Question about login systems and my site

Status
Not open for further replies.
Jarryd

Jarryd

Community Advocate
Community Support
Messages
5,534
Reaction score
43
Points
48
Hey everyone, i am just here wondering a few things about my site, the domain is http://sheeplist.exofire.net

I am using a Corperate Ad-Enhanced Package.

Basically, i know it's not a great site just yet, it's just a basic 'template' to work around, and make it look better later, (I am kinda bad at html and php and stuff aswell so it wont be awsome). The main thing im wondering is if the ads are okay where they are? Or if not, where should they be placed, and how to place them, i read the ads topics and i think i've done it right, but i just wanted to make sure, also...i would appreciate any feedback or suggestions on features i could add, which leads me to my next topic to talk about.

Considering i am pretty new to website design and creation, i don't know much, but i am looking to add a simple Login system, so people can become members on my site, and be able to login and basic things like that, then i could make it that only members would be able to download files and such, just for that extra touch of security...But i am very unsure of what i would need to make a login system and member system, i'm not sure what programs (if any) scripts or code i will need. Any help with this matter would be appreciated greatly, i am quite unsure on it all because i am new to it, there is a good chance that i'll probably be told to learn php before even attempting it, but i am hoping that maybe i will get lucky and find someone to help me out for it (I would give them FULL credit for it) and hope they could stick by me while it's implemented and tested.

Kind Regards, Jarryd.
 
Zenax

Zenax

Active Member
Messages
1,377
Reaction score
4
Points
38
OK, first things first. If anything I mention here is unclear just gimme a shout via PM.

Secondly, since you are on the Corperate package your ads must be in sight when you first visit the page. This means that you must not have to scroll to view them. I would reccommend you to place them somewhere like just above the title.

Second of all, I am not very good at PHP but I have an old login system that you can take a look at. Just simply use the code from below.

config.php - The file containing all your connection details
PHP: 
<?php

$config[1] = 'localhost'; // Leave this as localhost. This is important.
$config[2] = ''; // Place your username in between the ' '
$config[3] = ''; // Place your password between the ' '
$config[4] = ''; // Place the name of your database here. It normally begins with a prefix which is your cpanel username.

// Creates a connection to the database
$connect = mysql_connect($config[1], $config[2], $config[3])
	or die ('Cannot connect to the server because '. mysql_error());

// This selects the database
$select = mysql_select_db($config[4], $connect)
	or die ('Cannot select the database because '. mysql_error());
	
?>

login.php - The file that allows people to log in. It also checks to see if they are already logged in or not

PHP: 
<?php
session_start();

// Require once the DB script
   require_once ($_SERVER['DOCUMENT_ROOT']. 'config.php');

   if ($_POST['loginSubmit']) {
      // You *always!* need to validate user-supplied data when using it in MySQL queries!!
      // This isn't 100% secure, but it's definitely better than having nothing and being vulnerable to SQL injection.
      if(get_magic_quotes_gpc()) {
         if(ini_get('magic_quotes_sybase')) {
             $username = str_replace("''", "'", $_POST['username']);
             $password = str_replace("''", "'", $_POST['password']);
         } else {
             $username = stripslashes($_POST['username']);
             $password = stripslashes($_POST['password']);
         }
      } else {
          $username = $_POST['username'];
          $password = $_POST['password'];
      }
      $username = mysql_real_escape_string($username);
      $password = mysql_real_escape_string($password);
      
      $check = mysql_query("SELECT * FROM `users` WHERE `users` = '$username' and `password` = '$password' LIMIT 1");
      
      // Counting the table row
      // If the result is matched then $username, $password must be row 1
      $count = @mysql_num_rows($check);
      
      // Logged in!
      if ($count == (int) 1) {
         $_SESSION['site_username'] = $username;
         $_SESSION['site_password'] = $password;
         
         echo '
<div align="center">	


<table width="90%" border="0" cellspacing="0" cellpadding="5">
<tr>
<td>


Welcome '. $_SESSION['site_username'] .'. You are now logged in!<br /><a href="members">Click Here to Continue</a><br /><a href="logout.php">Click here to logout if you want to now!</a>

</td>
</tr>

</table>

</div>
';

         $_GET['do'] = 'manualUnset';
         // Do whatever ?
      }
      else {
         echo 'Error: Wrong username or password specified. <br />';
      }
   }

   // If $_GET['do'] is set to 'manualUnset', do not show login form, user already logged in.
   switch ($_GET['do']) {
      case 'manualUnset':
         break;
      default:
?>


<div align="center">


    <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
    <table width="90%" border="0" cellspacing="0" cellpadding="5">
     <tr>
      <td>Username:</td>
      <td>Password:</td>
     </tr>
     <tr>
      <td><input type="text" name="username" /></td>
      <td><input type="password" name="password" /> &nbsp; <input name="loginSubmit" type="submit" value="Login" class="button" />
	</tr>
	
	<tr>
	
	<td>
		<?php
      		break;
   			}
		?>

	</td>
     </tr>
    </table>
    </form>
 


</div>

register.php - This file allows people to register

PHP: 
<?php
// Start the session
session_start();

// Require once the DB script
   require_once ($_SERVER['DOCUMENT_ROOT']. '/config.php');

   // If user is logged in, show message stating that. If not, display login box.
   if ($_SESSION['site_username']) {
      echo 'Welcome '. $_SESSION['site_username'] .' You cannot register a new account as you are already logged in!';
      echo '<br />';
      if (strtolower($_SESSION['site_username']) == 'admin') {
         echo '<a href="ap">Admin Panel</a> <br />';
      }
      echo '<a href="logout.php">Logout</a>';
   }
   else {
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>ZenCMS :: Login </title>

</head>

<body>



<form action="register_process.php" method="post">
<table width="85%" border="0" cellspacing="5" cellpadding="0">
  <tr>
    <td width="35%">Pick a Username:</td>
    <td width="65%"><input type="text" name="username" size="40" /></td>
  </tr>
  <tr>
    <td>Pick a Password: </td>
    <td><input type="password" name="password" size="40" /></td>
  </tr>
  <tr>
    <td>Please Repeat your Password: </td>
    <td><input type="password" name="passrept" size="40" /></td>
  </tr>
  <tr>
    <td>Enter Your Email Address: </td>
    <td><input name="emailaddy" type="text" id="emailaddy" size="40" /></td>
  </tr>
  <tr>
    <td><a href="index.php">Login here </a></td>
    <td><input name="submit" type="submit" value="Sign Up" /></td>
  </tr>
</table>

</form>



</div>


</body>
</html>


<?php

}

?>

register_process.php - This is the file that does all the working out, like inserting the new data into the database etc.

PHP: 
<?Php
session_start();

if (isset($_POST['submit'])) {

// Require once the DB script
   require_once ($_SERVER['DOCUMENT_ROOT']. '/config.php');

// declaring the variables
$username = $_POST['username'];
$password = md5($_POST['password']);
$passrept = $_POST['passrept'];
$email  = $_POST['emailaddy'];

// stripping HTML tags from the info entered
$username = strip_tags($_POST['username']);
$password = strip_tags($_POST['password']);
$passrept = strip_tags($_POST['passrept']);
$email = strip_tags($_POST['emailaddy']);

$username = stripslashes($_POST['username']);
$password = stripslashes($_POST['password']);
$passrept = stripslashes($_POST['passrept']);
$email = stripslashes($_POST['emailaddy']);

// Checking a username is not already taken
$q = mysql_query("SELECT * FROM users WHERE users = '$username'") or die(mysql_error());
    if(mysql_num_rows($q) > 0)
        {

	echo '<script>alert("The username you entered is already in use, please try again.");</script>';
    echo '<script>history.back(1);</script>';
    exit;

        }
else {

// Checking the two passwords match each other
if ($password != $passrept) {
    echo '<script>alert("The passwords did not match.");</script>';
    echo '<Script>history.back(1);</script>';
    exit;
    
    }
    
// Checking the format of the email address
if (!preg_match("/.*@.*..*/", $email) || preg_match("/(<|>)/", $email)) {
    echo '<script>alert("Invalid Email Address");</script>';
    echo '<script>history.back(1);</script>';
    exit;
    
    }

// inserting the data into the db
$insert = mysql_query("INSERT INTO users VALUES ('". $_POST['username'] ."', '". $_POST['password'] ."', '". $_POST['emailaddy'] ."') ")
    or die("Could not insert data because ".mysql_error());

$_SESSION['site_username'] = $username;
$_SESSION['site_password'] = $password;
    
header( 'Location: success.php' ) ;

}

}

?>

success.php - This is the file that loads when the registration has been a success.

PHP: 
<?php

session_start();

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>

</head>

<body>

<div align="center">



	<form action="login.php" method="post">
    <table width="85%" border="0" cellspacing="0" cellpadding="5">
	    <tr>
	
	      <td>
		  Your registration was successfully completed. <br /> The username you chose was <?php $_SESSION['site_username']; ?> <br />
    	  <a href="members">Click here to proceed to members area </a>		  </td>

        </tr>
	</table>
	</form>


</div>
</body>
</html>
 
Jarryd

Jarryd

Community Advocate
Community Support
Messages
5,534
Reaction score
43
Points
48
Hey, thanks heaps for this reply, i'm really really greatful for you helping me out like that, although, i do have a few questions to ask, if it's not to much trouble, would you be able to help me get it working on my site? I really have no clue when it comes to PHP, i can understand some things, but is there anything i need to edit, and i have no idea where to place files, whether it be in Public_html or whatnot, it would be appreciated if you could help me set it up aswell, but i understand completely if you have other things to do, if anyone can help me set it up, please email me at HeLLshEEp.iv@gmail.com, or add me on msn. Thanks.
 
Corey

Corey

I Break Things
Staff member
Messages
34,551
Reaction score
205
Points
63
All publicly viewable files should be placed into your public_html folder, also, if you're going to be using PHP go here:
http://x10hosting.com/login and upgrade your PHP to intermediate.
 
Jarryd

Jarryd

Community Advocate
Community Support
Messages
5,534
Reaction score
43
Points
48
Ooo, yeah. Thanks Corey, i forgot i had to upgrade PHP aswell. ^^ Thanks for that, i'll try figure this out myself again, and see how it goes.
 
Status
Not open for further replies.
Top