|
PHP - Trying To Create A Login Script From Scratch.
I've decided to "re-learn" PHP.
I've created a registration script which works well, however, the login script is not going to plan for me. This is the script: <?php include "./global/global.php"; ?> <?php error_reporting (E_ALL ^ E_NOTICE); ?> <?php $username = $_POST['username']; $password = $_POST['password']; $submit = $_POST['submit']; if($submit){ $sql1 = "SELECT * FROM test2 WHERE username = '".$username."'"; $res1 = mysql_query($sql1) or die(mysql_error()); $numrows = mysql_num_rows($res1); if($numrows != 0){ while($row = mysql_fetch_assoc($res1)){ $dbusername = $row['username']; $dbpassword = $row['password']; } if($username==$dbusername && $password==$dbpassword){ ob_start(); $_SESSION['username']=$username; header("Location: index.php"); } }else{ echo("That user doesn't exist!"); } }else{ ?> <form action="login.php" method="POST"> <input type="text" name="username" /> <input type="password" name="password" /> <input type="submit" name="submit" value="Login" /> </form> <?php } ?> The problem is that it isn't building the session, so when I go back to the homepage, which looks like this: <?php include "./global/global.php"; session_start(); ?> <?php error_reporting (E_ALL ^ E_NOTICE); ?> <html> <?php if($_SESSION){ echo("Welcome, ".$_SESSION['username']); }else{ echo("Please login <a href='login.php'>here</a>"); } ?> </html> It shows that I should login. I can't seem to see what's wrong because I have a script very similar to it and it works fine, so if anyone could help, I'd appreciate it. Similar TutorialsHello. Sorry if this is not the correct place to post this but, I'm looking to create this with php but, need some help. I would like to add a captive portal to my network. I've read about some that are out there but, they are not customisable to really accomplish what I need. I'm here to see if I can get some ideas from you guys. This is what I'm trying to accomplish. Simply show a splash page every certain time, let's say every four hours, the client would just press a button or a link and just redirect to the page the user intended to visit and just keep track of whos online using the Internet. I've used NoCat and it works well but, is written in Perl. I have some php scripts that I would like to use with it but, haven't find a way to do it. I noticed Nocat listens on a certain port writes an iptable rule marking packets with mangle table from the client's ip address, after a certain time it deletes the rule for that address forcing the ip to "re-authenticate" again showing the splash page. Any suggestions on how can this be done? Thanks in advanced for your help. Hello guys, Is there on web any updated tutorial on how can I add Facebook login on my simple php login script? Hey all, I am trying to put a login form on the front pages (index, contact us, about us) of my site. I want the members to put in username and pass, and when they click submit, it takes them to the /members/ area of the site. Right now this is how I have the form. Code: [Select] <form method="POST" action="login.php"> <input type="text" name="username"> <input type="password" name="password"> <input type="submit" value="Login"> </form> I have this, but the members area consist of several pages and not just on location. Code: [Select] if ($_SESSION['authorized'] != true) { header("Location: login_form.php"); exit; } Finally, I am going to create a login.php page that has this in it. Code: [Select] $select_user = mysql_query('select * from users where username = "' . $_POST['username'] . '" and password = "' . md5($_POST['password'] . '"')); if (mysql_num_rows($select_user) != 0) { session_start(); session_register('authorized'); $_SESSION['authorized'] = true; header("Location: protected_content.php"); exit; } else { header("Location: login_form.php"); exit; } So My questions are, How can I make it so they can access the entire /members/ area (directory) and what would I put in the database 'members' when I create it. All members are going to use the same username and pass. So there is only need for 1 query for username and 1 for password. I appreciate anyone help in advance. Hi, I don't know why it outputs" You are now registered BUT the user name and password don't show up in the database! I want to encrypt the passwords so maybe that is problem, I don't know, please read scripts below. here is register.php: ============== Code: [Select] <html> <head></head> <body> <form method="post" action="" > <p>Create a username <input type="text" name="newUsername"/> </p> <p>Create a password <input type="password" name= "newPassword" /> </p> <p> <input type="submit" value="Make account now" name="makeAccountSubmit" /> </p> </form> <?php if(array_key_exists("makeAccountSubmit",$_POST) && !empty($_POST["newUsername"]) && !empty($_POST["newPassword"]) ) { //IF username doesn't exist, then store new user login info to db dummydpevx mysql_connect("localhost","root"); mysql_select_db("someDB"); $newUserName=$_POST["newUsername"]; $newPassword=crypt($_POST["newPassword"]); $usernameQuery=mysql_query("SELECT userName FROM users WHERE userName='$newUserName'"); if(mysql_num_rows($usernameQuery)==0) { $makeNewAccountQuery=mysql_query("INSERT INTO users userName,userPassword VALUES('$newUserName','$newPassword')"); print "You are now registered, <a href='login.php'>proceed to login</a>"; } if(mysql_num_rows($usernameQuery)==1) print "Username taken. Please make another one. <br />"; } here is login.php: ============ Code: [Select] <html> <head></head> <body> <form method="post" action=""> <label>Username:</label> <input type="text" name="username" /> <br /> <label>Password:</label> <input type="password" name="password" /> <p> <input type="submit" value="Login" name="Login" /> <input type="reset" value="Reset" name="Reset" /> </p> </form> <?php if(array_key_exists("Login",$_POST) && !empty($_POST["username"]) && !empty($_POST["password"])) { $attemptedUsername=$_POST["username"]; $attemptedPassword=$_POST["password"]; mysql_connect("localhost","root"); mysql_select_db("someDB"); $getLoginInfoQuery=mysql_query("SELECT userName,userPassword FROM users WHERE userName=$attemptedUsername AND userPassword=$attemptedPassword"); $getLoginInfo=mysql_fetch_assoc($getLoginInfoQuery); $getUsername=$getLoginInfo["userName"]; $getPassword=crypt($getLoginInfo["userPassword"]); if(crypt($attemptedPassword,$getPassword)==$getPassword) { session_start();//NB: Start session BEFORE doing any session stuff! $_SESSION["isAuthenticated"]="userAuthenticated"; header("Location: xmlShredderIndex.php"); exit; } else print "Please register!"; } Also, if any has time, please see my other post, it is straightforward instructions to see if you get same error as me, thanks. http://www.phpfreaks.com/forums/index.php?topic=347639.msg1640652#msg1640652 Any help much appreciated! I currently have a MyBB forum and I'm going to attempt to create a top list for it, but I'd like users that have already registered on my forum to be able to log into the top list area and either add or edit their website on the top list. How would I go about creating a login script with an already existing MySQL database that contains my MyBB users? This topic has been moved to Miscellaneous. http://www.phpfreaks.com/forums/index.php?topic=318572.0 I need to use the rand function but how would I go about incorporating into let's say.. somone spends some (Forum gold) on my site, (you get these golds from posting) Somone buys a Scratch Ticket and it will give them 1-200 forum Gold (random chance) how would I go about doing that with the rand function? Also, could there be something I add like a % value that it will be less then 200 inside the 1-200 phase? Kinda confusing, but pretty much can I say 50% of users will get less then 50 Forum Gold from the 1-200FG Chance Ticket? Pretty much adding a % modifier with the rand function so people don't get essentially "Free" forum gold, that there is a 20% of actually getting 100-200 AMOUNT, and 80% of actually getting less then 100? Any idea? i know how to code it with mysql/php I just need somone to lift me up right now and get a little boost of code/help to get me started and a explanation Just wondering how many people recommend using a framework, such as cakePhp, or coding from scratch? I always coded from scratch, but tried using a Php framework recently called Elgg. It was an absolute nightmare. so how many code from scratch? and how many people use a framework? Hello,can anyone help me create members search script?
here is image example
here is 'users 'table
`id` int(11) NOT NULL auto_increment, `age` varchar(200) collate utf8_unicode_ci NOT NULL, `city` varchar(200) collate utf8_unicode_ci NOT NULL, `username` varchar(30) collate utf8_unicode_ci NOT NULL, `password` varchar(150) collate utf8_unicode_ci NOT NULL, `salt` varchar(10) collate utf8_unicode_ci NOT NULL, `mgroup` int(3) NOT NULL, `email` varchar(100) collate utf8_unicode_ci NOT NULL, `ip` varchar(15) collate utf8_unicode_ci NOT NULL, `posts` int(11) NOT NULL, `date_joined` varchar(25) collate utf8_unicode_ci NOT NULL, `logged_in` int(1) NOT NULL default '0', `last_action_time` int(25) NOT NULL, `signature` text collate utf8_unicode_ci NOT NULL, `avatar` varchar(300) collate utf8_unicode_ci NOT NULL default 'default', `what_is_doing` varchar(30) collate utf8_unicode_ci NOT NULL, `what_is_doing_id` varchar(100) collate utf8_unicode_ci NOT NULL, `name` varchar(200) collate utf8_unicode_ci NOT NULL, `website` varchar(200) collate utf8_unicode_ci NOT NULL, `title` varchar(150) collate utf8_unicode_ci NOT NULL, `rank_pips` int(11) NOT NULL, `friends` tinytext collate utf8_unicode_ci NOT NULL, `blocks` tinytext collate utf8_unicode_ci NOT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=1 ;Please help me? Edited by sopranolv, 30 January 2015 - 05:26 AM. I am looking at the ImageMagick library to create thumbnails from about 800 pdf files. I'd like to use php because the information needs to be stored in a database. Is ImageMagick up to the task? Would you recommend an alternative library? Any other advice is appreciated. Thanks, -Brian I can't find out whats the problem here, would appreciate some input in how to think building my "if".
The problem is that I don't seem to catch if an email exists, nor if user exists and neither can I create a new user :/.
Appreciate your help alot!
<?php
// Start the session in case of errors to display within the page of user creation
session_start();
$err_msg = array();
$errflag = false;
// Check if the submit button was pressed
if ($_SERVER['REQUEST_METHOD'] === 'POST'
&& $_POST['submit'] === 'Skapa')
{
// Crypt password
$options = ['cost' => 10];
$username = strip_tags($_POST['uname']);
$password = strip_tags(password_hash($_POST['pword'], PASSWORD_DEFAULT, $options));
$email = strip_tags($_POST['uname'], '@');
// Check so all the fields are filled
if ($_POST['uname'] == '' || $_POST['pword'] == '' || $_POST['pwordcheck'] == '')
{
$err_msg[] = 'Please enter all fields<br>';
$errflag = true;
}
// See if passwords and confirm matches
if ($_POST['pword'] !== $_POST['pwordcheck'])
{
$err_msg[] = 'Passwords doesn\'t match!<br>';
$errflag = true;
}
// Check password length, atleast 8 characters
if (strlen($_POST['pword']) < 7)
{
$err_msg[] = 'Password must be atleast 8 characters long';
$errflag = true;
}
// Check if email exists
include_once('../includes/db.inc.php');
$db = new PDO(DB_INFO, DB_USER, DB_PASS);
$sql = "SELECT COUNT(*) AS count FROM movies WHERE email = :emailadress";
$stmt = $db->prepare($sql);
$stmt->bindParam(':emailadress', $email);
$stmt->execute();
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ($row > 0)
{
$err_msg[] = 'Email already taken!';
$errflag = true;
$db = NULL;
}
// Check if user exists
include_once('../includes/db.inc.php');
$db = new PDO(DB_INFO, DB_USER, DB_PASS);
$sql = "SELECT uname FROM users WHERE uname = :username";
$stmt = $db->prepare($sql);
$stmt->bindParam(':username', $username);
$stmt->execute();
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ($row > 0)
{
$err_msg[] = 'User already exists';
$errflag = true;
$db = NULL;
}
if ($errflag = false)
{
// Everything passed, create the user!
include_once('../includes/db.inc.php');
$db = new PDO(DB_INFO, DB_USER, DB_PASS);
$sql = "INSERT INTO users (uname, pword, email) VALUES (:username, :password, :emailadress)";
$stmt = $db->prepare($sql);
$stmt->bindParam(':username', $username);
$stmt->bindParam(':password', $password);
$stmt->bindParam(':emailadress');
$stmt->execute();
$_SESSION['uname'] = $username;
header('Location: ../template/header.php');
exit;
}
// If any error, send the user back and display messages
if ($errflag == true)
{
$_SESSION['err_msg'] = $err_msg;
session_write_close();
header('Location: ../user/create.php');
exit;
}
}
else
{
$_SESSION['err_msg'] = $err_msg;
session_write_close();
header('Location: ../user/create.php');
exit;
}
?>
I saw the posting for creating a script for a certificate but am struggling to get it to work, i have tried everything I can think of but getting errors.
As you can see from this test link there is php errors that cannot be resolved.
http://gmdesign.org.uk/xxx
I have also added the javascript to a button to print the certificate it but its not working either.
I would be grateful for any help you can give.
you can download/see my full scripts by viewing the attached files hi i'm trying to create a php file from a script but i dont seem to be getting it right the file doesn't exist already am trying to create it. Code: [Select] <title>test</title> <?php include_once"includes/db_connect.php"; $sql=mysql_query("SELECT `urlName` FROM `products` WHERE `category`='1'"); while($fetch=mysql_fetch_object($sql)){ $File = "".$fetch->urlName.".php"; $handle = fopen($File, 'w'); fclose($handle); } ?> Hey everyone. I currently have a login script that uses cookies to check if the user is logged in. But I have been told that even if I have used md5() then the the password is still at risk, so I was wondering if using sessions would be better, or if there was some way to make the passwords in the cookies more secure? Here is the code I currently have to secure passwords in the cookie: Code: [Select] $_POST['pass'] = md5($_POST['pass']); if (!get_magic_quotes_gpc()) { $_POST['pass'] = addslashes($_POST['pass']); $_POST['username'] = addslashes($_POST['username']); } Hello everybody! I am trying to make a forum for my class and I will do it from scratch I am from Denmark so my english could be a little wrong! Sorry! The problem is when i try to login, I allways get the error that I had defined to do.. But only if both password and username dosn't exist... Before i post the code i will give you a translation: Brugernavn = Username kodeord = password brugerid = userid My register.php file works fine! But I will post them both: This is the register form: http://pastebin.com/h6fgHSFB And here are the code for my login.php, the strange thing is, that i do not get any kind of error dont even mysql errors, that i had hope on so i could fix it! http://pastebin.com/Vc8Gt9SY Hope you guys would like to help me! Best Regards Jesper Jensen from denmark jesper@dh-data.dk Hi! I need help with the login script i wrote. Please help me get it working. The section related to guest works fine however it always gives me error message when i get to the queryA and queryB stages. Thanks! I've already got the database running, using MySQL. Name of database - connectiontracker; tables- user_admin, user_user Here's the script: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/xhtml1-loose.dtd"> <?php session_start(); $userType = $_POST["userType"]; $userName = $_POST["username"]; $passWord = $_POST["password"]; $link = mysqli_connect("localhost", "ct1", "ctcfgb") Or die('Could not connect '. mysqli_error()); switch ($userType) { case "admin": if (isset($userName) && isset($passWord)) { $dbTableA = "user_admin"; mysqli_select_db($link, "connectiontracker") Or die ("Database unavailable"); $queryA = "SELECT * FROM $dbTableA WHERE username='$userName' AND password='$passWord'"; $resultA = mysqli_query($queryA) or die("Verification Error A"); if(mysqli_num_rows($resultA) == 1) { $_SESSION = true; header ('Location: welcomeadmin.php'); } else echo "Incorrect administrator username and/or password"; } break; case "user": if (isset($userName) && isset($passWord)) { $dbTableB = "user_user"; mysqli_select_db($link, "connectiontracker") Or die ("Database unavailable"); $queryB = "SELECT * FROM $dbTableB WHERE username='$userName' AND password='$passWord'"; $resultB = mysqli_query($queryB) or die("Verification Error B"); if(mysqli_num_rows($resultB) == 1) { $_SESSION = true; header ('Location: welcomeuser.php'); } else echo "Incorrect Organization/Individual username and/or password"; } break; case "guest": header ('Location: welcomeguest.php'); break; } if (!isset($_POST['Enter'])) { ?> <html> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title>Login to Connection Tracker</title> <!-- <link rel="stylesheet" href="ct_style1.css" type="text/css"> --> </head> <body> Please select from the following: <br /> <form action="<?php echo $PHP_SELF;?>" method="post"> <select name="userType"> <option value="admin">Administrator</option> <option value="user" selected>Organization</option> <option value="guest">Guest</option> </select> <br /> Please leave the following fields blank if entering the system as Guest <br /> Username: <input type="text" name="username"> <br /> Password: <input type="text" name="password"> <input type="submit" name="Enter"/> <br /> </form> </body> </html> <?php } mysqli_close($link); ?> Hello everyone, I am brand new to php and am starting off my journey by trying to create a simple login/register script. I have run into a bit of difficulty, however, and cannot seem to get this to work. I know that the register script is very basic (lacks strlen check, doesn't verify that both passwords are the same, etc.), but for the time being I simply want to have a functional script. Then I can continue learning by adding more components. Here are the login.php, checklogin.php, and register.php files (in this order). I believe that the login/checklogin files work, but the register file just shows the form without actually writing to DB when it is submitted. Thank you very much for your help. Code: [Select] <html> <body> <b> Member Login </b> <br /> <form name="input" action="checklogin.php" method="post"> Username : <input type="text" name="myusername" id="username"> <br /> Password : <input type="password" name="mypassword" id="password"> <br /> <input type="checkbox" name="remember" value="checkbox"> Remember me <br /> <input type="submit" value="Login"> Not a member? <a href="./register.php">Register!</a> </form> </body> </html> Code: [Select] <?php $host="localhost"; $usr="root"; $pwd=""; $db="MemberDB"; $tbl_name="members"; mysql_connect($host, $usr, $pwd) or die("Unable to connect"); mysql_select_db($db) or die("Unable to select database"); $myusr = $_POST['myusername']; $mypswd = md5($_POST['mypassword']); $myusername = stripslashes(strip_tags($myusr)); $mypassword = stripslashes(strip_tags($mypswd)); $myusername = mysql_real_escape_string($myusr); $mypassword = mysql_real_escape_string($mypswd); $sql="SELECT *FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); $count=mysql_num_rows($result); if ($count==1) { session_register("myusername"); session_register("mypassword"); header("location:menu.php"); } else { echo "Incorrect Username or Password"; } ?> Code: [Select] <?php $host="localhost"; $usr="root"; $pwd=""; $db="MemberDB"; $tbl_name="members"; mysql_connect($host, $usr, $pwd) or die("Unable to connect"); mysql_select_db($db) or die("Unable to select database"); if (isset($_POST['register'])) { $query = "INSERT INTO members ('username', 'password', 'email') VALUES('$_POST[username]', 'md5($_POST[password1])', '$_POST[email]')"; mysql_query($db,$query) or die(); mysql_close(); echo "You have successfully registered!"; } else{ ?> <html> <body> <b> Register</b> <br /> <form name="register" action="./register.php" method="post"> Username : <input type="text" name="username" id="username"> <br /> Password : <input type="password" name="password" id="password1"> <br /> Confirm Password : <input type="password" name="password2" id="password2"> <br /> Email: <input type="text" name="email" id="email"> <br /> <input type="submit" value="register"> </form> </body> </html> <?php } ?> Hey so this is my login script but when i enter something into the username and password box and submit it, the page just refreshes.
<?php
echo "
<h1>LOGIN</h1>
<form action='' method='POST'>
<table>
<tr>
<td>
<b>Username:</b>
</td>
<td>
<input type='text' name='username' placeholder='Enter your username'>
</td>
</tr>
<tr>
<td>
<b>Password:</b>
</td>
<td>
<input type='password' name='password' placeholder='Enter your password'>
</td>
<td>
<input type='submit' value='login' name='submit'>
</td>
</tr>
</form>
";
$host = "localhost";
$username = "root";
$password = "";
$db_name = "website";
mysql_connect("$host", "$username", "$password") or die("Could not connect");
mysql_select_db("$db_name") or die("Could not find database");
if(isset($_POST['submit'])) {
if(!empty($_POST['username'])) {
$sql = "SELECT * FROM members WHERE username='$username' AND password='$password'";
$result = mysql_query($sql);
$count = mysql_num_rows($result);
if($count==1) {
$row = mysql_fetch_array($sql);
$bancheck = mysql_query($row);
if($row['active']==0 && count==0) {
include 'userban.html';
} else if($count==1 && $bancheck==1) {
$_SESSION['username'] = "$username";
include '/home/user/index.php';
} else {
echo "You entered invalid information";
}
}
}
}
?>
Hi all again, This script was working perfectly but I have not got a clue what changed in it or how and can not seem to find the problem. The connection works, email and password variables match the mysql databases so must be my Syntax. appreciate if you can help. <?php include("../cxn.php"); $sql = "SELECT password FROM Members WHERE email='$_POST[email]'"; $result = mysqli_query($cxn,$sql) or die ("Couldn't execute query1"); $num = mysqli_num_rows($result); if ($num >0) // Login Name found { $sql = "SELECT * FROM Members WHERE email='$_POST[email]' AND password=md5('$_POST[password]')"; $result2 = mysqli_query($cxn,$sql) or die ("Couldn't execute query2"); $num2 = mysqli_num_rows($result2); if ($num2 > 0) // password correct { session_start(); $_SESSION['auth']="yes"; $_SESSION['logname'] = $_POST['email']; $logname = $_SESSION['logname']; $today = date("Y-m-d h:i:s"); $sql = "INSERT INTO Login (email,loginTime) VALUES ('$logname', '$today')"; $result = mysqli_query($cxn,$sql) or die ("Can't execute insert query"); echo "you have logged in!"; header("Location: ../$_POST[page]"); } else { $message = "The email address, '$_POST[email]' is registered, but you have not entered the correct password! Please try again.<br>"; include("../login.html"); } } ?> Hello everyone, I have just finished coding a logion/register/logout script. I am quite new to PHP (this was my first task to begin the learning process!). The scripts now work fine and gets the job done. It incorporates a database and has a number of checks in place. I know that the code is probably pretty ugly however and not as efficient as it could be. Could anyone suggest places where I could improve it or security issues with it? I have tried to secure it against sql injection; it also ensures that no fields are blank and that the two passwords in registration are the same and I have also made username a unique field in database. Thanks in advance for any help or guidance. Here are the scripts: index.html, checklogin.php, register.php, menu.php, and logout.php <html> <body> <table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> <tr> <form name="input" action="checklogin.php" method="post"> <td> <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td colspan="3"><strong>Member Login </strong></td> </tr> <tr> <td width="78">Username</td> <td width="6">:</td> <td width="294"><input name="username" type="text" id="username"></td> </tr> <tr> <td>Password</td> <td>:</td> <td><input name="password" type="password" id="mypassword"></td> </tr> <tr> <td> </td> <td> </td> <td><input type="submit" name="login" value="Login"></td> </tr> </table> </td> </form> </tr> </table> <center>Not a member? <a href="./register.php">Register!</a></center> </body> </html> <?php $host="localhost"; $usr="root"; $pwd="******"; $db="*****"; $tbl_name="members"; mysql_connect($host, $usr, $pwd) or die(mysql_error()); mysql_select_db($db) or die(mysql_error()); $initialusr = $_POST['username']; $initialpwd = $_POST['password']; $secondusr = stripslashes($initialusr); $secondpwd = stripslashes($initialpwd); $pswd = mysql_real_escape_string($secondpwd); $myusr = mysql_real_escape_string($secondusr); $mypswd= md5($pswd); $sql="SELECT *FROM $tbl_name WHERE username='$myusr' and password='$mypswd'"; $result=mysql_query($sql); $count=mysql_num_rows($result); if ($count==1) { session_start(); $_SESSION['username'] = $myusr; header("location:menu.php"); } else { echo "Incorrect Username or Password"; } ?> <?php $host="localhost"; $usr="root"; $pwd="*****"; $db="***********"; $tbl_name="members"; mysql_connect($host, $usr, $pwd) or die(mysql_error()); mysql_select_db($db) or die(mysql_error()); if (isset($_POST['register']) && $_POST['username'] && $_POST['password'] && $_POST['confirm'] && $_POST['email'] && $_POST['password'] == $_POST['confirm']) { $pwd = mysql_real_escape_string("$_POST[password]"); $md5pwd = md5("$pwd"); $usr = mysql_real_escape_string("$_POST[username]"); $email = mysql_real_escape_string("$_POST[email]"); $query = "INSERT INTO members (username, password, email) VALUES('$usr', '$md5pwd', '$email')"; mysql_query($query) or die(mysql_error()); mysql_close(); echo "You have successfully registered!"; } else{ ?> <html> <body> <table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> <tr> <form name="input" action="register.php" method="post"> <td> <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td colspan="3"><strong>Register</strong></td> </tr> <tr> <td width="78">Username</td> <td width="6">:</td> <td width="294"><input name="username" type="text" id="username"></td> </tr> <tr> <td>Password</td> <td>:</td> <td><input name="password" type="password" id="password"></td> </tr> <tr> <td>Confirm Password</td> <td>:</td> <td><input name="confirm" type="password" id="confirm"></td> </tr> <tr> <td>Email</td> <td>:</td> <td><input name="email" type="text" id="email"></td> </tr> <tr> <td> </td> <td> </td> <td><input type="submit" name="register" value="Register"></td> </tr> </table> </td> </form> </tr> </table> </body> </html> <?php } ?> <?php session_start(); if (!isset($_SESSION['username'])){ header("location:index.html"); } else { ?> <html> <body> <?php $username = $_SESSION['username']; echo "Welcome " . $username . " !"; ?> <br /> <a href = logout.php>Log out</a> </body> </html> <?php } ?> <?php session_start(); session_destroy(); header("location:index.html") ?> |
|||||||