Login Page

  • pritesh_a
  • Graduate
  • Graduate
  • pritesh_a
  • Posts: 158
  • Loc: South London/UK

Post 3+ Months Ago

Hello, im creating a login page in DW MX,

Iv turned my firewall of (ZoneAlarm) and the files are directed in the right place (i.e wwwroot/desktop)

I cannot get the Testing Server TICKED in the Server Behavior part!
does Anything else i need to turn off? or do?


I also need a secure Login, i.e user cannot navigate back and forwards once logged out!!
  • Sk8erGuy
  • Student
  • Student
  • Sk8erGuy
  • Posts: 74

Post 3+ Months Ago

dont upload this but insert it into a database
Code: [ Select ]
CREATE TABLE users (
  username varchar(30),
  password varchar(32));
  1. CREATE TABLE users (
  2.   username varchar(30),
  3.   password varchar(32));


database.php
Code: [ Select ]
<?

$conn = mysql_connect("localhost", "your_username", "your_password") or die(mysql_error());
mysql_select_db('your_database', $conn) or die(mysql_error());

?>
  1. <?
  2. $conn = mysql_connect("localhost", "your_username", "your_password") or die(mysql_error());
  3. mysql_select_db('your_database', $conn) or die(mysql_error());
  4. ?>


register.php
Code: [ Select ]
<?
session_start();
include("database.php");

function usernameTaken($username){
  global $conn;
  if(!get_magic_quotes_gpc()){
   $username = addslashes($username);
  }
  $q = "select username from users where username = '$username'";
  $result = mysql_query($q,$conn);
  return (mysql_numrows($result) > 0);
}

function addNewUser($username, $password){
  global $conn;
  $q = "INSERT INTO users VALUES ('$username', '$password')";
  return mysql_query($q,$conn);
}

function displayStatus(){
  $uname = $_SESSION['reguname'];
  if($_SESSION['regresult']){
?>

<h1>Registered!</h1>
<p>Thank you <b><? echo $uname; ?></b>, your information has been added to the database, you may now <a href="main.php" title="Login">log in</a>.</p>

<?
  }
  else{
?>

<h1>Registration Failed</h1>
<p>We're sorry, but an error has occurred and your registration for the username <b><? echo $uname; ?></b>, could not be completed.<br>
Please try again at a later time.</p>

<?
  }
  unset($_SESSION['reguname']);
  unset($_SESSION['registered']);
  unset($_SESSION['regresult']);
}

if(isset($_SESSION['registered'])){
?>

<html>
<title>Registration Page</title>
<body>

<? displayStatus(); ?>

</body>
</html>

<?
  return;
}

if(isset($_POST['subjoin'])){
  /* Make sure all fields were entered */
  if(!$_POST['user'] || !$_POST['pass']){
   die('You didn\'t fill in a required field.');
  }

  /* Spruce up username, check length */
  $_POST['user'] = trim($_POST['user']);
  if(strlen($_POST['user']) > 30){
   die("Sorry, the username is longer than 30 characters, please shorten it.");
  }

  /* Check if username is already in use */
  if(usernameTaken($_POST['user'])){
   $use = $_POST['user'];
   die("Sorry, the username: <strong>$use</strong> is already taken, please pick another one.");
  }

  $md5pass = md5($_POST['pass']);
  $_SESSION['reguname'] = $_POST['user'];
  $_SESSION['regresult'] = addNewUser($_POST['user'], $md5pass);
  $_SESSION['registered'] = true;
  echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
  return;
}
else{
?>

<html>
<title>Registration Page</title>
<body>
<h1>Register</h1>
<form action="<? echo $HTTP_SERVER_VARS['PHP_SELF']; ?>" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="subjoin" value="Join!"></td></tr>
</table>
</form>
</body>
</html>


<?
}
?>
  1. <?
  2. session_start();
  3. include("database.php");
  4. function usernameTaken($username){
  5.   global $conn;
  6.   if(!get_magic_quotes_gpc()){
  7.    $username = addslashes($username);
  8.   }
  9.   $q = "select username from users where username = '$username'";
  10.   $result = mysql_query($q,$conn);
  11.   return (mysql_numrows($result) > 0);
  12. }
  13. function addNewUser($username, $password){
  14.   global $conn;
  15.   $q = "INSERT INTO users VALUES ('$username', '$password')";
  16.   return mysql_query($q,$conn);
  17. }
  18. function displayStatus(){
  19.   $uname = $_SESSION['reguname'];
  20.   if($_SESSION['regresult']){
  21. ?>
  22. <h1>Registered!</h1>
  23. <p>Thank you <b><? echo $uname; ?></b>, your information has been added to the database, you may now <a href="main.php" title="Login">log in</a>.</p>
  24. <?
  25.   }
  26.   else{
  27. ?>
  28. <h1>Registration Failed</h1>
  29. <p>We're sorry, but an error has occurred and your registration for the username <b><? echo $uname; ?></b>, could not be completed.<br>
  30. Please try again at a later time.</p>
  31. <?
  32.   }
  33.   unset($_SESSION['reguname']);
  34.   unset($_SESSION['registered']);
  35.   unset($_SESSION['regresult']);
  36. }
  37. if(isset($_SESSION['registered'])){
  38. ?>
  39. <html>
  40. <title>Registration Page</title>
  41. <body>
  42. <? displayStatus(); ?>
  43. </body>
  44. </html>
  45. <?
  46.   return;
  47. }
  48. if(isset($_POST['subjoin'])){
  49.   /* Make sure all fields were entered */
  50.   if(!$_POST['user'] || !$_POST['pass']){
  51.    die('You didn\'t fill in a required field.');
  52.   }
  53.   /* Spruce up username, check length */
  54.   $_POST['user'] = trim($_POST['user']);
  55.   if(strlen($_POST['user']) > 30){
  56.    die("Sorry, the username is longer than 30 characters, please shorten it.");
  57.   }
  58.   /* Check if username is already in use */
  59.   if(usernameTaken($_POST['user'])){
  60.    $use = $_POST['user'];
  61.    die("Sorry, the username: <strong>$use</strong> is already taken, please pick another one.");
  62.   }
  63.   $md5pass = md5($_POST['pass']);
  64.   $_SESSION['reguname'] = $_POST['user'];
  65.   $_SESSION['regresult'] = addNewUser($_POST['user'], $md5pass);
  66.   $_SESSION['registered'] = true;
  67.   echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
  68.   return;
  69. }
  70. else{
  71. ?>
  72. <html>
  73. <title>Registration Page</title>
  74. <body>
  75. <h1>Register</h1>
  76. <form action="<? echo $HTTP_SERVER_VARS['PHP_SELF']; ?>" method="post">
  77. <table align="left" border="0" cellspacing="0" cellpadding="3">
  78. <tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
  79. <tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
  80. <tr><td colspan="2" align="right"><input type="submit" name="subjoin" value="Join!"></td></tr>
  81. </table>
  82. </form>
  83. </body>
  84. </html>
  85. <?
  86. }
  87. ?>


login.php
Code: [ Select ]
<?

function confirmUser($username, $password){
  global $conn;
  /* Add slashes if necessary (for query) */
  if(!get_magic_quotes_gpc()) {
    $username = addslashes($username);
  }

  $q = "select password from users where username = '$username'";
  $result = mysql_query($q,$conn);
  if(!$result || (mysql_numrows($result) < 1)){
   return 1; //Indicates username failure
  }

  $dbarray = mysql_fetch_array($result);
  $dbarray['password'] = stripslashes($dbarray['password']);
  $password = stripslashes($password);

  if($password == $dbarray['password']){
   return 0; //Success! Username and password confirmed
  }
  else{
   return 2; //Indicates password failure
  }
}

function checkLogin(){
  /* Check if user has been remembered */
  if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
   $_SESSION['username'] = $_COOKIE['cookname'];
   $_SESSION['password'] = $_COOKIE['cookpass'];
  }

  if(isset($_SESSION['username']) && isset($_SESSION['password'])){
   /* Confirm that username and password are valid */
   if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){
     /* Variables are incorrect, user not logged in */
     unset($_SESSION['username']);
     unset($_SESSION['password']);
     return false;
   }
   return true;
  }
  else{
   return false;
  }
}

function displayLogin(){
  global $logged_in;
  if($logged_in){
   echo "<h1>Logged In!</h1>";
   echo "Welcome <b>$_SESSION[username]</b>, you are logged in. <a href=\"logout.php\">Logout</a>";
  }
  else{
?>

<h1>Login</h1>
<form action="" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td colspan="2" align="left"><input type="checkbox" name="remember">
<font size="2">Remember me next time</td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="sublogin" value="Login"></td></tr>
<tr><td colspan="2" align="left"><a href="register.php">Join</a></td></tr>
</table>
</form>

<?
  }
}

if(isset($_POST['sublogin'])){
  if(!$_POST['user'] || !$_POST['pass']){
   die('You didn\'t fill in a required field.');
  }
  $_POST['user'] = trim($_POST['user']);
  if(strlen($_POST['user']) > 30){
   die("Sorry, the username is longer than 30 characters, please shorten it.");
  }

  $md5pass = md5($_POST['pass']);
  $result = confirmUser($_POST['user'], $md5pass);

  /* Check error codes */
  if($result == 1){
   die('That username doesn\'t exist in our database.');
  }
  else if($result == 2){
   die('Incorrect password, please try again.');
  }

  $_POST['user'] = stripslashes($_POST['user']);
  $_SESSION['username'] = $_POST['user'];
  $_SESSION['password'] = $md5pass;


  if(isset($_POST['remember'])){
   setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
   setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
  }

  echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
  return;
}

$logged_in = checkLogin();

?>
  1. <?
  2. function confirmUser($username, $password){
  3.   global $conn;
  4.   /* Add slashes if necessary (for query) */
  5.   if(!get_magic_quotes_gpc()) {
  6.     $username = addslashes($username);
  7.   }
  8.   $q = "select password from users where username = '$username'";
  9.   $result = mysql_query($q,$conn);
  10.   if(!$result || (mysql_numrows($result) < 1)){
  11.    return 1; //Indicates username failure
  12.   }
  13.   $dbarray = mysql_fetch_array($result);
  14.   $dbarray['password'] = stripslashes($dbarray['password']);
  15.   $password = stripslashes($password);
  16.   if($password == $dbarray['password']){
  17.    return 0; //Success! Username and password confirmed
  18.   }
  19.   else{
  20.    return 2; //Indicates password failure
  21.   }
  22. }
  23. function checkLogin(){
  24.   /* Check if user has been remembered */
  25.   if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
  26.    $_SESSION['username'] = $_COOKIE['cookname'];
  27.    $_SESSION['password'] = $_COOKIE['cookpass'];
  28.   }
  29.   if(isset($_SESSION['username']) && isset($_SESSION['password'])){
  30.    /* Confirm that username and password are valid */
  31.    if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){
  32.      /* Variables are incorrect, user not logged in */
  33.      unset($_SESSION['username']);
  34.      unset($_SESSION['password']);
  35.      return false;
  36.    }
  37.    return true;
  38.   }
  39.   else{
  40.    return false;
  41.   }
  42. }
  43. function displayLogin(){
  44.   global $logged_in;
  45.   if($logged_in){
  46.    echo "<h1>Logged In!</h1>";
  47.    echo "Welcome <b>$_SESSION[username]</b>, you are logged in. <a href=\"logout.php\">Logout</a>";
  48.   }
  49.   else{
  50. ?>
  51. <h1>Login</h1>
  52. <form action="" method="post">
  53. <table align="left" border="0" cellspacing="0" cellpadding="3">
  54. <tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
  55. <tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
  56. <tr><td colspan="2" align="left"><input type="checkbox" name="remember">
  57. <font size="2">Remember me next time</td></tr>
  58. <tr><td colspan="2" align="right"><input type="submit" name="sublogin" value="Login"></td></tr>
  59. <tr><td colspan="2" align="left"><a href="register.php">Join</a></td></tr>
  60. </table>
  61. </form>
  62. <?
  63.   }
  64. }
  65. if(isset($_POST['sublogin'])){
  66.   if(!$_POST['user'] || !$_POST['pass']){
  67.    die('You didn\'t fill in a required field.');
  68.   }
  69.   $_POST['user'] = trim($_POST['user']);
  70.   if(strlen($_POST['user']) > 30){
  71.    die("Sorry, the username is longer than 30 characters, please shorten it.");
  72.   }
  73.   $md5pass = md5($_POST['pass']);
  74.   $result = confirmUser($_POST['user'], $md5pass);
  75.   /* Check error codes */
  76.   if($result == 1){
  77.    die('That username doesn\'t exist in our database.');
  78.   }
  79.   else if($result == 2){
  80.    die('Incorrect password, please try again.');
  81.   }
  82.   $_POST['user'] = stripslashes($_POST['user']);
  83.   $_SESSION['username'] = $_POST['user'];
  84.   $_SESSION['password'] = $md5pass;
  85.   if(isset($_POST['remember'])){
  86.    setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
  87.    setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
  88.   }
  89.   echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
  90.   return;
  91. }
  92. $logged_in = checkLogin();
  93. ?>


logout.php
Code: [ Select ]
<?
session_start();
include("database.php");
include("login.php");

if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
  setcookie("cookname", "", time()-60*60*24*100, "/");
  setcookie("cookpass", "", time()-60*60*24*100, "/");
}

?>

<html>
<title>Logging Out</title>
<body>

<?

if(!$logged_in){
  echo "<h1>Error!</h1>\n";
  echo "You are not currently logged in, logout failed. Back to <a href=\"main.php\">main</a>";
}
else{
  /* Kill session variables */
  unset($_SESSION['username']);
  unset($_SESSION['password']);
  $_SESSION = array(); // reset session array
  session_destroy();  // destroy session.

  echo "<h1>Logged Out</h1>\n";
  echo "You have successfully <b>logged out</b>. Back to <a href=\"main.php\">main</a>";
}

?>

</body>
</html>
  1. <?
  2. session_start();
  3. include("database.php");
  4. include("login.php");
  5. if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
  6.   setcookie("cookname", "", time()-60*60*24*100, "/");
  7.   setcookie("cookpass", "", time()-60*60*24*100, "/");
  8. }
  9. ?>
  10. <html>
  11. <title>Logging Out</title>
  12. <body>
  13. <?
  14. if(!$logged_in){
  15.   echo "<h1>Error!</h1>\n";
  16.   echo "You are not currently logged in, logout failed. Back to <a href=\"main.php\">main</a>";
  17. }
  18. else{
  19.   /* Kill session variables */
  20.   unset($_SESSION['username']);
  21.   unset($_SESSION['password']);
  22.   $_SESSION = array(); // reset session array
  23.   session_destroy();  // destroy session.
  24.   echo "<h1>Logged Out</h1>\n";
  25.   echo "You have successfully <b>logged out</b>. Back to <a href=\"main.php\">main</a>";
  26. }
  27. ?>
  28. </body>
  29. </html>


Thas perhaps the simplest one you could have. You can get into user ranks and levels which will get them certain features. Just look at the code carefully and it should be easy for you to customize it.
  • pritesh_a
  • Graduate
  • Graduate
  • pritesh_a
  • Posts: 158
  • Loc: South London/UK

Post 3+ Months Ago

Thanks, but i have not installed any php software,
i have only installed IIS
will all the above still work?

Post Information

  • Total Posts in this topic: 3 posts
  • Users browsing this forum: No registered users and 41 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.