PHP - Php Login Register Form

Hey I would just like to release a simple login/register script that will work just fine and has some nice systems in it.

The Login. (I will post the code then below tell you what you need to do to get it to work with MYSQL DATABASE)
Create a file and call it login with the suffix .php so if you have file extensions showing on your computer it will look like "login.php" then put this code inside of it.
Code: [Select]
<?php session_start(); ?>
<?php
function mysql_prep($value) {
$magic_quotes_active = get_magic_quotes_gpc();
$new_enough_php = function_exists("mysql_real_escape_string"); // i.e PHP >= v4.3.0
if($new_enough_php){ // PHP v4.3.0 or higher
if ($magic_quotes_active){ $value = stripslashes($value); }
$value = mysql_real_escape_string($value);
}else{ //Before PHP v4.3.0
//if magic quotes aren't already on then add slahes manually
if(!$magic_quotes_active){ $value = addslashes($value); }
// if magic quotes are active then the slashes already exist
}
return $value;
}

function redirect_to($location = NULL){
if($location != NULL){
header("Location: {$location}");
exit;
}
}
define("DB_SERVER","localhost");
define("DB_USER","root");
define("DB_PASS","yourpassword");
define("DB_NAME","yourdatabasename");
$connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS);
if(!$connection){
die("Database Connection Failed: " . mysql_error());
}
$db_select = mysql_select_db("bcooperz", $connection);
if(!$db_select){
die("Connection to database failed: " . mysql_error());
}
?>
<?php
if(isset($_SESSION['user_id'])){
redirect_to("staff.php");
}
?>
<?php
if (isset($_POST['submit'])){
$errors = array();

// Perform validations on the form
$required_fields = array('username', 'password');
foreach($required_fields as $fieldname){
if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])){
$errors[] = $fieldname;
}
}

$field_with_lengths = array('username' => 30, 'password' => 30);
foreach($field_with_lengths as $fieldname => $maxlength) {
if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) {
$errors[] = $fieldname; }
}

$username = trim(mysql_prep($_POST['username']));
$password = trim(mysql_prep($_POST['password']));
$hashed_password = sha1($password);

if (empty($errors)){
// Checks database to see if username and password exist their
$query = "SELECT id, username FROM users WHERE username='$username' AND hashed_password='$hashed_password' LIMIT 1";
$result_set = mysql_query($query, $connection);
if(!$result_set){
die("Database Query Failed: " . mysql_error());
}
if (mysql_num_rows($result_set) == 1) {
// The Username and Password have been found in the database and the user is verified
// Only 1 Match
$found_user = mysql_fetch_array($result_set);
$_SESSION['user_id'] = $found_user['id'];
$_SESSION['username'] = $found_user['username'];
redirect_to("staff.php");
}else{
// Username and Password was not found in the database.
$message = "Username/Password Combination Incorrect.<br/>Please make sure your caps lock key is off and try again.";
echo $message;
}
}else{
$count = count($errors);
if($count == 1){
echo "Their Was {$count} Error In The Form" . "<br />";
print_r(implode(", ", $errors));
}else{
echo "Their Was {$count} Error's In The Form" . "<br />";
echo "<b>";
print_r(implode(", ", $errors));
echo "</b>";
}
}
}else{
// The Form Has Not Been Submitted
if(isset($_GET['logout']) && $_GET['logout'] == 1){
echo "You Are Now Logged Out";
}
if(isset($_GET['nowlogged']) && $_GET['nowlogged'] == 1){
echo "You Need to Login to reach this page.";
}
$username = "";
$password = "";
}
?>
<html>
<head>
<title>Register</title>
</head>
<body>

<form action="login.php" method="post">
Username : <input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /><br />
Password : <input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password); ?>" /><br /><br />
<input type="submit" name="submit" value="Login" /><br />
</form>
<p>Haven't got an account? register <a href="register.php">here!</a></p>
</body>
</html>
Now once you have a file called "login.php" with the above code inside of it you will need to goto your mysql database and create a database with a table that has 3 fields in the following format.
- id - int(11) - Auto increment
- username - varchar(50)
- hashed_password - varchar(40)

Now search for this in the login.php code
Code: [Select]
define("DB_SERVER","localhost");
define("DB_USER","root");
define("DB_PASS","yourpassword");
define("DB_NAME","yourdatabasename");
And This:
Code: [Select]
$db_select = mysql_select_db("bcooperz", $connection);
And change these to your settings.

Once you have done all this create a new file called register with the suffix .php as well so if you have file extensions turned on it will look like "register.php"
And add this code inside it:
Code: [Select]
<?php
function mysql_prep($value) {
$magic_quotes_active = get_magic_quotes_gpc();
$new_enough_php = function_exists("mysql_real_escape_string"); // i.e PHP >= v4.3.0
if($new_enough_php){ // PHP v4.3.0 or higher
if ($magic_quotes_active){ $value = stripslashes($value); }
$value = mysql_real_escape_string($value);
}else{ //Before PHP v4.3.0
//if magic quotes aren't already on then add slahes manually
if(!$magic_quotes_active){ $value = addslashes($value); }
// if magic quotes are active then the slashes already exist
}
return $value;
}

function redirect_to($location = NULL){
if($location != NULL){
header("Location: {$location}");
exit;
}
}
?>
<?php
define("DB_SERVER","localhost");
define("DB_USER","root");
define("DB_PASS","maxcooper");
define("DB_NAME","bcooperz");
$connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS);
if(!$connection){
die("Database Connection Failed: " . mysql_error());
}
$db_select = mysql_select_db("bcooperz", $connection);
if(!$db_select){
die("Connection to database failed: " . mysql_error());
}
?>

<?php
if(isset($_POST['submit'])){

$username = trim(mysql_prep($_POST['username']));
$password = trim(mysql_prep($_POST['password']));
$hashed_password = sha1($password);
$confirmpass=$_POST['confirmpass'];
$query2 = "SELECT * FROM users WHERE username='$username'";
$result2 = mysql_query($query2);
$counted=mysql_num_rows($result2);

$errors = array();

// Perform validations on the form
$required_fields = array('username', 'password', 'confirmpass');
foreach($required_fields as $fieldname){
if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])){
$errors[] = $fieldname;
}
}
if($confirmpass!=$_POST['password']){
$errors[] = "passdifference";
}
if($counted > 0){
$errors[] = "User Already Created";
}

$field_with_lengths = array('username' => 30, 'password' => 30);
foreach($field_with_lengths as $fieldname => $maxlength) {
if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) {
$errors[] = $fieldname; }
}


/* The Form Has Been Submitted */
if (empty($errors)){
$query = "INSERT INTO users (username,hashed_password) VALUES ('{$username}', '{$hashed_password}')";
$result = mysql_query($query, $connection);
if($result){
echo "User Successfully Created";
}else{
echo "The User Could Not Be Created" . "<br />";
echo mysql_error();
}
}else{
$count = count($errors);
if($count == 1){
echo "Their Was {$count} Error In The Form" . "<br />";
print_r(implode(", ", $errors));
}else{
echo "Their Was {$count} Error's In The Form" . "<br />";
echo "<b>";
print_r(implode(", ", $errors));
echo "</b>";
}
}
}else{
/* The Form Has Not Yet Been Submitted */
$username = "";
$password = "";
}
?>
<html>
<head>
<title>Register</title>
</head>
<body>

<form action="register.php" method="post">
Username : <input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /><br />
Password : <input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password); ?>" /><br />
Confirm Password: <input type="password" name="confirmpass" maxlength="30" value="" /><br /><br />
<input type="submit" name="submit" value="Register" /><br />
</form>
<p>Already have a account? login here <a href="login.php">here!</a></p>
</body>
</html>
Once you have done that and you have a file called "register.php" you will need to perform the final step which will be changing the database details once again on the second file ("register.php").

Thanks, Bcooperz. Please tell me if this works

This topic has been moved to Application Design.

http://www.phpfreaks.com/forums/index.php?topic=313919.0

Sorry for many posts, trying to make my website   When I press the register button on my website it will just act as if the page is refreshing and not send any information to mysql I believe I have connected everything up correctly, can anyone tell my what I have done wrong please?   If you want to check out the website to see what is going on check out www.jokestary.comli.com

<?php


//This function will display the registration form

function register_form(){


$date = date('D, M, Y');

echo "<form action='?act=register' method='post'>"

."Username: <input type='text' name='username' size='30'><br>"

."Password: <input type='password' name='password' size='30'><br>"

."Confirm your password: <input type='password' name='password_conf' size='30'><br>"

."Email: <input type='text' name='email' size='30'><br>"

."<input type='hidden' name='date' value='$date'>"

."<input type='submit' value='Register'>"

."</form>";


}


//This function will register users data

function register(){


//Connecting to database

include('connect.php');

if(!$connect){

die(mysql_error());

}


//Selecting database

$select_db = mysql_select_db("database", $connect);

if(!$select_db){

die(mysql_error());

}


//Collecting info

$username = $_REQUEST['username'];

$password = $_REQUEST['password'];

$pass_conf = $_REQUEST['password_conf'];

$email = $_REQUEST['email'];

$date = $_REQUEST['date'];


//Here we will check do we have all inputs filled


if(empty($username)){

die("Please enter your username!<br>");

}


if(empty($password)){

die("Please enter your password!<br>");

}


if(empty($pass_conf)){

die("Please confirm your password!<br>");

}


if(empty($email)){

die("Please enter your email!");

}


//Let's check if this username is already in use


$user_check = mysql_query("SELECT username FROM users WHERE username='$username'");

$do_user_check = mysql_num_rows($user_check);


//Now if email is already in use


$email_check = mysql_query("SELECT email FROM users WHERE email='$email'");

$do_email_check = mysql_num_rows($email_check);


//Now display errors


if($do_user_check > 0){

die("Username is already in use!<br>");

}


if($do_email_check > 0){

die("Email is already in use!");

}


//Now let's check does passwords match


if($password != $pass_conf){

die("Passwords don't match!");

}



//If everything is okay let's register this user


$insert = mysql_query("INSERT INTO users (username, password, email) VALUES ('$username', '$password', '$email')");

if(!$insert){

die("There's little problem: ".mysql_error());

}


echo $username.", you are now registered. Thank you!<br><a href=login.php>Login</a> | <a href=index.php>Index</a>";


}


switch($act){


default;

register_form();

break;


case "register";

register();

break;


}


?> 

Here is the connect.php code

<?php
$hostname="mysql6.000webhost.com"; //local server name default localhost
$username="a5347792_users";  //mysql username default is root.
$password="";       //blank if no password is set for mysql.
$database="a5347792_users";  //database name which you created
$con=mysql_connect($hostname,$username,$password);
if(! $con)
{
die('Connection Failed'.mysql_error());
}
 
mysql_select_db($database,$con);
?>

ok, so I have this code for my event registration page......I need to make this event register button dissapear after the date has passed.......can I do this using dd/mm/yyyy or do i need yyyy-mm-dd?  here is the codeif ($reg_end == date("F",strtotime("+1 month"))){
   echo "<form action='registration.php' method='get'><input type='hidden' name='eventid' value='{$row['eventid']}'><INPUT TYPE='submit' name='submit'   VALUE='Register'></form>\n";}
   else{echo "No longer accepting registrations";}




also I need to know how to modify the red code to do this........thanks in advance.......btw I will have field call reg_end which is when the turn off date is.......

Hi everyone, im working on a e comm site as a project.
I have a register.php page, and its supposed to check for the presence of posted data, and if data is not posted show a form block,and if posted data is present insert it into a database.
However its not working,i get an unexpected } on line 114, where there is a }else{ .
I've only been working with php a few days, but from what i've read the braces seem where they should be,can someone please tell me where the problem is?
<script language="JavaScript" type="text/javascript" src="library/checkout.js"></script>
<?php
//set up a couple of functions
function doDB() {
global $mysqli;

//connect to server and select database; you may need it
$mysqli = mysqli_connect("localhost", "root", "", "onlinestore");
}
//determine if they need to see the form or not
if (!$_POST) {
//they need to see the form, so create form block
$display_block = "

<form name=\"register\" method=\"post\"action=\"index.php?r=1\"\ id=\"register\">
<table width=\"550\" border=\"0\" align=\"center\" cellpadding=\"5\" cellspacing=\"1\" class=\"entryTable\">
        <tr class=\"entryTableHeader\"> 
            <td colspan=\"2\">Login Details</td>
        </tr>
        <tr> 
            <td width=\"150\" class=\"label\">Email</td>
            <td class=\"content\"><input name\=\"txtEmail\" type=\"text\" class=\"box\" id=\"txtEmail\" size=\"30\" maxlength=\"50\"></td>
        </tr>
        <tr> 
            <td width=\"150\" class=\"label\">Password</td>
            <td class=\"content\"><input name=\"txtPassword\" type=\"password\" class=\"box\" id=\"txtPassword\" size=\"30\" maxlength=\"50\"></td>
        </tr>
    </table>
    <p>&nbsp;</p>    
      <table width=\"550\" border=\"0\" align=\"center\" cellpadding=\"5\" cellspacing=\"1\" class=\"entryTable\">
        <tr class=\"entryTableHeader\"> 
            <td colspan=\"2\">Shipping Information</td>
        </tr>
        <tr> 
            <td width=\"150\" class=\"label\">First Name</td>
            <td class=\"content\"><input name=\"txtShippingFirstName\" type=\"text\" class=\"box\" id=\"txtShippingFirstName\" size=\"30\" maxlength=\"50\"></td>
        </tr>
        <tr> 
            <td width=\"150\" class=\"label\">Last Name</td>
            <td class=\"content\"><input name=\"txtShippingLastName\" type=\"text\" class=\"box\" id=\"txtShippingLastName\" size=\"30\" maxlength=\"50\"></td>
        </tr>
        <tr> 
            <td width=\"150\" class=\"label\">Address1</td>
            <td class=\"content\"><input name=\"txtShippingAddress1\" type=\"text\" class=\"box\" id=\"txtShippingAddress1\" size=\"50\" maxlength=\"100\"></td>
        </tr>
        <tr> 
            <td width=\"150\" class=\"label\">Address2</td>
            <td class=\"content\"><input name=\"txtShippingAddress2\" type=\"text\" class=\"box\" id=\"txtShippingAddress2\" size=\"50\" maxlength=\"100\"></td>
        </tr>
        <tr> 
            <td width=\"150\" class=\"label\">Phone Number</td>
            <td class=\"content\"><input name=\"txtShippingPhone\" type=\"text\" class=\"box\" id=\"txtShippingPhone\" size=\"30\" maxlength=\"32\"></td>
        </tr>
        <tr> 
            <td width=\"150\" class=\"label\">Area</td>
            <td class=\"content\"><input name=\"txtShippingState\" type=\"text\" class=\"box\" id=\"txtShippingState\" size=\"30\" maxlength=\"32\"></td>
        </tr>
        <tr> 
            <td width=\"150\" class=\"label\">City</td>
            <td class=\"content\"><input name=\"txtShippingCity\" type=\"text\" class=\"box\" id=\"txtShippingCity\" size=\"30\" maxlength=\"32\"></td>
        </tr>
        <tr> 
            <td width=\"150\" class=\"label\">Post Code</td>
            <td class=\"content\"><input name=\"txtShippingPostalCode\" type=\"text\" class=\"box\" id=\"txtShippingPostalCode\" size=\"10\" maxlength=\"10\"></td>
        </tr>
    </table>
    <p>&nbsp;</p>
    <table width=\"550\" border=\"0\" align=\"center\" cellpadding=\"5\" cellspacing=\"1\" class=\"entryTable\">
        <tr class=\"entryTableHeader\"> 
            <td width=\"150\">Payment Information</td>
            <td><input type=\"checkbox\" name=\"chkSame\" id=\"chkSame\" value=\"checkbox\" onClick=\"setPaymentInfo(this.checked);\"> 
                <label for=\"chkSame\" style=\"cursor:pointer\">Same as shipping information</label></td>
        </tr>
        <tr> 
            <td width=\"150\" class=\"label\">First Name</td>
            <td class=\"content\"><input name=\"txtPaymentFirstName\" type=\"text\" class=\"box\" id=\"txtPaymentFirstName\" size=\"30\" maxlength=\"50\"></td>
        </tr>
        <tr> 
            <td width=\"150\" class=\"label\">Last Name</td>
            <td class=\"content\"><input name=\"txtPaymentLastName\" type=\"text\" class=\"box\" id=\"txtPaymentLastName\" size=\"30\" maxlength=\"50\"></td>
        </tr>
        <tr> 
            <td width=\"150\" class=\"label\">Address1</td>
            <td class=\"content\"><input name=\"txtPaymentAddress1\" type=\"text\" class=\"box\" id=\"txtPaymentAddress1\" size=\"50\" maxlength=\"100\"></td>
        </tr>
        <tr> 
            <td width=\"150\" class=\"label\">Address2</td>
            <td class=\"content\"><input name=\"txtPaymentAddress2\" type=\"text\" class=\"box\" id=\"txtPaymentAddress2\" size=\"50\" maxlength=\"100\"></td>
        </tr>
        <tr> 
            <td width=\"150\" class=\"label\">Phone Number</td>
            <td class=\"content\"><input name=\"txtPaymentPhone\" type=\"text\" class=\"box\" id=\"txtPaymentPhone\" size=\"30\" maxlength=\"32\"></td>
        </tr>
        <tr> 
            <td width=\"150\" class=\"label\">Area</td>
            <td class=\"content\"><input name=\"txtPaymentState\" type=\"text\" class=\"box\" id=\"txtPaymentState\" size=\"30\" maxlength=\"32\"></td>
        </tr>
        <tr> 
            <td width=\"150\" class=\"label\">City</td>
            <td class=\"content\"><input name=\"txtPaymentCity\" type=\"text\" class=\"box\" id=\"txtPaymentCity\" size=\"30\" maxlength=\"32\"></td>
        </tr>
        <tr> 
            <td width=\"150\" class=\"label\">Post Code</td>
            <td class=\"content\"><input name=\"txtPaymentPostalCode\" type=\"text\" class=\"box\" id=\"txtPaymentPostalCode\" size=\"10\" maxlength=\"10\"></td>
        </tr>
    </table>
    <p>&nbsp;</p>

    <p>&nbsp;</p>
    <p align=\"center\"> 
        <input class=\"box\" name=\"btnStep1\" type=\"submit\" id=\"btnStep1\" value=\"Proceed &gt;&gt;\">
    </p>
</form>" 
} else {
//connect to database
doDB();
//add records
$add_sql = "INSERT INTO tbl_customer (email) VALUES('".$_POST["txtEmail"]."')";
$add_sql = "INSERT INTO tbl_customer (password) VALUES('".$_POST["txtPassword"]."')";

$add_sql = "INSERT INTO tbl_customer (od_shipping_first_name) VALUES('".$_POST["txtShippingFirstName"]."')";
$add_sql = "INSERT INTO tbl_customer (od_shipping_last_name) VALUES('".$_POST["txtShippingLastName"]."')";
$add_sql = "INSERT INTO tbl_customer (od_shipping_address1) VALUES('".$_POST["txtShippingAddress1"]."')";
$add_sql = "INSERT INTO tbl_customer (od_shipping_address2) VALUES('".$_POST["txtShippingPhone"]."')";
$add_sql = "INSERT INTO tbl_customer (od_shipping_phone) VALUES('".$_POST["txtShippingState"]."')";
$add_sql = "INSERT INTO tbl_customer (od_shipping_city) VALUES('".$_POST["txtShippingCity"]."')";
$add_sql = "INSERT INTO tbl_customer (od_shipping_state) VALUES('".$_POST["txtShippingState"]."')";
$add_sql = "INSERT INTO tbl_customer (od_shipping_postal_code) VALUES('".$_POST["txtShippingPostalCode"]."')";

$add_sql = "INSERT INTO tbl_customer (od_payment_first_name) VALUES('".$_POST["txtPaymentFirstName"]."')";
$add_sql = "INSERT INTO tbl_customer (od_payment_last_name) VALUES('".$_POST["txtPaymentLastName"]."')";
$add_sql = "INSERT INTO tbl_customer (od_payment_address1) VALUES('".$_POST["txtPaymentAddress1"]."')";
$add_sql = "INSERT INTO tbl_customer (od_payment_address2) VALUES('".$_POST["txtPaymentPhone"]."')";
$add_sql = "INSERT INTO tbl_customer (od_payment_phone) VALUES('".$_POST["txtPaymentState"]."')";
$add_sql = "INSERT INTO tbl_customer (od_payment_city) VALUES('".$_POST["txtPaymentCity"]."')";
$add_sql = "INSERT INTO tbl_customer (od_payment_state) VALUES('".$_POST["txtPaymentState"]."')";
$add_sql = "INSERT INTO tbl_customer (od_payment_postal_code) VALUES('".$_POST["txtPaymentPostalCode"]."')";


$add_res = mysqli_query($mysqli, $add_sql) or die(mysqli_error($mysqli));
$display_block = "<p>Thanks for signing up!</p>";
}
?>

Hello,

I'm working on a register script, and basically I would like the user to repeat their password. And I would like PHP to compare the to passwords, and if they both match then it continues, whereas if they don't match it calls an error. Here is what I have so far:

Form:
Consists  of 2 text fields - subpass, and subconfirmpass

PHP:
$field = "subpass";
  if(!$subpass == $subconfirmpass){
  $form->setError($field, "* Passwords do not match");
  }

$field is referring to the text fields in where the user inputs their password
$form is keeping track of errors in user submitted forms and the form field values that were entered correctly.

I would appreciate your help,

Thanks 

Hi guys I am working on adding a third party php members register and login into a clients web site but every time I try the regidter page is shows me this error message.
 
Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'username'@'localhost' (using password: YES) in /home/cpassoc2/public_html/register-exec.php on line 15
Failed to connect to server: Access denied for user 'username'@'localhost' (using password: YES)

This is what i have in the config.php page.
<?php
   define('DB_HOST', 'localhost');
    define('DB_USER', 'cpassoc2-memark');
    define('DB_PASSWORD', '?????????');  password replaced
    define('DB_DATABASE', 'cpassoc2-me');
?>
I have set up the my SQL within the control panel of the site, So do i need to do any thing else???, what am i missing???.

Mark.....

I am trying to use the new way of validating the entered email in a register form.

Code: [Select]
/* REGISTER FORM */
// check if submit button has been clicked
if (isset($_POST['submit_signup'])) {

// process and assign variables after post submit button has been clicked
$user_email = strip_tags(trim($_POST['email']));
$user_email             = filter_var($user_email, FILTER_VALIDATE_EMAIL);

$nickname = strip_tags(trim($_POST['nickname']));
$password = $_POST['password'];
$repassword = $_POST['repassword'];
$month = $_REQUEST['month'];
$day = $_REQUEST['day'];
$year = $_REQUEST['year'];
$dob = $year . "-" . $month . "-" . $day;
$find_us_question = strip_tags(trim($_POST['find_us_question']));

// connect to database
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

$check_query = "SELECT * FROM user WHERE nickname = '$nickname'";

$check_connect  = mysqli_query($dbc, $check_query) or die(mysqli_error($dbc));

$check_count =  mysqli_num_rows($check_connect);

       
       
       
        // Check if the email exists twice
       
        $query_get = "SELECT email FROM user WHERE email = '$user_email'";

        $query_run = mysqli_query($dbc, $query_get);

        $num_rows = mysqli_num_rows($query_run);
       
       
       
       
       
       
       
// check if username is already taken
if ($check_count != 0) {
echo "Username already exists!";
           
               
        } elseif ($num_rows != 0) {
           
            echo "This email address is already registered in the database, you can not register it twice.";
           
           
// check if fields are empty
} elseif (empty($user_email) || empty($nickname) || empty($password) || empty($day) || empty($month) || empty($year)) {
echo "Please fill out all the fields!";

// check char length of input data
} elseif (strlen($nickname) > 30 || strlen($user_email) > 50) {
echo "Maximum allowed character length for nickname/firstname/lastname are 30 characters!";

// check password char length
} elseif (strlen($password) > 25 || strlen($password) < 6) {
echo "Your password must be between 6 and 25 characters!";

// check if passwords match with each other
} elseif ($password != $repassword) {
echo "Please make sure your passwords are matching!";

} else {
// encrypt password
$password = sha1($password);
I would like to implement now an error message stating something along the lines that the entered email address is not valid, how would I have to do the if statement to check the condition?

hi

i need help an idea how can i separate members from admins
since i dont know how to create login form i used tutorial ( http://www.youtube.com/watch?v=4oSCuEtxRK8 )   (its session login form only that i made it work other tutorials wre too old or something)
how what i want to do is separate members and admins because admin need more rights to do
now i have idea but dont know will it work like that
what i want to do is create additional row in table named it flag and create 0 (inactive user) 1 (member) 2 (admin) will that work?
and how can i create different navigation bars for users and admins? do you recommend that i use different folders to create it or just script based on session and flag?

I'm not sure why, but once I added a search form in my nav menu, it made my other forms on the website such as login and signup form take them to where the search button would take them. any ideas???

User fills log in form on another page, but is then presented with "Your username cannot be found or password doesnt match" untill they press F5.... any ideas anyone?
Code: [Select]

<?php
mysql_connect("localhost","ambroid_mike","347610");
@mysql_select_db("ambroid_findapart") or die( "Unable to select database");

$user = $_POST['user'];
$pass = $_POST['pass'];

$mysqluser = ereg_replace("_", "\_", $user);
$query = "SELECT password FROM users WHERE username LIKE BINARY '$mysqluser'";
$result = mysql_query($query) or die("Error: ".mysql_error());
$row = mysql_fetch_array($result, MYSQL_NUM);
$foundpass = $row[0];


if ($foundpass == $pass) {
setcookie("FAPusername", $user);
setcookie("FAPpassword", sha1($foundpass));
$user = $_COOKIE['FAPusername'];
$pass = $_COOKIE['FAPpassword'];
}

$query = "SELECT * FROM users WHERE username='$user'";
$result = mysql_query($query) or die("Error: ".mysql_error());
$info = array();
$info = mysql_fetch_array($result, MYSQL_NUM);
$original = array();
$original = $info;

if (sha1($info[2]) != $pass) {
    mysql_close();
    die("<br><br><center><body bgcolor='#FFFFFF'><b><font face='Verdana' size='2pt'>Your username cannot be found or password doesnt match</font></b></center></body></html>");
}

?>

Hi guys,

I'm currently in the process of creating a login form. I'm using PHP to check a simple text file called 'users.txt' for the username and password which has been entered in the form.

If the username and password are NOT in the 'users.txt' file, it will create them on a new line.
Like so:

Users.txt
Code: [Select]
ExampleUser,ExamplePass\n
Marc,password
Craig,password
John,password

Once I try to log into an account which is NOT there, it will create an account underneath. So if I try to log in with username as "Matthew" and password as "password" it will show like so:

Code: [Select]
ExampleUser,ExamplePass\n
Marc,password
Craig,password
John,password
Matthew,password

Hoping this makes sense so far, all of the above works.
However when I click back, to go back onto the login form, I try to log in with one of the usernames/passwords in the 'users.txt' file, and it will create the exact same user on a new line, so I have 2 of the same usernames/passwords.

What I want it to do it, if the username is in the 'users.txt' file, for it to display a message saying "Congratulations you're logged in".

Here is the code for the PHP login page.

P4 LoginScriptFile.php
Code: [Select]
<?php
//This checks for required fields from the form.
if ((!$_POST[username]) || (!$_POST[password]))
{
header("Location: P4 LoginForm.php");
exit;
}

//This reads values from the form.
$form_user = $_POST[username];
$form_password = $_POST[password];

$flag = FALSE;
$filename = "users.txt";
$fp = fopen( $filename, "r" ) or die ("Couldn't open $filename");
while ( ! feof( $fp ) ) {
$line = fgets( $fp);
$user = strtok($line, ","); //Username
$password = strtok(","); //Password
if (($form_user == $user) && ($form_password == $password)) 
{
$flag = TRUE;
}
}

if ($flag)
{
echo "<br>Congratulations, you're logged in";
}

else{
$filename = "users.txt";
$updateuser = $_POST ['username'];
$updatepass = $_POST ['password'];

$fp = fopen( $filename, "a" ) or die("Couldn't open $filename");
fwrite( $fp, "$updateuser,$updatepass\n") or die ("Couldn't write values to your file!");
fclose( $fp );
echo "<br>An account has been created for you!";
}
?>

I think what I need is to read the file once the new user has been created. Any help would be greatly appreciated.
Thanks in advance for any help.
gixxx

Hello, guys i hope you will help me with this cause i'm a complete newbie.
First 2 words about the goal :
I want to make a PHP script to autologin in one webpage and to get statistics in every 2 minutes. The account is mine so i dont want to scam or anything , just want to automate it cause this info i need in realtime, and refreshed often.
The page login page code looks like this :

Code: [Select]
<dl>
                    <dt>Username:</dt>
                    <dd><input type="text" name="user" size="20" value="" class="input_text" /></dd>
                    <dt>Password:</dt>
                    <dd><input type="password" name="passwrd" value="" size="20" class="input_password" /></dd>
                </dl>
                <dl>
                    <dt>Minutes to stay logged in:</dt>

                    <dd><input type="text" name="cookielength" size="4" maxlength="4" value="60" class="input_text" /></dd>
                    <dt>Always stay logged in:</dt>
                    <dd><input type="checkbox" name="cookieneverexp" class="input_check" onclick="this.form.cookielength.disabled = this.checked;" /></dd>
                </dl>
                <p><input type="submit" value="Login" class="button_submit" /></p>
and i try login like that :



Code: [Select]
$_login_url = 'URL of the login'; // url to login :)
$_user = 'myusername'; // username for login
$_pass = 'mypass'; // password..
$start = microtime(true);
    file_get_contents(
    $_login_url,
    false,
    stream_context_create(
        array(
          'http' => array(
            'method'  => 'POST',
            'header'  => 'Content-type: application/x-www-form-urlencoded',
            'content' => http_build_query(
            array(
                'user' => $_user,
                'passwrd' => $_pass,
                'cookielength' => '-1',
    //what here ???? 'Login',
               &nbsp;)
              ),
            )
          )
        )
    );
   
      $search['from'] = 'Set-Cookie: ';
      $search['to'] = ';';
      $cookie = array();
//the problem is that i cant login to go to the statistics page, cause site requires login for view.

Right I'm going to try and explain what i'm trying to do and i'll post the code i have at the bottom.  Whatever I do I seem to get a new error and I can't get any closer to getting the script right!!!  I give up myself.  There's only so much one man can take!!!!!!!

I have a database with two table.   

Members
owners

Both tables have the same fields for the login section!
username
password (stored in md5 format)
access_level


Now I'm trying to make a script that selects both tables and finds the username.  then checks that the md5 of the password entered into the field is equal to the stored md5 password in the database.

if details are correct it sends the person to the correct page while updating a table called mem_logins with the email of the user loging in as a feild along with the time,
If there is no account at all it sends them to the create account page,
if the access level is equal to 1 or 50 it sends them to the check_email.php

Now I'm very new to php and therefore have most certainly written the script wrong.  I have been tryig to sort the errors for days and now, have given up.  Can anyone help?  Here is the code as it stands and at the minute im getting this error.....

mysql_num_rows(): supplied argument is not a valid MySQL result resource in site on line 11

<?php
include('Connections/YA1.php');
session_start();

?>
<?php
if(isset($_POST['submit3'])) {

$qCheckUserInfo = "SELECT * FROM Members, owners WHERE username='".mysql_real_escape_string($_POST['username3'])."'";
$rCheckUserInfo = mysql_query($qCheckUserInfo);
$numUsers = mysql_num_rows($rCheckUserInfo);

if($numUsers == 0) {
$message = "Incorrect login details";
$success = 0;
}
else {
$userInfo = mysql_fetch_array($rCheckUserInfo);
$password = $userInfo['password'];
$email = $userInfo ['email'];
if($password == md5($_POST['password3'])) {
$success = 1;
$_SESSION['logged'] = 1;
$_SESSION['club_id'] = $userInfo['club_id'];
$_SESSION['username'] = $userInfo['username'];
$today = date("Y-m-d h:m:s");




if($_SESSION['access_level'] == 1) {

 $sql = "INSERT INTO mem_logins `email`, `login` VALUES ('$email','$today')";
 mysql_query($sql) or die ("could not execute insert.");
 
header('Location: check_email.php');
}
else if($_SESSION['access_level'] == 2) {
 $sql = "INSERT INTO mem_logins `email`, `login` VALUES ('$email','$today')";
 mysql_query($sql) or die ("could not execute insert.");
 
header('Location: members/index.php');
}
else if($_SESSION['access_level'] ==50) {
 $sql = "INSERT INTO mem_logins `email`, `login` VALUES ('$email','$today')";
 mysql_query($sql) or die ("could not execute insert.");
 
header('Location: check_email.php');
}
else if($_SESSION['access_level'] == 51) {
  $sql = "INSERT INTO mem_logins `email`, `login` VALUES ('$email','$today')";
 mysql_query($sql) or die ("could not execute insert.");
 
header('Location: clubs/index.php');
}
else if($_SESSION['access_level'] == 99) {
  $sql = "INSERT INTO mem_logins `email`, `login` VALUES ('$email','$today')";
 mysql_query($sql) or die ("could not execute insert.");
 
header('Location: admin/D/index.php');
}
}
else {
$message = "Incorrect login details";
$success = 0;
}
}

}
?>

<body>
<div id="wrapper">
<div id="title_box">
  <div id="logo"><img src="image/your_arena.jpg" /></div>
  <div id="login_box">
  <?php if($success==0) {
echo $message;
}
else {
echo '&nbsp;';
} ?>
              <?php
if($success != 1 && !($_SESSION['logged'])) {
?><?php

?>
  <form   METHOD="POST" name="login_form" class="black_text" id="login_form">
  <table width="252" border="0" align="right" cellpadding="0" cellspacing="5" id="login_tab">
  <tr>
    <td width="84"><div align="left">Username:</div></td>
    <td><input name="username3" type="text" class="form_fields" value="<?php echo $_POST['username3']; ?>" id="username3" tabindex="1" /></td>
  </tr>
  <tr>
    <td><div align="left">Password:</div></td>
    <td><input name="password3" type="password" class="form_fields" id="password3" tabindex="2" /></td>
  </tr>
  <tr>
    <td colspan="2"></td>
    </tr>
  <tr>
    <td colspan="2" class="forgotten_pass"><div align="right">Forgotten your password?</div></td>
  </tr>
  <tr>
    <td height="24"><div align="left"></div></td>
    <td><div align="right">
      <input name="submit3" type="submit" id="submit3" tabindex="3" value="Login" />
    </div></td>
  </tr>
</table>

   <?php
} //end fail if
?>
  </form>
  </div>
</div>
<?php include('nav.php');?>


<div id="test">main page </div>

<?php include('footer.php');?>
</div>
</body>
</html>

I must be losing my marbles on this one:

I have a standard login form that queries my MySQL database for user info, but the problem doesn't even get that far.

Here's the form:
Code: [Select]
<div id="login_form">
<form action="access/" method="post">
<input type="text" name="username" class="username" /><br>
<input type="password" name="password" class="password" /><br>
<input type="submit" class="submit" value="">
</form>
</div>

Then the backend:

<?php
    echo '<pre>';
    print_r($_POST);
    echo '</pre>';

    //The rest of the validation is beyond here...
?>


Lets say in the db I have username = 'test' and password = 'test1234', when I enter the correct username and password the POST array displays blank:
Code: [Select]
array
 (
)

So then, I enter another entry, lets say I enter username = 'test' and password = 'test2468', but the mysql stays the same:
I get this:
Code: [Select]
array(
    [username] => test
    [password] => test2468
}

So then, because at this point i'm 98% sure i've lost my mind I go in and change the password in the DB to match the new entry.
So now mysql db says username = 'test' and password = 'test2468'
I try using that info again and voila:
Code: [Select]
array
(
)

Has anyone run into something similar to this, the info is not interacting with the database in any way at this point, yet it seems to be affecting it.

Thanks for any help you can offer, and for not thinking i'm crazy

E