PHP - SQL Help

[john-iom]

Hey all I'm quite new to PHP and SQL and could do with bit of help.

 

What I need help on is making a register page for users to become members to my website. Also, how would you code the login in script?

 

Would you have to  query a search for the user name to see if it exists and then compare the user with the password?

 

Also, how would I code a website page which allows me to change all the content on the website without actually coding any html? Would the answer to do that is just store the content on the MySQL database?

 

[MadTechie]

Hey all I'm quite new to PHP and SQL and could do with bit of help.

Welcome 

 

What I need help on is making a register page for users to become members to my website. Also, how would you code the login in script?

 

Would you have to  query a search for the user name to see if it exists and then compare the user with the password?

 

get the username & password, find it in the database where username = $_post['user'] and password = md5($_post['pass']);, of course your need to add the md5 to inserting the users

 

 

Also, how would I code a website page which allows me to change all the content on the website without actually coding any html? Would the answer to do that is just store the content on the MySQL database?

 

storing in a database is one option, (i would choose that)

 

website without actually coding any html?

 

erm.. ok BBcodes may help here..

[heckenschutze]

Yes you could store all the information in a database, its called a CMS, Content Management System...

 

Just remember its only going to be as flexible as you make it.

 

[john-iom]

Hey thanks. What would have to program once someone has filled in a form like user name, email, password address etc?, would you just use

 form action 

? and sumbit it to the database or is it bit more complex then that?

[heckenschutze]

Something like that yes, theres a few tutorials on phpfreaks.com

[john-iom]

hey thanks. I been searching on the net to and i got a example does that look right?, allthought i using dreamweaver 8 and I cant see the form (user name n password).

 

<?
session_start(); 
include("database.php");

/**
* Returns true if the username has been taken
* by another user, false otherwise.
*/
function usernameTaken($username){
   global $conn;
   if(!get_magic_quotes_gpc()){
      $username = addslashes($username);
   }
   $q = "select username from users where username = '$username'";
   $result = mysql_query($q,$conn);
   return (mysql_numrows($result) > 0);
}

/**
* Inserts the given (username, password) pair
* into the database. Returns true on success,
* false otherwise.
*/
function addNewUser($username, $password){
   global $conn;
   $q = "INSERT INTO users VALUES ('$username', '$password')";
   return mysql_query($q,$conn);
}

/**
* Displays the appropriate message to the user
* after the registration attempt. It displays a 
* success or failure status depending on a
* session variable set during registration.
*/
function displayStatus(){
   $uname = $_SESSION['reguname'];
   if($_SESSION['regresult']){
?>

<h1>Registered!</h1>
<p>Thank you <b><? echo $uname; ?></b>, your information has been added to the database, you may now <a href="main.php" title="Login">log in</a>.</p>

<?
   }
   else{
?>

<h1>Registration Failed</h1>
<p>We're sorry, but an error has occurred and your registration for the username <b><? echo $uname; ?></b>, could not be completed.<br>
Please try again at a later time.</p>

<?
   }
   unset($_SESSION['reguname']);
   unset($_SESSION['registered']);
   unset($_SESSION['regresult']);
}

if(isset($_SESSION['registered'])){
/**
* This is the page that will be displayed after the
* registration has been attempted.
*/
?>

<html>
<title>Registration Page</title>
<body>

<? displayStatus(); ?>

</body>
</html>

<?
   return;
}

/**
* Determines whether or not to show to sign-up form
* based on whether the form has been submitted, if it
* has, check the database for consistency and create
* the new account.
*/
if(isset($_POST['subjoin'])){
   /* Make sure all fields were entered */
   if(!$_POST['user'] || !$_POST['pass']){
      die('You didn\'t fill in a required field.');
   }

   /* Spruce up username, check length */
   $_POST['user'] = trim($_POST['user']);
   if(strlen($_POST['user']) > 30){
      die("Sorry, the username is longer than 30 characters, please shorten it.");
   }

   /* Check if username is already in use */
   if(usernameTaken($_POST['user'])){
      $use = $_POST['user'];
      die("Sorry, the username: <strong>$use</strong> is already taken, please pick another one.");
   }

   /* Add the new account to the database */
   $md5pass = md5($_POST['pass']);
   $_SESSION['reguname'] = $_POST['user'];
   $_SESSION['regresult'] = addNewUser($_POST['user'], $md5pass);
   $_SESSION['registered'] = true;
   echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[php_SELF]\">";
   return;
}
else{
/**
* This is the page with the sign-up form, the names
* of the input fields are important and should not
* be changed.
*/
?>

<html>
<title>Registration Page</title>
<body>
<h1>Register</h1>
<form action="<? echo $HTTP_SERVER_VARS['PHP_SELF']; ?>" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="subjoin" value="Join!"></td></tr>
</table>
</form>
</body>
</html>