CrazeD Posted February 9, 2007 Share Posted February 9, 2007 I'd like to get some help on creating a register/login script. I know how to do most of it, like send/retrieve data from MySQL, and know my way around basic PHP. What I'm not sure how to do is match a username and password for the login. For instance I can retrieve a username and password, but how do I make it come from the same row? Also, once "logged in", how do I make it different than not logged in? I know a little bit about the session function, but not a lot. I want to be able to make a logged in member show different pages of my website than non-logged in members. Any help in the right direction would be good, thanks. Quote Link to comment Share on other sites More sharing options...
chronister Posted February 9, 2007 Share Posted February 9, 2007 Basically is what you are looking at is this. Username and password is submitted... $_POST or $_GET the data(however you submit the form). If you store your passwords encrypted (md5 recommended), then encrypt the pass, otherwise simply set them into nice variables. $username=$_POST['username']; $password=$_POST['password']; //if you encrypt the pass, do so before setting this var. Then you simply run this query $query="SELECT * FROM users WHERE username='$username' && password='$password'"; $result=mysql($query); $num=mysql_num_rows($result); if($num > 0){ //if its greater than 0, then the username password combo has been found session_start(); $_SESSION['user']=$username echo 'Logged In!'; }else{ echo "That username / password combination was not found, Please Try again"; } On each page you want this user to be logged in at, put a session_start() at the top of the page. If you have 1 file that is included in all your pages, include session_start() in that. Quote Link to comment Share on other sites More sharing options...
CrazeD Posted February 9, 2007 Author Share Posted February 9, 2007 Thanks a bunch! Now, how can I make it so a logged in user can see different things? For example, say I want only logged in users to see "loggedin.php", how is this possible? Thanks. Quote Link to comment Share on other sites More sharing options...
noobstar Posted February 9, 2007 Share Posted February 9, 2007 Login script: $query="SELECT * FROM users WHERE username='$username' && password='$password'"; $result=mysql($query); $num=mysql_num_rows($result); if($num > 0){ //if its greater than 0, then the username password combo has been found session_start(); $_SESSION['user']=$username header("Location: members.php"); // This will direct them to a members page <== }else{ echo "That username / password combination was not found, Please Try again"; } Members page: if(!$_SESSION['user']) { header("Location: index.php"); // if the the session is empty it redirects them to the normal area till they log in } else { echo "Welcome to your Member Area"; // if the session is active it shows this } This is one really quik way of doing it Quote Link to comment Share on other sites More sharing options...
CrazeD Posted February 9, 2007 Author Share Posted February 9, 2007 EDIT: Nevermind I think I get it. I will try to write this script and I'll post back if I run into problems. Thanks for the help. Quote Link to comment Share on other sites More sharing options...
CrazeD Posted February 9, 2007 Author Share Posted February 9, 2007 I keep getting "Parse error: syntax error, unexpected T_STRING" on line 17. Line 17: header ('Location: members.php'); What's wrong? Quote Link to comment Share on other sites More sharing options...
chronister Posted February 9, 2007 Share Posted February 9, 2007 Look at line 16 Most syntax errors are because of a missing or extra ; or } or " or ' You probably have a missing ; at the end of line 16 Quote Link to comment Share on other sites More sharing options...
The Little Guy Posted February 9, 2007 Share Posted February 9, 2007 http://snippets.tzfiles.com/snippet.php?id=4 Quote Link to comment Share on other sites More sharing options...
CrazeD Posted February 9, 2007 Author Share Posted February 9, 2007 Thanks, you're right I forgot a semi-colon on line 16. Early morning coding sucks. >_> Quote Link to comment Share on other sites More sharing options...
CrazeD Posted February 11, 2007 Author Share Posted February 11, 2007 Ok I've finally got some time to work on this. I'm getting a problem here, on the script that handles getting info from the table. "Warning: Wrong parameter count for mysql() in /www/110mb.com/c/r/a/z/e/d/_/_/crazed/htdocs/login/login.php on line 10 Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /www/110mb.com/c/r/a/z/e/d/_/_/crazed/htdocs/login/login.php on line 11" Code: <?php require_once('db/mysql.php'); if ( isset ($_POST['submit']) ) { if ( (!empty ($_POST['username'])) && (!empty ($_POST['password'])) ) { $query = "SELECT * FROM pr0n_members WHERE username='$username' && password='$password'"; $result=mysql($query); $num=mysql_num_rows($result); if($num > 0) { session_start (); $_SESSION['user']=$username; header ('Location: members.php'); exit(); } else { print '<p>That username/password combination could not be found, please try again!</p>'; } } else { print '<p>Please make sure you enter both a username and a password!</p>'; } } else { print '<form action="login.php" method="post"> <p>Username: <input type="text" name="username" /><br /> Password: <input type="password" name="password" /><br /><br /> <input type="submit" name="submit" value="Login" /></p></form>'; } ?> What's up with this? Quote Link to comment Share on other sites More sharing options...
alpine Posted February 11, 2007 Share Posted February 11, 2007 Inside you query, ditch the &&, use AND $query = "SELECT * FROM pr0n_members WHERE username='$username' AND password='$password'"; Quote Link to comment Share on other sites More sharing options...
CrazeD Posted February 11, 2007 Author Share Posted February 11, 2007 I found the problem. I changed $result=mysql($query); , to, $result=mysql_query($query); . That fixed one thing, but now I'm getting: "That username/password combination could not be found, please try again!" So, it's not reading the username/pass from the MySQL table I'm guessing. Here's the file I made for creating the table: <?php require_once('mysql.php'); $query = 'CREATE TABLE pr0n_members ( id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, username VARCHAR(100) NOT NULL UNIQUE KEY, password VARCHAR(100) NOT NULL )'; if (@mysql_query ($query)) { print '<p>Table installed successfully</p>'; } else { die ('Error: <b>' . mysql_error() . '</b>'); } mysql_close(); ?> Does anyone see anything wrong here? By the way "apline", I tried what you said and that didn't work either. Quote Link to comment Share on other sites More sharing options...
alpine Posted February 11, 2007 Share Posted February 11, 2007 well drace, did you try it after the mysql_query correction? And, is the password encrypted in the table? If so, u need to match encrypted post-value against the stored db-value Quote Link to comment Share on other sites More sharing options...
CrazeD Posted February 11, 2007 Author Share Posted February 11, 2007 I guess the password is encrypted. On the register form I made, I just did <input type="password" name="password" /> . Can you tell me how I compensate for it being encrypted? I'm not sure how. Thanks. Quote Link to comment Share on other sites More sharing options...
CrazeD Posted February 11, 2007 Author Share Posted February 11, 2007 Never mind I figured that part out. I think I pretty much have figured out what I wanted to know with this login system I'm making, but I'm going to leave the thread unsolved for now in case I run into any more problems. Thanks a lot so far guys. Quote Link to comment Share on other sites More sharing options...
CrazeD Posted February 11, 2007 Author Share Posted February 11, 2007 EDIT: Never mind figured it out. I'll post anymore problems I come across. I'm almost done though. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.