Jump to content

Replacing a form after login

trecool999

By trecool999
in PHP Coding Help

 Share

Recommended Posts

smc Regular Member

smc

Posted
Posted
Okay basically here is how it brakes down. Take a look at the code:

[b]login.php[/b]
[code]
if ( isset($username) ){  //This statement says If the variables $username is set, then print the username
print $username; //Print username is another way of saying for PHP to display the text that is stored as the variable $username
}
else {  //Else is saying that if the IF function above didn't apply (ie. $username is NOT set) then carry out these actions
::This is where you will place the HTML for your form I recommend using the following format
require('/realitivepathofyourloginform.php');
}
[/code]

Now obviously you will have to replace the username variable with whatever you have set on your login script. It is difficult to help you without being able to see the entirety of the script your working with. Everyone has a different style of coding
Link to comment
Share on other sites
trecool999 Member

trecool999

Posted
  • Author
Posted
Actually, I didn't code this, I followed a tutorial. I'm not experienced enough to code anything more than <?php echo "Bad use of PHP"; ?>. :(

[quote author=trecool999 link=topic=124327.msg514902#msg514902 date=1169928751]
Ok.

Login HTML:

[code]
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>PSPRock - Welcome!</title>
<style type="text/css">
<!--
#Layer1 {
position:absolute;
left:0;
top:1px;
width:100%;
height:180;
z-index:1;
background-image: url(Images/Site/Backdrop.jpg);
}
body {
background-color: #0099FF;
}
body,td,th {
font-family: Segoe UI;
color: #333333;
}
#Layer2 {
position:absolute;
left:1px;
top:210px;
width:224px;
height:456px;
z-index:2;
}
#Strip {
position:absolute;
left:0px;
top:182px;
width:100%;
height:27;
z-index:3;
background-image: url(Images/Site/StripMiddle.jpg);
}
#Layer3 {
position:absolute;
left:0px;
top:182px;
width:659px;
height:27px;
z-index:4;
}
.style1 {font-size: 14px}
.style2 {color: #666666}
.style3 {color: #333333}
-->
</style>
</head>

<body>
<div id="Layer1"><img src="Images/Site/Logo.jpg" width="700" height="180" /></div>
<div id="Layer2"></div>
<div id="Strip">
  <div align="right">
    <form action="authenticate.php" method="post">
      <span class="style1">Username:</span>
      <input type="text" name="username" size="10">
      <span class="style1">Password:</span>
      <input type="password" name="password" size="10">
<input type="submit" value="Log in" name="submit">
</form>
</div>
</div>
<div class="style1" id="Layer3"><span class="style2"><a href="index.html">Home</a> <span class="style3">-</span> Forums  <span class="style3"></span></span>- <span class="style2">Info</span></div>
</div>
</body>
</html>
[/code]

Login PHP:

[code]
<?php
//Begin PHP file authenticate.php

//Retrieve the data the form passed us. All form data passed to PHP
//will be in the super global array, $_REQUEST. This is automatically
//set for you by PHP (depending on version) You can also use
//$_POST or $_GET autoglobals, but for the sake of learning use the one
//below
$user = $_REQUEST['username'];//get username from form
$pass = $_REQUEST['password'];//get password from form

//Now strip away an potentially harmful code:
$user=strip_tags($user);
$pass=strip_tags($pass);

//To foil any possible attempts at SQL injection, do the following function
//$variable=str_replace("what to look for","what to replace it with",$what_variable_to_use);

//Now use the replace function on our variables
$user=str_replace(" ","",$user);//remove spaces from username
$pass=str_replace(" ","",$pass);//remove spaces from password
$user=str_replace("%20","",$user);//remove escaped spaces from username
$pass=str_replace("%20","",$pass);//remove escaped spaces from password



//And finally, add slashes to escape things like quotes and apostrophes
//because they can be used to hijack SQL statements!
//use the function, addslashes(), pretty self explanatory
$user=addslashes($user);//remove spaces from username
$pass=addslashes($pass);//remove spaces from password
//First, we need to connect to the server
//the format is $connection = mysql_connect("address","username","password");
$conn = mysql_connect("localhost","trecool999_user","*password*");

//now choose the database to use
mysql_select_db("trecool999_user");

//Remember how we encrypted the password in step 1? Well we do
//the same thing here. We stored the encrypted password
//so it couldn't be stolen, but to check what was entered as
//the password, we encrypt it, then check it against the
//encrypted password in the database. This is pretty standard.
//almost EVERY site is going to use a 32 character md5 hash or
//an 8 character cipher with a 2 character salt. Don't worry
//about what that means :)
$pass=md5($pass);

//the function md5 creates a unique 32 character string,
//no matter what the length of the data you encrypt!

//Search for a password  AND username match, then return a value
//of true if we get any results
$request = "SELECT * FROM users WHERE password='".$pass."' AND username='".$user."'";

//Pass the request to the mysql connection,
//and the data is returned in a blob and
//saved in $results
$results = mysql_query($request,$conn);


//if mysql returns any number of rows great than 0, we know we had a match,
//right? Right.
if(mysql_num_rows($results))//function returns true if any matches are found
{
    echo "Hello ".$user.", please wait to be redirected...";
$_SESSION['user'] = $user;
$_SESSION['auth'] = true;
}
else
{
echo "Connection failed, please try again.";
$_SESSION['auth'] = false;
}


//End PHP file authenticate.php
?>
[/code]

Register HTML:

[code]
<form action="signup.php" method="post">
  <p>Username:
    <input type="text" name="username" size="10">
    <br>
    Password: 
    <input type="password" name="password" size="10">
    <br>
    <input type="submit" value="submit" name="submit">
  </p>
  </form>
[/code]

Register PHP:

[code]
<?php
//Begin PHP file signup.php

//Retrieve the data the form passed us. All form data passed to PHP
//will be in the super global array, $_REQUEST. This is automatically
//set for you by PHP (depending on version) You can also use
//$_POST or $_GET autoglobals, but for the sake of learning use the one
//below
$user = $_REQUEST['username'];//get username from form
$pass = $_REQUEST['password'];//get password from form

//Now strip away an potentially harmful code:
$user=strip_tags($user);
$pass=strip_tags($pass);

//To foil any possible attempts at SQL injection, do the following function
//$variable=str_replace("what to look for","what to replace it with",$what_variable_to_use);

//Now use the replace function on our variables
$user=str_replace(" ","",$user);//remove spaces from username
$pass=str_replace(" ","",$pass);//remove spaces from password
$user=str_replace("%20","",$user);//remove escaped spaces from username
$pass=str_replace("%20","",$pass);//remove escaped spaces from password



//And finally, add slashes to escape things like quotes and apostrophes
//because they can be used to hijack SQL statements!
//use the function, addslashes(), pretty self explanatory
$user=addslashes($user);//remove spaces from username
$pass=addslashes($pass);//remove spaces from password


//Now, after all that replacing, see if the password or username less than the required length
//Note that it is good to require a minimum pass/user length to provide greater security
$min_len = 6;

if(strlen($user) < $min_len || strlen($pass) < $min_len)
{
die("User/password was not long enough!");//Kick us out of PHP
}
//First, we need to connect to the server
//the format is $connection = mysql_connect("address","username","password");
$conn = mysql_connect("localhost","trecool999_user","*password*");

//now choose the database to use
mysql_select_db("trecool999_user");

//encrypt the users password so it cannot be retrieved by anyone!
$pass=md5($pass);

//the function md5 creates a unique 32 character string,
//no matter what the length of the data you encrypt!

//Save the request in SQL syntax to a string
$request = "INSERT INTO users values(0,'".$user."','".$pass."')";

//Pass the request to the mysql connection,
//and the data is returned in a blob and
//saved in $results
$results = mysql_query($request,$conn);

if($results)
{
echo "User account created";
}
else
{
echo "There was an error. The user account was not created.";
}


//End PHP file signup.php
?>
[/code]

Someone help quickly! I only have 1 hour and 43 minutes til' I have to go to bed! 13 isn't the best age for going at late times  :-[.
[/quote]
Link to comment
Share on other sites
AXiSS Member

AXiSS

Posted
Posted
I don't know your exact situation, but I don't think you need this finished in one night. So I'd suggest getting a book on PHP or try some intelligent form of learning to understand what PHP is and how it works. I've been working with PHP for over a month now and only today did I accomplish what you are asking to learn in a few hours.
Link to comment
Share on other sites
Daney11 Regular Member

Daney11

Posted
Posted
In every single script you have using your website use

[code]
<?php

session_start();

?>
[/code]

Then, use something like this....

Login.php
[code]
<form method="post" action="login.php">
<table width="98%" align="center">
<?
   

if (isset($HTTP_POST_VARS['user_name']) && isset($HTTP_POST_VARS['user_password']))

{

$user_name = $HTTP_POST_VARS['user_name'];
$user_password = $HTTP_POST_VARS['user_password'];

$query = 'SELECT * FROM table ' ."where user_name='$user_name' "." and user_password='$user_password'";
$result = mysql_query($query);

if (mysql_num_rows($result) >0 )

{

$HTTP_SESSION_VARS['valid_user'] = $user_name;

}

}

if (isset($HTTP_SESSION_VARS['valid_user']))

{

Echo '<table width="50%" align="center"><tr><td width="615" height="21" valign="top" align="center">Welcome '.$HTTP_SESSION_VARS['valid_user'].'</td></tr></table>';

mysql_query("UPDATE table SET user_loggedin=user_loggedin+1 WHERE user_name = '".$HTTP_SESSION_VARS['valid_user']."'");

}
 
else

{

if (isset($user_name))

{
 
Echo("<td height=\"22\" align=\"center\" colspan=\"2\" valign=\"middle\" style=\"BORDER-RIGHT: #808080 1px solid; BORDER-TOP: #808080 1px solid; BORDER-LEFT: #808080 1px solid; BORDER-BOTTOM: #808080 1px solid; BORDER-COLLAPSE: collapse; BACKGROUND-COLOR: #181D2B\">&nbsp;<strong>You Could Not Be Logged In</strong></td>");

}

?>
<tr>
<td style="BORDER-RIGHT: #808080 1px solid; BORDER-TOP: #808080 1px solid; BORDER-LEFT: #808080 1px solid; BORDER-BOTTOM: #808080 1px solid; BORDER-COLLAPSE: collapse; BACKGROUND-COLOR: #181D2B" width="49%" height="22" valign="middle">&nbsp;<strong>Username:</strong></td>
<td style="BORDER-RIGHT: #808080 1px solid; BORDER-TOP: #808080 1px solid; BORDER-LEFT: #808080 1px solid; BORDER-BOTTOM: #808080 1px solid; BORDER-COLLAPSE: collapse; BACKGROUND-COLOR: #181D2B" width="49%" height="22"><input class="temptable1" type="text" name="user_name"></td>
</tr>
<tr>
<td style="BORDER-RIGHT: #808080 1px solid; BORDER-TOP: #808080 1px solid; BORDER-LEFT: #808080 1px solid; BORDER-BOTTOM: #808080 1px solid; BORDER-COLLAPSE: collapse; BACKGROUND-COLOR: #181D2B" width="49%" height="22" valign="middle">&nbsp;<strong>Password:</strong></td>
<td style="BORDER-RIGHT: #808080 1px solid; BORDER-TOP: #808080 1px solid; BORDER-LEFT: #808080 1px solid; BORDER-BOTTOM: #808080 1px solid; BORDER-COLLAPSE: collapse; BACKGROUND-COLOR: #181D2B" width="49%" height="22"><input type="password" name="user_password"></td>
</tr>
<tr>
<td style="BORDER-RIGHT: #808080 1px solid; BORDER-TOP: #808080 1px solid; BORDER-LEFT: #808080 1px solid; BORDER-BOTTOM: #808080 1px solid; BORDER-COLLAPSE: collapse; BACKGROUND-COLOR: #181D2B" width="49%" height="22" valign="middle">&nbsp;<strong><a href="forgot_password.php">Forgot Password?</a></strong></td>
<td style="BORDER-RIGHT: #808080 1px solid; BORDER-TOP: #808080 1px solid; BORDER-LEFT: #808080 1px solid; BORDER-BOTTOM: #808080 1px solid; BORDER-COLLAPSE: collapse; BACKGROUND-COLOR: #181D2B" width="49%" height="22"><input class="forminput2" type="submit" value="Login"></td>
<tr>
</table>
</form>

<?

}

?>
[/code]

That Login.php creates a session for the user called 'valid_user'

Then to do what you ask to change the form to it displaying the persons username, use something along the lines of.

[code]
<?php

if (isset($HTTP_SESSION_VARS['valid_user']))
{
?>
<?php
echo $user_name;
?>

<?
}
else
{
?>

<div align="right">
   <form action="authenticate.php" method="post">
     <span class="style1">Username:</span>
     <input type="text" name="username" size="10">
     <span class="style1">Password:</span>
     <input type="password" name="password" size="10">
<input type="submit" value="Log in" name="submit">
</form>
</div>
<?php
}
?>
[/code]

This is a login and session script i used for one of my websites over a year ago and i have just copy and pasted it from my scripts and modified it a little. You may have to modify it youself to fit in with your website and work with the script to make it work ( if it doesnt ), but it should because it did for me.

these are only guidelines.
Link to comment
Share on other sites
trecool999 Member

trecool999

Posted
  • Author
Posted
[quote author=jesirose link=topic=124331.msg514980#msg514980 date=1169936878]
Where you process the login.
[/quote]

I just checked through 'authenticate.php' and it seems it alreayd has '$_SESSION['user'] = $user;'.I guessall I need to do now is start the session on each page right?
Link to comment
Share on other sites
pocobueno1388 Regular Member

pocobueno1388

Posted
Posted
First you need to find yourself some tutorials because you obviously don't have enough PHP knowledge to do what your trying to do. So go to the tutorial section of phpfreaks and read about sessions rather then depending on everyone else to do it for you before you even attemt to figure it out.
Link to comment
Share on other sites
trecool999 Member

trecool999

Posted
  • Author
Posted
[quote author=pocobueno1388 link=topic=124331.msg515002#msg515002 date=1169939355]
First you need to find yourself some tutorials because you obviously don't have enough PHP knowledge to do what your trying to do. So go to the tutorial section of phpfreaks and read about sessions rather then depending on everyone else to do it for you before you even attemt to figure it out.
[/quote]

So 3 hours of google searching on how to create a login, register and MySQL database isn't long enough? My eyes hurt already.
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.