbabwe" => "Zimbabwe"); //*************************** //*************************** //**********states********** //*************************** //*************************** regions_states = array ("Alabama" => "Alabama", "Arizona" => "Arizona", "Arkansas" => "Arkansas", "California" => "California", "Colorado" => "Colorado", "Connecticut" => "Connecticut", "Delaware" => "Delaware", "Florida" => "Florida", "Georgia" => "Georgia", "Hawaii" => "Hawaii", "Idaho" => "Idaho", "Illinois" => "Illinois", "Indiana" => "Indiana", "Iowa" => "Iowa", "Kansas" => "Kansas", "Kentucky" => "Kentucky", "Louisiana" => "Louisiana", "Maine" => "Maine", "Maryland" => "Maryland", "Massachusetts" => "Massachusetts", "Michigan" => "Michigan", "Minnesota" => "Minnesota", "Mississippi" => "Mississippi", "Missouri" => "Missouri", "Montana" => "Montana", "Nebraska" => "Nebraska", "Nevada" => "Nevada", "New Hampshire" => "New Hampshire", "New Jersey" => "New Jersey", "New Mexico" => "New Mexico", "New York" => "New York", "North Carolina" => "North Carolina", "North Dakota" => "North Dakota", "Ohio" => "Ohio", "Oklahoma" => "Oklahoma", "Oregon" => "Oregon", "Pennsylvania" => "Pennsylvania", "Rhode Island" => "Rhode Island", "South Carolina" => "South Carolina", "South Dakota" => "South Dakota", "Tennessee" => "Tennessee", "Texas" => "Texas", "Utah" => "Utah", "Vermont" => "Vermont", "Virginia" => "Virginia", "Washington" => "Washington", "West Virginia" => "West Virginia", "Wisconsin" => "Wisconsin", "Wyoming" => "Wyoming"); ?> The above four scripts are all you need for a member system. If you want (in the future), I can give you a profile management script for your users. It's really simple and flows in well with the scripts above. Hope this ALL helps! Quote Link to comment https://forums.phpfreaks.com/topic/230793-login-page/#findComment-1188200 Share on other sites More sharing options...
webby121 Posted March 16, 2011 Author Share Posted March 16, 2011 Hi James is there a way of contacting you directly? Quote Link to comment https://forums.phpfreaks.com/topic/230793-login-page/#findComment-1188224 Share on other sites More sharing options...
jamesjmann Posted March 16, 2011 Share Posted March 16, 2011 Hi James is there a way of contacting you directly? Facebook? lol http://www.facebook.com/Kill4Silence Phone? Message me on facebook for that =) Quote Link to comment https://forums.phpfreaks.com/topic/230793-login-page/#findComment-1188227 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.