PHP - Registration/Login Script Request

Status
Not open for further replies.
M

masterjake

New Member
Messages
73
Reaction score
0
Points
0
On my last site, I had a register and login system plus a lot more stuff that I added. The only problem was that my login script seemed to only work on any browser other than Internet Explorer. I've heard of this probelm before but do not know what it is caused from. Can someone please post a working php registration and login system compatible with all browsers and tested before posted. That would be wonderful ;)
 
S

sunils

New Member
Messages
2,266
Reaction score
0
Points
0
hi, check out my site http://sunils.x10hosting.com it has a registration and login script. but it is not affected by the problem that you say. I can help you, can u mail/post the script that you used so that i can do the changes.
 
B

Bobswat

New Member
Messages
104
Reaction score
0
Points
0
I would be glad to make one for you. Are you using MySQL? if you are, what fields would like like to keep track of besides the obvious username/password/email? PM me with the details and I could have it back to you the same day, most likely in a few minutes if I'm online.

Hope to hear from you soon!
 
M

masterjake

New Member
Messages
73
Reaction score
0
Points
0
Thanks both of you, here are my sources:


Register:
<?php

$c = mysql_connect(host,user,pass) or die(mysql_error());
$d = mysql_select_db(dbname,$c);

function protect($value){
$value = mysql_real_escape_string($value);
$value = stripslashes($value);
$value = strip_tags($value);
}

$action = $_GET['act'];
protect($action);


if(!$action){
echo "<table border=0 cellspacing=3 cellpadding=3>\n
<form name=register method=post action=\"register.php?act=register\">\n
<tr><td>Username</td><td><input type=text name=username maxlength=32>\n</td></tr>\n
<tr><td>Password</td><td><input type=password name=password maxlength=64>\n</td></tr>\n
<tr><td>Confirm</td><td><input type=password name=passconf maxlength=64>\n</td></tr>\n
<tr><td>E-Mail</td><td><input type=text name=email>\n</td></tr>\n
<tr><td>Confirm</td><td><input type=text name=econf>\n</td></tr>\n
<tr><td colspan=2 align=right>About You</td></tr>\n
<tr><td>Birthday (Day)</td><td><select name=day>\n";

for($i=1;$i<32;$i++){
echo "<option value=\"$i\">$i</option>\n";
}
echo "</select></td></tr>\n
<tr><td>Birthday (Month)</td><td><select name=month>\n";
for($i=1;$i<13;$i++){
echo "<option value=\"$i\">$i</option>\n";
}
echo "</select></td></tr>\n
<tr><td>Birthday (Year)</td><td><select name=year>\n";
for($i=1994;$i>1900;$i--){
echo "<option value=\"$i\">$i</option>\n";
}
echo "</select></td></tr>\n
<tr><td>Your Name</td><td><input type=text name=name maxlength=32>\n
<tr><td colspan=2 align=right><input type=submit value=\"Register\">\n";
}

if($action == "register"){
$username = $_POST['username'];
$password = $_POST['password'];
$passconf = $_POST['passconf'];
$email = $_POST['email'];
$econf = $_POST['econf'];
$day = $_POST['day'];
$month = $_POST['month'];
$year = $_POST['year'];
$name = $_POST['name'];
protect($username);
protect($password);
protect($passconf);
protect($email);
protect($econf);
protect($day);
protect($month);
protect($year);
protect($name);

if(isset($username) && isset($password) && isset($passconf) && isset($email) && isset($econf) && isset($day) && isset($month) && isset($year) && isset($name)){

if(strlen($username) < 3 || strlen($username) > 32){
echo "username is either too short or too long\n";
}else {
if(strlen($password) < 3 || strlen($password) > 64){
echo "password is either too short or too long\n";
}else {
if(strlen($email) < 3 || strlen($email) > 125){
echo "email is either too short or too long\n";
}else {
if(strlen($name) < 2 || strlen($name) > 64){
echo "your name is either too short or too long\n";
}else {
if(!is_numeric($day) || !is_numeric($month) || !is_numeric($year)){
echo "you entered an invalid birthday\n";
}else {
if($day < 1 || $day > 31){
echo "your birthday (day) is invalid\n";
}else {
if($month < 1 || $month > 12){
echo "your birthday (month) is invalid\n";
}else {
if($year < 1901 || $year > 1994){
echo "your birthday (year) is invalid\n";
}else {
$array = array('.');
$math = $year/4;
if((in_array($math,$array)) && $day > "28" && $month == "2"){
echo "your birthday does not exist\n";
}else {
if($password != $passconf){
echo "your passwords do not match\n";
}else {
if($email != $econf){
echo "your emails do not match\n";
}else {
$checkemail = "/^[a-z0-9]+([_\\.-][a-z0-9]+)*@([a-z0-9]+([\.-][a-z0-9]+)*)+\\.[a-z]{2,}$/i";
if(!preg_match($checkemail,$email)){
echo "the email you entered is incorrect";
}else {
$sql = "SELECT * FROM `users` WHERE `username` ='$username'";
$res = mysql_query($sql) or die(mysql_error());
if(mysql_num_rows($res) > 0){
echo "this username already exists";
}else {
$sql = "SELECT * FROM `users` WHERE `email` ='$email'";
$res = mysql_query($sql) or die(mysql_error());
if(mysql_num_rows($res) > 0){
echo "the email you supplied is already in use";
}else {
$sql = "SELECT * FROM `users` WHERE `ip` ='$_SERVER[REMOTE_ADDR]'";
$res = mysql_query($sql) or die(mysql_error());
if(mysql_num_rows($res) > 0){
echo "your ip is already in use";
}else {
$password = md5($password);
$bday = "$month/$day/$year";
$date = date("F j, Y @ g:i:s a");
$ip = $_SERVER['REMOTE_ADDR'];
$sql = "INSERT INTO `users` (`username` , `password` , `email` , `ip` , `name` , `bday` , `date` )VALUES ('$username', '$password', '$email', '$ip', '$name', '$bday', '$date');";
$res = mysql_query($sql) or die(mysql_error());
echo "thank you for registering, you may now login\n";
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}

}
?>
Click to expand...



SQL Dump:
CREATE TABLE `users` (
`id` int(11) NOT NULL auto_increment,
`username` varchar(255) collate latin1_general_ci NOT NULL,
`password` varchar(255) collate latin1_general_ci NOT NULL,
`email` varchar(255) collate latin1_general_ci NOT NULL,
`ip` varchar(255) collate latin1_general_ci NOT NULL,
`name` varchar(255) collate latin1_general_ci NOT NULL,
`bday` varchar(255) collate latin1_general_ci NOT NULL,
`date` varchar(255) collate latin1_general_ci NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=1 ;
Click to expand...



Login:
<?php

$connection = mysql_connect(localhost, prefix_user, password);
$db = mysql_select_db(prefix_dbname, $connection);

$sql = "SELECT id FROM user
WHERE username='$_POST[username]'
AND password='$_POST[password]'";

$result = mysql_query($sql);
$num = mysql_num_rows($result);

if ($num > 0) {
//USER AND PASS ARE CORRECT
$id = mysql_fetch_assoc($result);

setcookie("auth", "yes", time()+3600);
setcookie("id", $id['id']);
setcookie("username", $id['username']);

header ("Location: main.php");

}else {
header ("Location: incorrect.php");
};

?>
Click to expand...


I originally tried the login like that but didn't really know how to use it. I afterwards used session_start(); and stuff but still the same problem. Please help!!!
 
A

Adam01

New Member
Messages
114
Reaction score
0
Points
0
I swear i didnt write that much lol.
what does the Protect(); thing do?
 
Last edited:
S

sunils

New Member
Messages
2,266
Reaction score
0
Points
0
Hi,

This is wat i have modified. it will work. do the necessary changes like mysql host name, db username .db password, and database name at the required places only. Post wheather it was helpfull..


register.php
Code: 
<?php

$d = mysql_connect("localhost", "dbusername","dbuserpassword");
mysql_select_db("databasename",$d);

$action = $_POST['reg'];

if(!$action)
{
    echo "<table border=0 cellspacing=3 cellpadding=3>\n<form name=register method=post action=\"\"><input type=\"hidden\" name=\"reg\" id=\"reg\" value=\"reg\">\n<tr><td>Username</td><td><input type=text name=username maxlength=32>\n</td></tr>\n<tr><td>Password</td><td><input type=password name=password maxlength=64>\n</td></tr>\n<tr><td>Confirm</td><td><input type=password name=passconf maxlength=64>\n</td></tr>\n<tr><td>E-Mail</td><td><input type=text name=email>\n</td></tr>\n<tr><td>Confirm</td><td><input type=text name=econf>\n</td></tr>\n<tr><td colspan=2 align=right>About You</td></tr>\n<tr><td>Birthday (Day)</td><td><select name=day>\n";

    for($i=1;$i<32;$i++)
    {
        echo "<option value=\"$i\">$i</option>\n";
    }
    
    echo "</select></td></tr>\n<tr><td>Birthday (Month)</td><td><select name=month>\n";
    
    for($i=1;$i<13;$i++)
    {
        echo "<option value=\"$i\">$i</option>\n";
    }
    
    echo "</select></td></tr>\n<tr><td>Birthday (Year)</td><td><select name=year>\n";

    for($i=1994;$i>1900;$i--)
    {
        echo "<option value=\"$i\">$i</option>\n";
    }
    
    echo "</select></td></tr>\n<tr><td>Your Name</td><td><input type=text name=name maxlength=32>\n<tr><td colspan=2 align=right><input type=submit value=\"Register\">\n";
}

if($action == "reg")
{
    $username = $_POST['username'];
    $password = $_POST['password'];
    $passconf = $_POST['passconf'];
    $email = $_POST['email'];
    $econf = $_POST['econf'];
    $day = $_POST['day'];
    $month = $_POST['month'];
    $year = $_POST['year'];
    $name = $_POST['name'];

    if(isset($username) && isset($password) && isset($passconf) && isset($email) && isset($econf) && isset($day) && isset($month) && isset($year) && isset($name))
    {

        if(strlen($username) < 3 || strlen($username) > 32)
        {
            echo "username is either too short or too long\n";
        }
        elseif(strlen($password) < 3 || strlen($password) > 64)
        {
            echo "password is either too short or too long\n";
        }
        elseif(strlen($email) < 3 || strlen($email) > 125)
        {
            echo "email is either too short or too long\n";
        }
        elseif(strlen($name) < 2 || strlen($name) > 64)
        {
            echo "your name is either too short or too long\n";
        }
        elseif(!is_numeric($day) || !is_numeric($month) || !is_numeric($year))
        {
            echo "you entered an invalid birthday\n";
        }
        elseif($day < 1 || $day > 31)
        {
            echo "your birthday (day) is invalid\n";
        }
        elseif($month < 1 || $month > 12)
        {
            echo "your birthday (month) is invalid\n";
        }
        elseif($year < 1901 || $year > 1994)
        {
            echo "your birthday (year) is invalid\n";
        }
        else 
        {
            $array = array('.');
            $math = $year/4;
            if((in_array($math,$array)) && $day > "28" && $month == "2")
            {
                echo "your birthday does not exist\n";
            }
            elseif($password != $passconf)
            {
                echo "your passwords do not match\n";
            }
            elseif($email != $econf)
            {
                echo "your emails do not match\n";
            }
            else
            {
                $checkemail = "/^[a-z0-9]+([_\\.-][a-z0-9]+)*@([a-z0-9]+([\.-][a-z0-9]+)*)+\\.[a-z]{2,}$/i";
                if(!preg_match($checkemail,$email))
                {
                    echo "the email you entered is incorrect";
                }
                else 
                {
                    $sql = "SELECT * FROM users WHERE username ='".$username."' or email='".$email."' or ip='".$_SERVER[REMOTE_ADDR]."'";
                    $res = mysql_query($sql,$d) or die(mysql_error());
                    if($newArray=mysql_fetch_array($res))
                    {
                        if($newArray["username"]== $username)
                        {
                            echo "this username already exists";
                        }
                        elseif($newArray["email"]== $email) 
                        {
                            echo "the email you supplied is already in use";
                        }
                        elseif($newArray["ip"]== $_SERVER[REMOTE_ADDR])
                        {
                            echo "your ip is already in use";
                        }
                    }
                    else
                    {
                        $password = md5($password);
                        $bday = "$month/$day/$year";
                        $date = date("F j, Y @ g:i:s a");
                        $ip = $_SERVER['REMOTE_ADDR'];
                        
                        $sql = "INSERT INTO `users` (`username` , `password` , `email` , `ip` , `name` , `bday` , `date` )VALUES ('$username', '$password', '$email', '$ip', '$name', '$bday', '$date');";
                        $res = mysql_query($sql,$d) or die(mysql_error());
                        
                        echo "thank you for registering, you may now login\n";
                    }
                }
            }
        }
    }
}
?>


loginverification code :-

Code: 
<?php

$db = mysql_connect("localhost", "dbusername","dbuserpassword");
mysql_select_db("databasename",$db);

$sql = "SELECT id FROM user WHERE username='$_POST[username]' AND password='$_POST[password]'";

$row  =  mysql_fetch_array(mysql_query($sql,$db));

if($row['id']!=NULL)
{
    setcookie("auth", "yes", time()+3600);
    setcookie("id", $row['id']);
    setcookie("username", $row['username']);
    header ("Location: main.php");
}
else
{
    header ("Location: incorrect.php");
}
?>

Thank you,
 
Status
Not open for further replies.
Top