Jump to content


Photo

[SOLVED] Simple Login/Register/Logout


  • Please log in to reply
11 replies to this topic

#1 charlieholder

charlieholder
  • Members
  • PipPipPip
  • Advanced Member
  • 1,419 posts
  • LocationAtlanta, GA

Posted 23 October 2006 - 01:34 PM

Second post! Very new to PHP. I've created a database and add a table with a few fields (Username, Password, Email, and Status) and I'm trying to just create a simple Login/Register/Logout page.

When you click login, the login form comes up, if you click register, the register form comes up, if you login successfully you see the logout link. The page loads with the Login and Register links and I click either one nothing happens. Here's my code. I know I'm doing some nOOb stuff, but I don't really know what's going on. Thanks.

<?php
session_start();
session_register("LoggedInUser");

$uname = $_POST['username'];
$pwd = $_POST['password'];
$action = "";
$loggedIn = "false";

if (isset($uname)) {
	//Connect To Database
	$hostname=""; //taken out so you don't steal my info
	$username=""; //taken out so you don't steal my info
	$password=""; //taken out so you don't steal my info
	$dbname=""; //taken out so you don't steal my info
	
	mysql_connect($hostname,$username, $password) OR DIE ("Unable to connect to database! Please try again later.");
	mysql_select_db($dbname);
	
	$query = "SELECT * FROM Users";
	$result = mysql_query($query);
	if($result) {
	    while($row = mysql_fetch_array($result)){
	        $name = $row["Username"];
	        $pass = $row["Password"];
	        $status = $row["Status"];
	        if ($uname == $name && $pwd == $pass) {
	        	$HTTP_SESSION_VARS ["LoggedInUser"] = $uname;
			$loggedIn = "true";
	        }
	    }
	}
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title></title>
</head>

<body id="centerHack">

<div class="main" style="background: transparent url(img/bg_one.gif) top center no-repeat;">
	<div class="header">
		<div class="header_content"></div>
	</div>
	<div class="middle">
		<div class="middle_content"></div>
	</div>
	<div class="footer">
		<div class="footer_content">
			<p><a href="index.php?action=login">Login</a></p>
			<?php if (!isset($HTTP_SESSION_VARS['LoggedInUser']) && $action == "login") { ?>
			<form action="index.php" method="post">
				<p>Username: <input type="text" name="username" maxlength="20" /></p>
				<p>Password: <input type="password" name="password" maxlength="12" /></p>
				<input type="submit" value="Submit" />
			</form>
			<?php } ?>
			<p><a href="index.php?action=register">Register</a></p>
			<?php if (!isset($HTTP_SESSION_VARS['LoggedInUser']) && $action == "register") { ?>
			<form action="userConfirm.php" method="post">
				<p>Username: <input type="text" name="username" maxlength="20" /></p>
				<p>Password: <input type="password" name="password" maxlength="12" /></p>
				<p>Email: &nbsp;&nbsp;&nbsp;<input type="text" name="email" maxlength="100" /></p>
				<input type="submit" value="Submit" />
			</form>
			<?php } ?>
			<?php if (isset($HTTP_SESSION_VARS['LoggedInUser']) && $loggedIn == "true") { ?>
			<a href="index.php?action=logout">Logout</a>
			<?php } ?>
		</div>
	</div>
</div>

</body>
</html>

PHP Manual | MySQL Reserved Words

Please mark TOPIC SOLVED when you've reached a solution.
Adding [code][/code] tags around your code increases your chances of receiving help.

I don't always test the code I write.


#2 HuggieBear

HuggieBear
  • Members
  • PipPipPip
  • Advanced Member
  • 1,899 posts
  • LocationEngland, UK

Posted 23 October 2006 - 01:46 PM

You need to get the value of action from the URL.

You have this at the top of your code:
$action = "";

Change it to this:

$action = (empty($_GET['action'])) ? "" : $_GET['action'];

I'd also change your query as currently you're getting all the rows from the database, you'd be better with this:

$query = "SELECT * FROM Users where Username = '$uname' AND Password = '$pwd'";
$result = mysql_query($query);
if ($result){
   $row = mysql_fetch_array($result);
   $_SESSION['LoggedInUser'] = $uname;
   $loggedin = "true";
}

Regards
Huggie
Advice to MySQL users: Get phpMyAdmin and test your queries work there first, take half the hassle out of diagnosis, also check the reserved words list.

Links: PHP Docs :: RegEx's :: MySQL :: DevGuru :: w3schools

#3 charlieholder

charlieholder
  • Members
  • PipPipPip
  • Advanced Member
  • 1,419 posts
  • LocationAtlanta, GA

Posted 23 October 2006 - 01:49 PM

$action = (empty($_GET['action'])) ? "" : $_GET['action'];


What does empty() do? I looked it up on PHP.net but I still don't understand.

? "" :


And what does that mean?

PHP Manual | MySQL Reserved Words

Please mark TOPIC SOLVED when you've reached a solution.
Adding [code][/code] tags around your code increases your chances of receiving help.

I don't always test the code I write.


#4 HuggieBear

HuggieBear
  • Members
  • PipPipPip
  • Advanced Member
  • 1,899 posts
  • LocationEngland, UK

Posted 23 October 2006 - 01:57 PM

I'm using the ternary operator, you can read about it here

It's the same as saying...

<?php
if (empty($_GET['action'])){ // This says if the variable is empty, has nothing assigned to it
   $action = "";
}
else {
   $action = $_GET['action'];
}
?>

Regards
Huggie
Advice to MySQL users: Get phpMyAdmin and test your queries work there first, take half the hassle out of diagnosis, also check the reserved words list.

Links: PHP Docs :: RegEx's :: MySQL :: DevGuru :: w3schools

#5 charlieholder

charlieholder
  • Members
  • PipPipPip
  • Advanced Member
  • 1,419 posts
  • LocationAtlanta, GA

Posted 23 October 2006 - 02:04 PM

So it works for the very first time that you login. Once you login and logout, the links don't work anymore. Does it have something to do with not setting $loggedIn back to false or not destroying the session? Here's the updated code.

<?php
session_start();
session_register("LoggedInUser");

$uname = $_POST['username'];
$pwd = $_POST['password'];
$action = (empty($_GET['action'])) ? "" : $_GET['action'];
$loggedIn = "false";

if (isset($uname)) {
	//Connect To Database
	$hostname="...";
	$username="...";
	$password="...";
	$dbname="...";
	
	mysql_connect($hostname,$username, $password) OR DIE ("Unable to connect to database! Please try again later.");
	mysql_select_db($dbname);
	
	$query = "SELECT * FROM Users";
	$result = mysql_query($query);
	if($result) {
		while($row = mysql_fetch_array($result)){
			$name = $row["Username"];
			$pass = $row["Password"];
			$status = $row["Status"];
			if ($uname == $name && $pwd == $pass) {
				$HTTP_SESSION_VARS ["LoggedInUser"] = $uname;
				$loggedIn = "true";
	        }
	    }
	}
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head><title></title></head>

<body id="centerHack">

<div class="main" style="background: transparent url(img/bg_one.gif) top center no-repeat;">
	<div class="header"><div class="header_content"></div></div>
	<div class="middle"><div class="middle_content"></div></div>
	<div class="footer">
		<div class="footer_content">
			<p><a href="index.php?action=login">Login</a></p>
			<?php if (!isset($HTTP_SESSION_VARS['LoggedInUser']) && $action == "login") { ?>
			<form action="index.php" method="post">
				<p>Username: <input type="text" name="username" maxlength="20" /></p>
				<p>Password: <input type="password" name="password" maxlength="12" /></p>
				<input type="submit" value="Submit" />
			</form>
			<?php } ?>
			<p><a href="index.php?action=register">Register</a></p>
			<?php if (!isset($HTTP_SESSION_VARS['LoggedInUser']) && $action == "register") { ?>
			<form action="userConfirm.php" method="post">
				<p>Username: <input type="text" name="username" maxlength="20" /></p>
				<p>Password: <input type="password" name="password" maxlength="12" /></p>
				<p>Email: &nbsp;&nbsp;&nbsp;<input type="text" name="email" maxlength="100" /></p>
				<input type="submit" value="Submit" />
			</form>
			<?php } ?>
			<?php if (isset($HTTP_SESSION_VARS['LoggedInUser']) && $loggedIn == "true") { ?>
			<p>Welcome <?php echo $uname; ?>, you are currently logged in.</p>
			<a href="index.php?action=logout">Logout</a>
			<?php } ?>
		</div>
	</div>
</div>
</body>
</html>

PHP Manual | MySQL Reserved Words

Please mark TOPIC SOLVED when you've reached a solution.
Adding [code][/code] tags around your code increases your chances of receiving help.

I don't always test the code I write.


#6 HuggieBear

HuggieBear
  • Members
  • PipPipPip
  • Advanced Member
  • 1,899 posts
  • LocationEngland, UK

Posted 23 October 2006 - 02:08 PM

Yes, your code doesn't have a section for logged out.

It should be destroying the session variable and changing $loggedin to false.

Regards
Huggie
Advice to MySQL users: Get phpMyAdmin and test your queries work there first, take half the hassle out of diagnosis, also check the reserved words list.

Links: PHP Docs :: RegEx's :: MySQL :: DevGuru :: w3schools

#7 charlieholder

charlieholder
  • Members
  • PipPipPip
  • Advanced Member
  • 1,419 posts
  • LocationAtlanta, GA

Posted 23 October 2006 - 02:38 PM

I'm trying to get the login and register links to disappear once your logged in because it breaks the page when you click those links if you're logged in. Don't really know why they aren't showing up. I added a test to check if $loggedIn was false and it still renders.

<?php
session_start();
session_register("LoggedInUser");

$uname = $_POST['username'];
$pwd = $_POST['password'];
$action = (empty($_GET['action'])) ? "" : $_GET['action'];
$loggedIn = "false";
if ($_GET['action'] == "logout") {
	session_destroy();
	$loggedIn = "false";
}

if (isset($uname)) {
	//Connect To Database
	$hostname="...";
	$username="...";
	$password="...";
	$dbname="...";
	
	mysql_connect($hostname,$username, $password) OR DIE ("Unable to connect to database! Please try again later.");
	mysql_select_db($dbname);
	
	$query = "SELECT * FROM Users";
	$result = mysql_query($query);
	if($result) {
		while($row = mysql_fetch_array($result)){
			$name = $row["Username"];
			$pass = $row["Password"];
			$status = $row["Status"];
			if ($uname == $name && $pwd == $pass) {
				$HTTP_SESSION_VARS ["LoggedInUser"] = $uname;
				$loggedIn = "true";
	        }
	    }
	}
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head><title></title></head>
<body id="centerHack">
<div class="main" style="background: transparent url(img/bg_one.gif) top center no-repeat;">
	<div class="header"><div class="header_content"></div></div>
	<div class="middle"><div class="middle_content"></div></div>
	<div class="footer">
		<div class="footer_content">
			<p><a href="index.php?action=login">Login</a></p>
			<?php if (!isset($HTTP_SESSION_VARS['LoggedInUser']) && $action == "login" && $loggedIn == "false") { ?>
			<form action="index.php" method="post">
				<p>Username: <input type="text" name="username" maxlength="20" /></p>
				<p>Password: <input type="password" name="password" maxlength="12" /></p>
				<input type="submit" value="Login" />
			</form>
			<?php } ?>
			<p><a href="index.php?action=register">Register</a></p>
			<?php if (!isset($HTTP_SESSION_VARS['LoggedInUser']) && $action == "register" && $loggedIn == "false") { ?>
			<form action="userConfirm.php" method="post">
				<p>Username: <input type="text" name="username" maxlength="20" /></p>
				<p>Password: <input type="password" name="password" maxlength="12" /></p>
				<p>Email: &nbsp;&nbsp;&nbsp;<input type="text" name="email" maxlength="100" /></p>
				<input type="submit" value="Register" />
			</form>
			<?php } ?>
			<?php if (isset($HTTP_SESSION_VARS['LoggedInUser']) && $loggedIn == "true") { ?>
			<p>Welcome <?php echo $uname; ?>, you are currently logged in.</p>
			<a href="index.php?action=logout">Logout</a>
			<?php } ?>
		</div>
	</div>
</div>
</body>
</html>

PHP Manual | MySQL Reserved Words

Please mark TOPIC SOLVED when you've reached a solution.
Adding [code][/code] tags around your code increases your chances of receiving help.

I don't always test the code I write.


#8 HuggieBear

HuggieBear
  • Members
  • PipPipPip
  • Advanced Member
  • 1,899 posts
  • LocationEngland, UK

Posted 23 October 2006 - 02:43 PM

LoggedIn is always going to be set to false, as you've got it coded outside of a conditional statement.  Look at line 8 of your code.

Regards
Huggie
Advice to MySQL users: Get phpMyAdmin and test your queries work there first, take half the hassle out of diagnosis, also check the reserved words list.

Links: PHP Docs :: RegEx's :: MySQL :: DevGuru :: w3schools

#9 charlieholder

charlieholder
  • Members
  • PipPipPip
  • Advanced Member
  • 1,419 posts
  • LocationAtlanta, GA

Posted 23 October 2006 - 04:09 PM

I'm getting an error on this code. I have no idea what's wrong.
Error: Parse error: parse error, unexpected $ in /home/content/c/h/a/charlieholder/html/index.php on line 91
Line 91 is the very last line (i.e. </html>)

<?php
session_start();
session_register("LoggedInUser");

$uname = $_POST['username'];
$pwd = $_POST['password'];
$action = (empty($_GET['action'])) ? "" : $_GET['action'];

if ($_GET['action'] == "logout") {
	session_destroy();
	$loggedIn = "false";
}
if (!isset($loggedIn)) {
	$loggedIn = "unknown";
}
if (isset($uname)) {
	//Connect To Database
	$hostname="...";
	$username="...";
	$password="...";
	$dbname="...";
	
	mysql_connect($hostname,$username, $password) OR DIE ("Unable to connect to database! Please try again later.");
	mysql_select_db($dbname);
	
	$query = "SELECT * FROM Users";
	$result = mysql_query($query);
	if($result) {
		while($row = mysql_fetch_array($result)){
			$name = $row["Username"];
			$pass = $row["Password"];
			$status = $row["Status"];
			if ($uname == $name && $pwd == $pass) {
				$HTTP_SESSION_VARS ["LoggedInUser"] = $uname;
				$loggedIn = "true";
	        }
	    }
	}
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head><title></title></head>
<body id="centerHack">
<div class="main" style="background: transparent url(img/bg_one.gif) top center no-repeat;">
	<div class="header"><div class="header_content"></div></div>
	<!-- <div class="middle"><div class="middle_content"></div></div> //-->
	<div class="footer">
		<div class="footer_content">
			<?php if ($loggedIn == "unknown" || $loggedIn == "false") { ?>
			<p><a href="index.php?action=login">Login</a></p>
			<?php }
			if (!isset($HTTP_SESSION_VARS['LoggedInUser']) && $action == "login") { ?>
			<form action="index.php" method="post">
				<p>Username: <input type="text" name="username" maxlength="20" /></p>
				<p>Password: <input type="password" name="password" maxlength="12" /></p>
				<input type="submit" value="Login" />
			</form>
			<?php if ($loggedIn == "unknown" || $loggedIn == "false") { ?>
			<p><a href="index.php?action=register">Register</a></p>
			<?php }
			if (!isset($HTTP_SESSION_VARS['LoggedInUser']) && $action == "register") { ?>
			<form action="userConfirm.php" method="post">
				<p>Username: <input type="text" name="username" maxlength="20" /></p>
				<p>Password: <input type="password" name="password" maxlength="12" /></p>
				<p>Email: &nbsp;&nbsp;&nbsp;<input type="text" name="email" maxlength="100" /></p>
				<input type="submit" value="Register" />
			</form>
			<?php }
			if (isset($HTTP_SESSION_VARS['LoggedInUser']) && $loggedIn == "true") { ?>
			<p>Welcome <?php echo $uname; ?>, you are currently logged in.</p>
			<a href="index.php?action=logout">Logout</a>
			<?php } ?>
		</div>
	</div>
</div>
</body>
</html>

PHP Manual | MySQL Reserved Words

Please mark TOPIC SOLVED when you've reached a solution.
Adding [code][/code] tags around your code increases your chances of receiving help.

I don't always test the code I write.


#10 HuggieBear

HuggieBear
  • Members
  • PipPipPip
  • Advanced Member
  • 1,899 posts
  • LocationEngland, UK

Posted 23 October 2006 - 04:22 PM

There's only 80 lines in the code you posted, have you posted the correct/complete code?

Regards
Huggie
Advice to MySQL users: Get phpMyAdmin and test your queries work there first, take half the hassle out of diagnosis, also check the reserved words list.

Links: PHP Docs :: RegEx's :: MySQL :: DevGuru :: w3schools

#11 charlieholder

charlieholder
  • Members
  • PipPipPip
  • Advanced Member
  • 1,419 posts
  • LocationAtlanta, GA

Posted 23 October 2006 - 05:13 PM

You are right. The are only 80. IT's the </html> anyway.

PHP Manual | MySQL Reserved Words

Please mark TOPIC SOLVED when you've reached a solution.
Adding [code][/code] tags around your code increases your chances of receiving help.

I don't always test the code I write.


#12 HuggieBear

HuggieBear
  • Members
  • PipPipPip
  • Advanced Member
  • 1,899 posts
  • LocationEngland, UK

Posted 23 October 2006 - 05:23 PM

OK, on line 61, try changing this:

<?php if ($loggedIn == "unknown" || $loggedIn == "false") { ?>

To this:

<?php } if ($loggedIn == "unknown" || $loggedIn == "false") { ?>

Regards
Huggie
Advice to MySQL users: Get phpMyAdmin and test your queries work there first, take half the hassle out of diagnosis, also check the reserved words list.

Links: PHP Docs :: RegEx's :: MySQL :: DevGuru :: w3schools




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users