PHP Login Script integrated with website

[SunDeath]

I wasn't sure where to post this but seeing how it's PHP I decided to go for the PHP Coding Help.

After trying several other boards and spending 37 hours of Googling I still don't have it working how I want it..

 

In basics it would be this:

 

Index.php contains a Login field, after inserting a username and password it will connect to a MySQL Database to see if they are a matching set.

If the username and password are a set it will let you login, it should then refresh the index.php but instead of the login form it should show certain things of the logged in account.

 

All these things will be read from MySQL tables (yes, tableS, multiple.)

Even after endless days of tiral and error I've only had errors.

 

So I decided to make a simple search form using one of the Tables I use (the one for the login, actually) and it showed the results.

(searched for a username and it showed the username and a username that looks like it (ex. search user1, shows user1, user2 etc))

So I know it is able to connect with the database...

 

Anyway, enough about that, here's the script(s) I use.

 

Index.php

<? include_once("connect.php"); ?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!--SITE TITLE-->

<title>AnimeNationRO - Where anime comes to life</title>

<!--END SITE TITLE-->
<link href="style.css" type="text/css" rel="stylesheet" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta name="generator" content="hack3rhat3r" />
<script src="Script/jquery-1.4.4.min.js" type="text/javascript"></script>
<script src="Script/jquery.password-strength(new).min.js" type="text/javascript"></script>
</head>
<body onLoad="show_clock()">
<table class= "bdtb" align= "center" cellspacing= "0" cellpadding= "0">
<tr><td><img src= "./images/banner_01.jpg" height= "14" alt= "" /></td></tr>
<tr><td><img src= "./images/banner_02.jpg" height= "18" alt= "" /></td></tr>
<tr><td><img src= "./images/banner_03.jpg" height= "17" alt= "" /></td></tr>
<tr><td><img src= "./images/banner_04.jpg" height= "14" alt= "" /></td></tr>
<tr><td><img src= "./images/banner_05.jpg" height= "20" alt= "" /></td></tr>
<tr><td><object type="application/x-shockwave-flash" data="banner.swf" width="800" height="107">
<param name="movie" value="banner.swf" />
</object>
</td></tr>
<tr><td><img src= "./images/banner_07.jpg" height= "10" alt= "" /></td></tr>

<tr><td class= "contentd">
<table><tr><td valign= "top">
<div class= "left">

<!--BEGIN CONTENT-->

<h1>-Date of going online-</h1>
<p><img src= "./images/avi.gif" align= "left" alt= "" /> Welcome to the AnimeNationRO Website.<br />
All information of this website will be regarding to the server.<br />
Event information can be found on the forums, as well as detailed information about NPCs, Items and Monsters.<br />
You can also find in-depth details on our wiki, the wiki can be found via a redirect on the forums or using the Wiki button above.</p>
<p>A control panel will be up as soon as possible, once the CP is online we will also change all Vote links (found at the sidebar) into Vote4Points links.<br />
Small Events may be posted here on the frontpage of the website.<br />
Make sure to check the Website, Forum and Wiki frequently for new contests/Events.</p>
<p>NOTE: Small events will not have any information posted anywhere.<br />
The only events with information are:<br />
·All time in-game event NPCs<br />
·Seasonal in-game event NPCs<br />
·Big Forum, Site and/or Wiki events.</p>
<h2>Posted by <a href= "http://adf.ly/1bYNi" target='_blank' title="SunDeath">SunDeath</a></h2>


<h1>May 16th 2011</h1>
<p>After the deletion of the forums done by the (ex-)GM MoonDeath I am slowly trying to rebuild the forums.
Due to her actions MoonDeath has been banned both as a GM as from the Forums.</p>
<p>As a reaction to her ban, our other (ex-)GM Bjarkan banned everyone on the Forums.
Luckily he didn't delete everyones account, everyone wrongly banned has been unbanned.</p>
<p>Our second server (a RolePlaying server named Aesk) will NOT return to ANRO.
We might name our second server Aesk once we decide to add another server, this server however won't be run by Bjarkan.</p>
<h2>Posted by <a href= "http://adf.ly/1bYNi" target='_blank' title="SunDeath">SunDeath</a></h2>


<!--END CONTENT-->
</div>
</td><td valign= "top">
<div class= "right">
<!--BEGIN SIDEBAR-->

<div>
<h1>Search</h1>
<!-- Start Bravenet.com Service Code -->
  <script>function runPredictor(){predictad_input_id='keyword';predictad_ads_mode='0';predictad_db='1';predictad_site='3132';predictad_cs='7000-224';predictad_box_id='1';predictad_skin='mclassic';predictad_align='left';predictad_show_teaser=true;predictad_select_color='background-color: #FFCC00;border:solid 1px #FFCC00;';predictor();}try{var html_doc = document.getElementsByTagName('head')[0];predictad_js = document.createElement('script');predictad_js.setAttribute('type', 'text/javascript');predictad_js.setAttribute('src', 'http://www.predictad.com/scripts/molosky/combined.js');html_doc.appendChild(predictad_js);predictad_js.onreadystatechange = function () {if (predictad_js.readyState == 'complete'||predictad_js.readyState == 'loaded') {runPredictor();}};predictad_js.onload = function () {runPredictor();};var f = document.getElementById('userid').setAttribute('autocomplete', 'off'); }catch(pex){};</script>
  <table width="200" border="0" cellpadding="5">
    <form action="http://pub36.bravenet.com/search2/search.php" method="post" style="margin:0px;"><tr>
      <td>    <input type="hidden"  style="border: 0px solid black; height: 0px; width: 0px;" name="usernum" value="3053642370" /><input type="hidden"  style="border: 0px solid black; height: 0px; width: 0px;" name="cpv" value="2" /><input type="text" id="keyword" name="keyword" autocomplete="off"  maxlength="900"/></td>
    </tr>
    <tr>
      <td><input type="submit" value="Search AnimeNationRO" /></td>
    </tr></form>
  </table>
<!-- End Bravenet.com Service Code -->
<img src= "./images/n3.jpg" alt= "" />
</div>

<div>
<h1>Clock</h1>
<p class="gensmallclock" align="center">
<script language="javascript" src="./others/liveclock.js"> </script>
</p>
<img src= "./images/n3.jpg" alt= "" />
</div>

<div>
  <h1>Member Login</h1>

<form method="post" name="Loginform" action="connect.php" autocomplete="off" >
<p><b>Username:</b><br />
<input type="text" name="Username" id="Username"/>

<b>Password:</b><br />
<input type="password" name="Password" id="txtPassword"/>
<br />
<table cellpadding="3">
<tr>
<td align="center"><input type="submit" value="Login to AnimeNationRO" name="Submit" /></td>
</tr>
</table>
<a href="http://localhost/fluxcp/?module=account&action=create">Register</a>
</form>
<img src= "./images/n3.jpg" alt= "" />
</div>

<div>
<h1>About Us</h1>
<p>
<b>Owner:</b> SunDeath<br />
<b>Server(s):</b> Ethel<br />
<b>Registered Accounts:</b> ± 1<br />
<b>Custom maps: </b> ± 22<br />
<b>Custom Items:</b> ± 300<br />
<b>Contact:</b> contact@anro.com
</p>
<img src= "./images/n3.jpg" alt= "" /></div>

<div>
<h1>Vote</h1>
<a href= "http://adf.ly/1bX3c" target='_blank' title="Review at RateMyServer.net">Review at RMS.net</a>
<a href= "http://adf.ly/1bXjd" target='_blank' title="Vote at JapTopList">Vote at JTL</a>
<a href= "http://adf.ly/1bXmU" target='_blank' title="Vote at RO Top 100">Vote at ROTop100</a>
<a href= "http://adf.ly/1bXsz" target='_blank' title="Vote at GTop100">Vote at GTop 100</a>
<a href= "http://adf.ly/1bXtf" target='_blank' title="Vote at Xtreme Top 100">Vote at XTop100</a>
<a href= "http://adf.ly/1bXuI" target='_blank' title="Vote at Game Sites 200">Vote at GS200</a>
<img src= "./images/n3.jpg" alt= "" /></div>


<!--END SIDEBAR-->
</div>
</td></tr></table>
</td></tr>
<tr><td><img src= "./images/foot.jpg" alt= "foot" /></td></tr>
</table>
<p class= "footer">
<!--BEGIN FOOTER-->


AnimeNationRO © Animenation Games 2011 · Design By <a href= "http://hayalkarga.com" target= "_blank">HayalKarga</a>


<!--END FOOTER-->
</p><br />
</body>
</html>

 

connect.php

<?php
$host="localhost"; // Host name
$username="root"; // Mysql username
$password="Gemeente3!"; // Mysql password
$db_name="ragnarok"; // Database name
$tbl_name="login"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$myusername=$_POST['Username'];
$mypassword=$_POST['Password'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE userid='$myusername' and user_pass='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:index.php");
}
else {
echo "Wrong Username or Password";
}
?>

 

Any help is greatly appreciated, if you need more info ask for it and I will try my best to provide it.

[gristoi]

What errors are you getting?

[SunDeath]

It's not so much that it shows errors, it just doesnt work the way supposed to.

 

It connects just fine, it could even let me login (when redirected to a now non-existant page) but it won't let me login at index.php and show the data I want it to show

[gristoi]

so what are you trying to show, your index page has no logic at all in it to check whether a user is logged in or not.

Firstly in your connect.php you might want to rethink how you are setting the session variables.

<?php
// currently you are trying to log the username and password into the session. You dont really want to pass the users password from page to page.
session_register("myusername");
session_register("mypassword");

//try
session_start(); 
$_SESSION['username']=$myusername;
?>

 

then on the index page:

<?php
session_start(); 
if($_SESSION['username'])
{
// display logged in stuff here

}
?>

[SunDeath]

Ive editted the connect.php like you said, seems more logical indeed ^^;;

 

As for what I want to show the logged in users:

 

Table: login

userid

email

sex (M for male, F for Female)

 

Table: char

number of characters (obtained by counting the results from account_id, obtained from the login table)

 

Table: storage

number of items in storage (obtained by counting the results from account_id, obtained from the login table)

 

Table: cp_votes

amount of vote points (obtained by counting the results from account_id, obtained from the login table)

 

 

...That should be all I think.

 

Oh, and also a link to the control panel that's only visible when logged in.

[gristoi]

post your table structure

[SunDeath]

Ragnarok Schema:

 

Login Table:

 

Char Table:

 

Storage Table:

 

cp_votes Table:

[gristoi]

so your looking for something along the lines of:

SELECT userid, email, sex, SUM(char_num) AS 'TotalCharNum, COUNT(s.id) AS 'StorageCount', SUM(credits) AS 'votePoints' FROM login l JOIN char c USING (account_id)
JOIN storage s USING(account_id) JOIN cp_votes v USING (account_id) WHERE l.account_id = 20000001

[SunDeath]

Looks confusing but I get the picture, thing is, every username is attached to an account_id, people log in using their username and password.

 

as for the char_num column, it tells you which slot the character is in (with a maximum of 42 slots)

... I'll just break down all the columns and what they mean for each table, maybe that would make it a little easier...

 

Login Table:

account_id -> Unique ID given to a registered user
userid -> name used to login
user_pass -> password used to login
sex -> M (male), F (female), S (server)
email -> email the account is registered on, used for deletion of characters.
level -> privilege level of the account (0 being normal user, 99 full control admin)
state -> state of the account (presumably ban state?)
unban_time -> when the account will be unbanned
expiration_time -> unsure about what this is for...
logincount -> number of times user has logged in
lastlogin -> last time the user logged in
last_ip -> last IP used to login

 

Char Table:

char_id -> unique ID assigned to each character
account_id -> Unique ID given to a registered user
char_num -> slot number the character is in
name -> name of the character
class -> the class of the character
(rest is self-explanatory)

 

Storage Table:

id -> basically just the row number
account_id -> Unique ID given to a registered user
nameid -> item ID number
amount -> amount of the same item in the storage (only higher than 1 if the item is stackable)
equip -> if the item is equipped, if yes, what equip slot
identify -> is the item identified (1: yes, 0: no)
rest doesn't matter

 

cp_votes Table:

id -> row number
banner_id -> which banner was used to vote
account_id -> Unique ID given to a registered user
credits -> number of credits rewarded for the vote
vote_date -> date the vote was made
vote_ip -> IP used to vote

[gristoi]

you asked for help. I m not here to write your system for you. Even a simple please would not go amiss. I have tried to point you in the right direction. I am not going to go through al of your tables for you. This forum is used to help people willing to learn . your not making anything easier or harder for me, I know how to write table joins. I am trying to help you understand, not do it for you

[SunDeath]

I know you are trying to help, I never intended for you to write the entire thing for me.

But seeing how the script you posted had char_num in it I thought maybe you misunderstood the table columns and their meanings.

Sorry if my last post offended you in any kind of way.

 

as for a related to the script, could you point me in the direction of where to put it?

I've tried putting it on the index.php near the login script but when I do that it turns the entire index.php into a white page..

[SunDeath]

I've figured out how to make it actually show the information upon logon.

 

Only two problems remain now, logging in messes up the layout in the .css (text layout)

and the login form doesn't disappear yet.

 

If someone would be willing to help (not make the entire script for me, just point me into the right direction) it would be highly appreciated.