Jump to content

help me to create a login and logout form with session

MachineGamer

By MachineGamer
in PHP Coding Help

 Share

Recommended Posts

MachineGamer Newbie

MachineGamer

Posted
Posted

Hey there ,

i am newbie in php ,please anyone can help me to create a login and logout form with session ,i already create one ,but i think it's not that good :

 

<?php
require_once('init.php');
include_once("scripts/connect.php");
$login_error = "";
$email = "";
$password= "";


if(isset($_GET['login'])){


//tags remove html tags
$email = strip_tags(mysql_real_escape_string($_POST['email']));
$password = strip_tags(mysql_real_escape_string($_POST['password']));


$sql = mysql_query("SELECT mail_enseignant,Nom_Enseignant,Mot_de_passe FROM enseignant WHERE mail_enseignant='".$email."' AND Mot_de_passe='".$password."' LIMIT 1");
 echo mysql_error(); 
if(mysql_num_rows($sql) == 1){
$row = mysql_fetch_assoc($sql);
$_SESSION['mail_enseignant'] = $row['mail_enseignant'];
$_SESSION['Nom_Enseignant'] = $row['Nom_Enseignant'];
$_SESSION['Mot_de_passe'] = $row['Mot_de_passe'];


header("Location: Login/note-on.php");
exit();
}else{
$login_error="invalid Information...";
}
}
?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="EN" lang="EN" dir="ltr">
<head profile="http://gmpg.org/xfn/11">
<title>Département Math-Info</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta http-equiv="imagetoolbar" content="no" />
<link rel="stylesheet" href="styles/layout.css" type="text/css" />
</head>
<body id="top">
<div class="wrapper row1">
  <div id="header" class="clear">
    <div class="fl_left">
      <h1><a href="index.php">Département Math-Info</a></h1>
      <p>Just Pour Vous</p>
    </div>
   
  </div>
</div>
<!-- ####################################################################################################### -->
<div class="wrapper row2">
  <div id="topnav">
    <ul>
      <li><a href="index.php">Homepage</a></li>
      <li class="active"><a href="style-demo.php">Contact Us</a></li>
      <li><a href="nouveaute.php"> Nouveauté</a></li>
      
      <li><a href="note-off.php">NOTE TAB</a></li>
      <li class="last"><a href="gallery.php">Gallery</a></li>
    </ul>
    <div  class="clear"></div>
  </div>
</div>
<!-- ####################################################################################################### -->
<div class="wrapper row4">
  <div id="container" class="center">
    <!-- ####################################################################################################### -->
   <h3>Ensiegnant Login Below</h3>
   <form action="?login" method="post" >
      <fieldset>
        <legend>Enseingant Login</legend>


<p>Mail_Ens: <input type="text" name="email" value="<?php echo $email;?>" /></p>
        <p>Password: <input type="password" name="password" value="<?php echo $password;?>" /></p>
<p>
<?php if (isset($login_error) && ($login_error != "")){
echo "<p style='margin-right: 10px;color: #ff0000'>".$login_error."</p>";
}?>
<input type="submit" value="Login Enseignant" name="submit_login"/></p>
      <!--  <input type="image" src="images/sign_in.gif" id="signin" alt="Sign In" />-->
      </fieldset>
    </form>
      
    <!-- ####################################################################################################### -->
    <div class="clear"></div>
  </div>
</div>
<!-- ####################################################################################################### -->
<div class="wrapper row5">
  <div id="footer" class="clear">
    <!-- ####################################################################################################### -->
    <div class="foot_contact">
      <h2>University Name Here</h2>
      <address>
      Address Line 1<br />
      Address Line 2<br />
      Town/City<br />
      Postcode/Zip
      </address>
      <ul>
        <li><strong>Tel:</strong> xxxxx xxxxxxxxxx</li>
        <li><strong>Fax:</strong> xxxxx xxxxxxxxxx</li>
        <li class="last"><strong>Email:</strong> <a href="#">contact@mydomain.com</a></li>
      </ul>
    </div>
    <div class="footbox">
      <h2>Administration</h2>
      <ul>
        <li><a href="#">Disclaimer</a></li>
        <li><a href="#">Accessibility</a></li>
        <li><a href="#">Freedom of Information</a></li>
        <li><a href="#">Website Privacy</a></li>
        <li><a href="#">Press Release Information</a></li>
        <li><a href="#">Annual Report</a></li>
        <li><a href="#">Financial Statements</a></li>
        <li><a href="#">Job Vacancies</a></li>
        <li class="last"><a href="#">Semester Dates</a></li>
      </ul>
    </div>
    <div class="footbox">
      <h2>Link Block 2</h2>
      <ul>
        <li><a href="#">Schools and Colleges</a></li>
        <li><a href="#">Student Activities</a></li>
        <li><a href="#">Student Affairs</a></li>
        <li><a href="#">Student Development</a></li>
        <li><a href="#">Student Financial Services</a></li>
        <li><a href="#">Student Group Directory</a></li>
        <li><a href="#">Student Life</a></li>
        <li><a href="#">International Students</a></li>
        <li class="last"><a href="#">Global Learning</a></li>
      </ul>
    </div>
    <div class="footbox last">
      <h2>Link Block 3</h2>
      <ul>
        <li><a href="#">Academic Advisory</a></li>
        <li><a href="#">Academic Assistance</a></li>
        <li><a href="#">Academic Calendars</a></li>
        <li><a href="#">Academics Office</a></li>
        <li><a href="#">Administration</a></li>
        <li><a href="#">Adult Learners</a></li>
        <li><a href="#">Alumni Chapters</a></li>
        <li><a href="#">Alumni Events</a></li>
        <li class="last"><a href="#">Residential Colleges</a></li>
      </ul>
    </div>
    <!-- ####################################################################################################### -->
  </div>
</div>
<!-- ####################################################################################################### -->
<div class="wrapper">
  <div id="copyright" class="clear">
    <p class="fl_left">Copyright © 2013 - All Rights Reserved - <a href="#">Domain Name</a></p>
    <p class="fl_right">Template by <a href="http://www.os-templates.com/" title="Free Website Templates">OS Templates</a></p>
  </div>
</div>
</body>
</html>

i want to create a fresh one and please give me some tips on how to make the user logged in see pages that can't see when he logged out and i hope that u don't give me links for tutorials or files because i already try that and i didn't made nothing thanks in advance !

 

Link to comment
Share on other sites
trq Prolific Member

trq

Posted
Posted

Seriously, there must be already hundreds of tutorials on this subject.

 

Do you want use to write another one just for you?

 

How about, you try an existing one and come and ask a specific question when/if you get stuck.

Link to comment
Share on other sites
MachineGamer Newbie

MachineGamer

Posted
  • Author
Posted

ok i already created this one :

 

-----login.php----------

<?php
require_once('init.php');
include_once("scripts/connect.php");
$login_error = "";
$email = "";
$password= "";


if(isset($_GET['login'])){




$email = strip_tags(mysql_real_escape_string($_POST['email']));
$password = strip_tags(mysql_real_escape_string($_POST['password']));


$sql = mysql_query("SELECT mail_enseignant,Nom_Enseignant,Mot_de_passe FROM enseignant WHERE mail_enseignant='".$email."' AND Mot_de_passe='".$password."' LIMIT 1");
 echo mysql_error(); 
if(mysql_num_rows($sql) == 1){
$row = mysql_fetch_assoc($sql);
$_SESSION['mail_enseignant'] = $row['mail_enseignant'];
$_SESSION['Nom_Enseignant'] = $row['Nom_Enseignant'];
$_SESSION['Mot_de_passe'] = $row['Mot_de_passe'];


header("Location: Login/note-on.php");
exit();
}else{
$login_error="invalid Information...";
}
}
?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="EN" lang="EN" dir="ltr">
<head profile="http://gmpg.org/xfn/11">
<title>Département Math-Info</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta http-equiv="imagetoolbar" content="no" />
<link rel="stylesheet" href="styles/layout.css" type="text/css" />
</head>
<body id="top">
<div class="wrapper row1">
  <div id="header" class="clear">
    <div class="fl_left">
      <h1><a href="index.php">Département Math-Info</a></h1>
      <p>Just Pour Vous</p>
    </div>
   
  </div>
</div>
<!-- ####################################################################################################### -->
<div class="wrapper row2">
  <div id="topnav">
    <ul>
      <li><a href="index.php">Homepage</a></li>
      <li class="active"><a href="style-demo.php">Contact Us</a></li>
      <li><a href="nouveaute.php"> Nouveauté</a></li>
      
      <li><a href="note-off.php">NOTE TAB</a></li>
      <li class="last"><a href="gallery.php">Gallery</a></li>
    </ul>
    <div  class="clear"></div>
  </div>
</div>
<!-- ####################################################################################################### -->
<div class="wrapper row4">
  <div id="container" class="center">
    <!-- ####################################################################################################### -->
   <h3>Ensiegnant Login Below</h3>
   <form action="?login" method="post" >
      <fieldset>
        <legend>Enseingant Login</legend>


<p>Mail_Ens: <input type="text" name="email" value="<?php echo $email;?>" /></p>
        <p>Password: <input type="password" name="password" value="<?php echo $password;?>" /></p>
<p>
<?php if (isset($login_error) && ($login_error != "")){
echo "<p style='margin-right: 10px;color: #ff0000'>".$login_error."</p>";
}?>
<input type="submit" value="login" name="submit_login"/></p>
      <!--  <input type="image" src="images/sign_in.gif" id="signin" alt="Sign In" />-->
      </fieldset>
    </form>
      
    <!-- ####################################################################################################### -->
    <div class="clear"></div>
  </div>
</div>
<!-- ####################################################################################################### -->
<div class="wrapper row5">
  <div id="footer" class="clear">
    <!-- ####################################################################################################### -->
    <div class="foot_contact">
      <h2>University Name Here</h2>
      <address>
      Address Line 1<br />
      Address Line 2<br />
      Town/City<br />
      Postcode/Zip
      </address>
      <ul>
        <li><strong>Tel:</strong> xxxxx xxxxxxxxxx</li>
        <li><strong>Fax:</strong> xxxxx xxxxxxxxxx</li>
        <li class="last"><strong>Email:</strong> <a href="#">contact@mydomain.com</a></li>
      </ul>
    </div>
    <div class="footbox">
      <h2>Administration</h2>
      <ul>
        <li><a href="#">Disclaimer</a></li>
        <li><a href="#">Accessibility</a></li>
        <li><a href="#">Freedom of Information</a></li>
        <li><a href="#">Website Privacy</a></li>
        <li><a href="#">Press Release Information</a></li>
        <li><a href="#">Annual Report</a></li>
        <li><a href="#">Financial Statements</a></li>
        <li><a href="#">Job Vacancies</a></li>
        <li class="last"><a href="#">Semester Dates</a></li>
      </ul>
    </div>
    <div class="footbox">
      <h2>Link Block 2</h2>
      <ul>
        <li><a href="#">Schools and Colleges</a></li>
        <li><a href="#">Student Activities</a></li>
        <li><a href="#">Student Affairs</a></li>
        <li><a href="#">Student Development</a></li>
        <li><a href="#">Student Financial Services</a></li>
        <li><a href="#">Student Group Directory</a></li>
        <li><a href="#">Student Life</a></li>
        <li><a href="#">International Students</a></li>
        <li class="last"><a href="#">Global Learning</a></li>
      </ul>
    </div>
    <div class="footbox last">
      <h2>Link Block 3</h2>
      <ul>
        <li><a href="#">Academic Advisory</a></li>
        <li><a href="#">Academic Assistance</a></li>
        <li><a href="#">Academic Calendars</a></li>
        <li><a href="#">Academics Office</a></li>
        <li><a href="#">Administration</a></li>
        <li><a href="#">Adult Learners</a></li>
        <li><a href="#">Alumni Chapters</a></li>
        <li><a href="#">Alumni Events</a></li>
        <li class="last"><a href="#">Residential Colleges</a></li>
      </ul>
    </div>
    <!-- ####################################################################################################### -->
  </div>
</div>
<!-- ####################################################################################################### -->
<div class="wrapper">
  <div id="copyright" class="clear">
    <p class="fl_left">Copyright © 2013 - All Rights Reserved - <a href="#">Domain Name</a></p>
    <p class="fl_right">Template by <a href="http://www.os-templates.com/" title="Free Website Templates">OS Templates</a></p>
  </div>
</div>
</body>
</html>

----------init.php--------

<?php
session_start();
?>

is it correct ?? please give me some tips on how to make the user logged in see pages that can't see when he logged out ,all i am doing is that if the user sign in correct i redirect him to other pages that i have made to display is that what i have to do ,and do i have to include the init.php in every page that i made thanks !

Link to comment
Share on other sites
denno020 Regular Member

denno020

Posted
Posted

You need to call session_start() at the top of every script that you wish to be 'login protected', so because of that, yes, you need to include init.php on every page.

 

To check if a user is signed in, set a session array value with their username. Then at the start of each of your pages, check the session array, if the username value is set, (optionally) check that that username corresponds to a user in your database, and if so, you can show them the content that only logged in users can see.

Link to comment
Share on other sites
MachineGamer Newbie

MachineGamer

Posted
  • Author
Posted

I wanted some help in php.

I am making a website for a university in php which will have a information to be displayed for every teacher ,so the same page will be visible in diffrent information depend on the login email !

right now, i have created my database and script of login ,but it's without session or cookies ,do i need those two to display a diffrent information with mysql query thanks in advance! ----------login.php----------

?php
require_once('init.php');
include_once("scripts/connect.php");
$login_error = "";
$email = "";
$password= "";

if(isset($_GET['login'])){

$email = strip_tags(mysql_real_escape_string($_POST['email']));
$password = strip_tags(mysql_real_escape_string($_POST['password']));

$sql = mysql_query("SELECT mail_enseignant,Nom_Enseignant,Mot_de_passe FROM enseignant WHERE mail_enseignant='".$email."' AND Mot_de_passe='".$password."' LIMIT 1");
echo mysql_error(); 
if(mysql_num_rows($sql) == 1){
$row = mysql_fetch_assoc($sql);
$_SESSION['mail_enseignant'] = $row['mail_enseignant'];
$_SESSION['Nom_Enseignant'] = $row['Nom_Enseignant'];
$_SESSION['Mot_de_passe'] = $row['Mot_de_passe'];

header("Location: note-on.php?email=$email");
exit();
}else{
$login_error="invalid Information...";
}
}
?>
<h3>Ensiegnant Login Below</h3>
<form action="?login" method="post" >
<fieldset>
<legend>Enseingant Login</legend>

<p>Mail_Ens: <input type="text" name="email" value="<?php echo $email;?>" /></p>
<p>Password: <input type="password" name="password" value="<?php echo $password;?>" /></p>
<p>
<?php if (isset($login_error) && ($login_error != "")){
echo "<p style='margin-right: 10px;color: #ff0000'>".$login_error."</p>";
}?>
<input type="submit" value="Login Enseignant" name="submit_login"/></p>
<!-- <input type="image" src="images/sign_in.gif" id="signin" alt="Sign In" />-->
</fieldset>
</form>

and this is the page that i wanna desplay a diffrent informaition based on the email of teacher logged in with

--------note-on.php----------

<div id="left_column">
<div class="holder">
<h2 class="title">Speciality & Groupe</h2>
<ul class="nostart">
<select name="select" class="textfields" id="Speciality">
<option id="0">-- Select Speciality --</option>
<?php echo $_SESSION['mail_enseignant']; ?> 
<?php 
if(isset($_GET['email'])){
$getallSpeciality = mysql_query("select Nom_Specialite from specialite where enseignant.mail_enseignant='".$email."'and enseignant.Id_Enseignant=affecte.Id_Enseignant and affecte.Id_Groupe=groupe.Id_Groupe and specialite.Id_Specialite=groupe.Id_Specialite");
while($viewallSpeciality = mysql_fetch_array($getallSpeciality)){
?>
<option id="<?php echo $viewallSpeciality['Id_Specialite']; ?>">
<?php echo $viewallSpeciality['Nom_specialite'] ?></option>
<?php }} ?>
</select>
</ul>
</div>

my query didn't work what's the problem am i doing wrong in seting the email or waht please correct my code thanks !

Link to comment
Share on other sites
Jacques1 Prolific Member

Jacques1

Posted
Posted

Hi,

 

“doesn't work” isn't very useful as a problem description. What is the problem? Are you getting an error message? An unexpected result? The infamous white screen? Something else? You need to tell us, because we can't see your screen from here.

 

Either way, the code has a couple of serious issues:

  • Plaintext passwords? Seriously? Even if you don't give a damn about the website, that's just unacceptable. You need to hash the passwords with a strong algorithm like bcrypt. If you have PHP 5.5, the functions are already built into the language. Otherwise, there's a compatibility library.
  • What is this weird strip_tags() doing there? It makes absolutely no sense. It's actually downright harmful, because it mangles the user input. If the user chooses, say, "2$<53Ab!.-" as their password, your strip_tags() truncates it to "2$", because it happens to have a "<" in it. Oops.
  • Why on earth do you put the passwords in the session? Shouldn't you protect them rather then throwing them around? The plaintext passwords don't go anywhere. You store a hash of them in the database, and that's it. Do not put them into the session, a cookie or whatever.
  • The mysql_* functions you're using are obsolete since more than 10 years and will be removed in the future. Nowadays, we use PDO or MySQLi.
Link to comment
Share on other sites
sKunKbad Advanced Member

sKunKbad

Posted
Posted (edited)

There is really nothing simple about an effective, safe, and trustworthy authentication script / class. Having spent hundreds of hours on my own, I can tell you that you aren't going to get a final product worth using unless you have great dedication. Your best option is to pick up a framework that already has an Auth class.

Edited by sKunKbad
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.