Index
 |
Step By Step: Login System | ||
Discussion by Impious with 6 Replies.
Last Update: July 31, 2007, 6:39 am | |||
 |
|||
Making a simple login system. (Step by step)
Creating the configuration file:
1st Step - Open the notepad. After puting the tag "<?php"(without quotes) write this:
$user = 'USER NAME OF YOUR MYSQL ACCOUNT';
$pass = 'PASSWORD OF YOUR MYSQL ACCOUNT';
$link = mysql_connect($server,$user,$pass);
$base = 'DATABASE NAME';
$table = 'TABLE NAME';
2nd Step - close the php code with: "?>"
3rd Step - save the file with the name "config.php"
Creating the database installation file:
1st Step - Open the notepad. After puting the tag "<?php"(without quotes) write this:
/* 02 */ mysql_select_db($base,$link);
/* 03 */ $install = mysql_query("
/* 04 */ CREATE TABLE $table (
/* 05 */ id int(255) NOT NULL auto_increment,
/* 06 */ login varchar(200) NOT NULL default '',
/* 07 */ password varchar(200) NOT NULL default '',
/* 08 */ email varchar(200) NOT NULL default '',
/* 09 */ date DATE NOT NULL default '0000-00-00',
/* 10 */ time TIME NOT NULL default '00:00:00',
/* 11 */ PRIMARY KEY (id)
/* 12 */ ) TYPE=MyISAM;") or die("Wrong to create: $table <br>".mysql_error());
/* 13 */ $insertTest=mysql_query("INSERT INTO $table (id,login,password,email,date,time) VALUES
('','test','dGVzdGU=','t-traders@hotmail.com','2007/07/05','14:04:23')");
if($install)
{
/* 14 */ print("Instalation complete! Destroy the file install.php to the system run perfectly!");
}
else
{
/* 15 */ print("Error! Verify if the file config.php is configured!");
}
?>
Explanation
line____________explanation
01 request the configuration file(config.php)
02 mysql command: open the database (DATABASE NAME, mysql_connect('YOUR MYSQL SERVER','YOUR MYSQL ACCOUNT NAME','YOUR MYSQL PASSWORD');
03 all variables starts with '$' on php, thats a example of one($install)
04 mysql command: create a table on mysql database with the name 'TABLE NAME' ($table)
05 mysql command: insert a field with the name: "id", this is using the auto_increment option, this auto complete the field when added any base
06 mysql command: insert a login field
07 mysql command: insert a password field
08 mysql command: insert a email field
09 mysql command: insert a date field with '0000-00-00' as default
10 mysql command: insert a time field with '00:00:00' as default
11 mysql command: set "id' as primary key of the table
12 mysql command: if have anything wrong and it cant add a table to the database this write the msg with the error
13 mysql command: insert test bases
14 if the script runs OK the msg "Instalation complete! Destroy the file install.php to the system run perfectly!" is show
15 if this not work shows the msg "Error! Verify if the file config.php is configured!"
2nd Step - Save the file with the name: install.php
3rd Step - Upload the files: config.php and install.php . Execute the install.php.
4th Step - Delete the file "install.php".
Creating the Registration Form:
1st Step - Create a table like this:
$m is the varible that shows the error message like: "Invalid E-mail"
$loginvalue is the value of the gap "login"(its for when anything is wrong the user dont have to write all gaps again
$emailvalue is like the loginvalue
$code is a random code antibots
the table contains a login gap; a password gap; an e-mail gap and an antibot gap
/* 02 */ <form action="register.php" method="post">
<tbody>
/* 03 */ <tr>
/* 04 */ <font color="#ff0000" size="2"><strong><?= $m ?></strong></font>
/* 05 */ </tr>
<tr>
<td style="width: 60px;">Login:</td>
/* 06 */ <td style="width: 649px;"><input name="login" type="text" value="<?= $loginvalue ?>"></td>
</tr>
<tr>
<td style="width: 60px;">Password:</td>
/* 07 */ <td style="width: 649px;"><input name="password" type="password"></td>
</tr>
<tr>
<td style="width: 60px;">Email:</td>
/* 08 */ <td style="width: 649px;"><input name="email" type="text" value="<?= $emailvalue ?>"></td>
</tr>
<tr>
<td style="width: 60px;">Code:</td>
<td style="width: 649px;">
/* 09 */ <font color="#6633cc" face="Tahoma" size="2"><strong><?= $code ?></strong></font><font color="#6633cc" face="Tahoma" size="2">
<input name="code" size="4" maxlength="4" type="text"></font></td>
</tr>
<tr>
<td style="width: 60px;"> <input name="correct_code" value="<?= $code ?>" type="hidden">
/* 10 */ <input name="Submit" value="Submit!" type="submit"></td>
<td style="width: 649px;"></td>
</tr>
</tbody>
/* 11 */ </form>
/* 12 */</table>
Explanation
line____________explanation
01 open a table with this characteristics: align text on left, width size = 100% of the page, none border, cellpadding or cellspacing
02 open a form thats send informations to register.php with the post method
03 <tr> represents rows
04 show the error msg, if exists
05 close this row
06 <td> represents cols, on this col have a login gap with text type
07 password gap, password type is those that transform all character in **************
08 email gap
09 shows the generated random code(antibot system)
10 submit the of information of this gaps to register.php
11 close this form
12 close this table
2nd Step - placing the table on php code:
Create a file and rename to index.php. Place this:
srand((double)microtime()*1000000);
/* 01 */$code=rand(1000, 5000);
/* 02 */$msg = $_GET['msg'];
/* 03 */$m=base64_decode($msg);
/* 04 */$evalue = $_GET['evalue'];
/* 05 */$lvalue = $_GET['lvalue'];
/* 06 */$emailvalue=base64_decode($evalue);
/* 07 */$loginvalue=base64_decode($lvalue);
?>
/* 08 */ <table style="text-align: left; width: 100%;" border="0" cellpadding="0" cellspacing="0">
/* 09 */ <form action="register.php" method="post">
<tbody>
/* 10 */ <tr>
/* 11 */ <font color="#ff0000" size="2"><strong><?= $m ?></strong></font>
/* 12 */ </tr>
<tr>
/* 13 */ <td style="width: 60px;">Login:</td>
/* 14 */ <td style="width: 649px;"><input name="login" type="text" value="<?= $loginvalue ?>"></td>
</tr>
<tr>
/* 15 */ <td style="width: 60px;">Password:</td>
/* 16 */ <td style="width: 649px;"><input name="password" type="password"></td>
</tr>
<tr>
/* 17 */ <td style="width: 60px;">Email:</td>
/* 18 */ <td style="width: 649px;"><input name="email"
type="text" value="<?= $emailvalue ?>"></td>
</tr>
<tr>
/* 19 */ <td style="width: 60px;">Code:</td>
<td style="width: 649px;">
/* 20 */ <font color="#6633cc" face="Tahoma" size="2"><strong><?= $code ?></strong></font><font color="#6633cc" face="Tahoma" size="2">
/* 21 */ <input name="code" size="4" maxlength="4" type="text"></font></td>
</tr>
<tr>
/* 22 */ <td style="width: 60px;"> <input name="correct_code" value="<?= $code ?>" type="hidden">
/* 23 */ <input name="Submit" value="Submit!" type="submit"></td>
<td style="width: 649px;"></td>
</tr>
</tbody>
/* 24 */ </form>
/* 25 */</table>
Explanation
line____________explanation
01 defines a variable with a code randomized between 1000 and 5000. thats for the antibot system
02 $_GET[] is a sintax that get a information in GET method, thats spefied by the clasps inside. in this example this gets the information sent by 'msg'.
03 base64_decode() decodes values encodeds using base64[to encode use base64_encode()] this decodes the information sent by form with GET method, got by $msg
04 $_GET[] is a sintax that get a information in GET method, thats spefied by the clasps inside. in this example this gets the information sent by 'evalue'.
05 $_GET[] is a sintax that get a information in GET method, thats spefied by the clasps inside. in this example this gets the information sent by 'lvalue'.
06 base64_decode() decodes values encodeds using base64[to encode use base64_encode()] this decodes the information sent by form with GET method, got by $evalue
07 base64_decode() decodes values encodeds using base64[to encode use base64_encode()] this decodes the information sent by form with GET method, got by $lvalue
08 open a table with this characteristics: align text on left, width size = 100% of the page, none border, cellpadding or cellspacing
09 open a form thats send informations to register.php with the post method
10 <tr> represents rows
11 show the error msg, if exists
12 close this row
13 thats the label(login:) for the input <input name="login" type="text" value="<?= $loginvalue ?>">
14 login gap.. the value is to when have any error this returns to this forms and show the information previously typed.. thir shows the login typed.. got by $_GET['lvalue'] and decoded by $loginvalue=base64_decode($lvalue); (7th line)
15 "password:" label for the input: <input name="password" type="password">
16 password gaps (with the type: password, thats transforms all characters in ***********)
17 "email:" for <input name="email" type="text" value="<?= $emailvalue ?>">
18 email gap.. the value is to when have any error this returns to this forms and show the information previously typed.. thir shows the email typed.. got by $_GET['evalue'] and decoded by $emailvalue=base64_decode($evalue); (8th line)
19 "code:" label for <?= $code ?> and <input name="code" size="4" maxlength="4" type="text">
20 shows the code randomized for antibot system.. with #6633cc color, Tahoma face and size 2
21 thats the gap to the user type the code showed before
22 sends the correct code, to compare with the code typed
23 submit gap, sends all this information typed by the user
24 close this form
25 close this table
Save this file.
3rd Step - Validating the antibot code. Create a document with the name "register.php" and place this:
$login = $_POST['login']; /* geting the login */
$password = $_POST['password']; /* geting the password */
$code = $_POST['code']; /* geting the code */
$email = $_POST['email']; /* geting the email */
$correct_code = $_POST['correct_code']; /* geting the correct code */
if(!empty($code)){ /* looking if the code was written */
/* looking if the code is correct */
if($code == $correct_code){
$l = base64_encode($login);
$s = base64_encode($password);
$e = base64_encode($email);
header("Location: register2.php?l=$l&s=$s&e=$e"); /* here the code is right and the registration is being redirecting */
}
else{
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
$m = base64_encode("Invalid Code!");
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");}
}else{
$m = base64_encode("Write the code!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
}
?>
4th Step - Filtering the informations. Create a file with the name "register2.php" and write this:
include ("config.php");
mysql_select_db($base,$link);
$e = $_GET['e'];
$l = $_GET['l'];
$s = $_GET['s'];
$email = base64_decode($e);
$login = base64_decode($l);
$password = base64_decode($s);
$pattern2 = "([0-9_A-Z_a-z])+[-_,_._>_<_~_^_/_?_°_\_|_!_¹_²_³_£_¢_¬_§_º_@_#_%_¨_&_*_+_}_*_'_]";
/* filtering characters on login */
if(ereg($pattern2,$login) == true)
{
$m = base64_encode("Login contains invalid characters!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
$pattern2 = "([0-9_A-Z_a-z])+[-_,_._>_<_~_^_/_?_°_\_|_!_¹_²_³_£_¢_¬_§_º_@_#_%_¨_&_*_+_}_*_'_]";
/* filtering characters on password */
if(ereg($pattern2,$password) == true)
{
$m = base64_encode("Password contains invalid characters!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
$pattern3 = "([0-9_A-Z_a-z])+[,><~^/?°\|!¹²³£¢¬§º#%¨&*+}*']";
/* filtering characters on email */
if(ereg($pattern3,$email) == true)
{
$m = base64_encode("E-mail contains invalid characters!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
/* looking if e-mail is valid */
if (!(strpos($email,"@")) OR strpos($email,"@") != strrpos($email,"@"))
{
$m = base64_encode("Invalid E-mail!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
/* looking if the password have more than 6 characters */
if(strlen($password) < 6)
{
$m = base64_encode("Your password must contain at least 6 characters !");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
/* looking if the password have more than 3 characters */
if(strlen($login) < 3)
{
$m = base64_encode("Your login must contain at least 6 characters !");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
$sql=mysql_query("SELECT login FROM $table WHERE login='$login'");
/* looking if the login exists */
if(mysql_num_rows($sql)>0){
$m = base64_encode("Existing user!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
$sql1=mysql_query("SELECT login FROM $table WHERE email='$email'");
/* looking if the email exists */
if(mysql_num_rows($sql)>0){
$m = base64_encode("Registered email already!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
else{
$c_password1= base64_encode($password);
$date= date("Y/m/d");
$hour= date("H:i:s");
mysql_query("
INSERT INTO `$table` ( `id` , `login` , `password` , `email` , `date` , `time` )
VALUES (
'', '$login', '$c_password1', '$email', '$date', '$hour'
)") OR die("Error at open database!");
$m = base64_encode("Registration completed. Now you can log in!");
header("Location: login.php?msg=$m");
exit;
}
mysql_close($link);
?>
Creating a Login form:
1st Step: Create a file with this name: login.php, and write this:
include ("config.php");
$msg = $_GET['msg'];
$m = base64_decode("$msg");
$lvalue = $_GET['lvalue'];
$loginvalue = base64_decode("$lvalue");
$loginenc = base64_encode("login");
$passwordenc = base64_encode("password");
$login1 = @$_COOKIE['$loginenc'];
$password1 = @$_COOKIE['$passwordenc'];
$logout = base64_encode("logout");
mysql_select_db($base,$link);
$sql5 = "SELECT * FROM $table WHERE login='$login1'";
$result = mysql_query($sql5);
$row = mysql_fetch_assoc($result);
$get_login = $row['login'];
$v_password = $row['password'];
$get_password = base64_decode("$v_password");
$sql1=mysql_query("SELECT login FROM $table WHERE login='$login1'");
/* verifying if the user is already log in */
if(mysql_num_rows($sql1)>0){
if($password1 == $get_password && $get_login == $login1){
?> <center>Welcome, <?= $login1 ?><a href="login2.php?action=<?= $logout ?>"> Logout</a><br><br> put here the user page <?
exit;
}
}
/* if the user arent logged in, open the login form */
else{
?>
<table align="center" style="text-align: center;" border="0"
cellpadding="0" cellspacing="0">
<form action="login2.php?action=<?= $loginenc ?>" method="post">
<tbody>
<tr>
<td colspan="2" rowspan="1"><font color="#CC0033" size="2"><strong>
<?= $m ?><br><br></strong></td>
</tr>
<tr>
<td style="width: 60px;">Login:</td>
<td><input class=field name="login" type="text" value="<?= $loginvalue ?>"></td>
</tr>
<tr>
<td style="width: 60px;">Password:</td>
<td><input class=field name="password" type="password"></td>
</tr>
<tr>
<td style="width: 60px;"></td>
<td><input class=bottom name="Submit" value="Log in!" type="submit"></td>
</tr>
</tbody>
</table>
</form>
<?
}
mysql_close($link);
?>
2nd Step: Create a file with the name: login2.php, and write this:
include ("config.php");
$get_login = $_POST['login'];
$get_password = $_POST['password'];
$get_action = $_GET['action'];
$loginenc = base64_encode("login");
$passwordenc = base64_encode("password");
mysql_select_db($base,$link);
$sql5 = "SELECT * FROM $table WHERE login='$get_login'";
$result = mysql_query($sql5);
$row = mysql_fetch_assoc($result);
$ver_login = $row['login'];
$v_password = $row['password'];
$get_password2 = base64_decode("$v_password");
/* loging out */
$logout = base64_encode("logout");
if($get_action == $logout){
setcookie('$loginenc',00);
setcookie('$passwordenc',00);
header('Location: login.php');
}
if($get_action == $loginenc){
$pattern2 = "([0-9_A-Z_a-z])+[-_,_._>_<_~_^_/_?_°_\_|_!_¹_²_³_£_¢_¬_§_º_@_#_%_¨_&_*_+_}_*_'_]";
if(ereg($pattern2,$get_login) == true || ereg($pattern2,$get_password) == true)
{
$m = base64_encode("Login ou password incorreto!");
header("Location: login.php?msg=$m");
exit;
}
/* if the password is valid to this login set a cookie with this information */
if($get_password2 == $get_password){
setcookie('$loginenc',$get_login);
setcookie('$passwordenc',$get_password);
header("Location: login.php");
exit;
}
else{
$m = base64_encode("Login ou password incorreto!");
header("Location: login.php?msg=$m");
}
}
mysql_free_result($result);
mysql_close($link);
?>
Finishing: up this files and test the system.
Sorry if anything is wrong or incomplete, this is my first tutorial.. if anything is wrong please post here and if is possible with the fix xD
Yours Impious
Creating the configuration file:
1st Step - Open the notepad. After puting the tag "<?php"(without quotes) write this:
CODE
$server = 'PUT HERE THE URL OF YOUR MYSQL SERVER';$user = 'USER NAME OF YOUR MYSQL ACCOUNT';
$pass = 'PASSWORD OF YOUR MYSQL ACCOUNT';
$link = mysql_connect($server,$user,$pass);
$base = 'DATABASE NAME';
$table = 'TABLE NAME';
2nd Step - close the php code with: "?>"
3rd Step - save the file with the name "config.php"
Creating the database installation file:
1st Step - Open the notepad. After puting the tag "<?php"(without quotes) write this:
CODE
/* 01 */ include ("config.php");/* 02 */ mysql_select_db($base,$link);
/* 03 */ $install = mysql_query("
/* 04 */ CREATE TABLE $table (
/* 05 */ id int(255) NOT NULL auto_increment,
/* 06 */ login varchar(200) NOT NULL default '',
/* 07 */ password varchar(200) NOT NULL default '',
/* 08 */ email varchar(200) NOT NULL default '',
/* 09 */ date DATE NOT NULL default '0000-00-00',
/* 10 */ time TIME NOT NULL default '00:00:00',
/* 11 */ PRIMARY KEY (id)
/* 12 */ ) TYPE=MyISAM;") or die("Wrong to create: $table <br>".mysql_error());
/* 13 */ $insertTest=mysql_query("INSERT INTO $table (id,login,password,email,date,time) VALUES
('','test','dGVzdGU=','t-traders@hotmail.com','2007/07/05','14:04:23')");
if($install)
{
/* 14 */ print("Instalation complete! Destroy the file install.php to the system run perfectly!");
}
else
{
/* 15 */ print("Error! Verify if the file config.php is configured!");
}
?>
Explanation
line____________explanation
01 request the configuration file(config.php)
02 mysql command: open the database (DATABASE NAME, mysql_connect('YOUR MYSQL SERVER','YOUR MYSQL ACCOUNT NAME','YOUR MYSQL PASSWORD');
03 all variables starts with '$' on php, thats a example of one($install)
04 mysql command: create a table on mysql database with the name 'TABLE NAME' ($table)
05 mysql command: insert a field with the name: "id", this is using the auto_increment option, this auto complete the field when added any base
06 mysql command: insert a login field
07 mysql command: insert a password field
08 mysql command: insert a email field
09 mysql command: insert a date field with '0000-00-00' as default
10 mysql command: insert a time field with '00:00:00' as default
11 mysql command: set "id' as primary key of the table
12 mysql command: if have anything wrong and it cant add a table to the database this write the msg with the error
13 mysql command: insert test bases
14 if the script runs OK the msg "Instalation complete! Destroy the file install.php to the system run perfectly!" is show
15 if this not work shows the msg "Error! Verify if the file config.php is configured!"
2nd Step - Save the file with the name: install.php
3rd Step - Upload the files: config.php and install.php . Execute the install.php.
4th Step - Delete the file "install.php".
Creating the Registration Form:
1st Step - Create a table like this:
$m is the varible that shows the error message like: "Invalid E-mail"
$loginvalue is the value of the gap "login"(its for when anything is wrong the user dont have to write all gaps again
$emailvalue is like the loginvalue
$code is a random code antibots
the table contains a login gap; a password gap; an e-mail gap and an antibot gap
CODE
/* 01 */<table style="text-align: left; width: 100%;" border="0" cellpadding="0" cellspacing="0">/* 02 */ <form action="register.php" method="post">
<tbody>
/* 03 */ <tr>
/* 04 */ <font color="#ff0000" size="2"><strong><?= $m ?></strong></font>
/* 05 */ </tr>
<tr>
<td style="width: 60px;">Login:</td>
/* 06 */ <td style="width: 649px;"><input name="login" type="text" value="<?= $loginvalue ?>"></td>
</tr>
<tr>
<td style="width: 60px;">Password:</td>
/* 07 */ <td style="width: 649px;"><input name="password" type="password"></td>
</tr>
<tr>
<td style="width: 60px;">Email:</td>
/* 08 */ <td style="width: 649px;"><input name="email" type="text" value="<?= $emailvalue ?>"></td>
</tr>
<tr>
<td style="width: 60px;">Code:</td>
<td style="width: 649px;">
/* 09 */ <font color="#6633cc" face="Tahoma" size="2"><strong><?= $code ?></strong></font><font color="#6633cc" face="Tahoma" size="2">
<input name="code" size="4" maxlength="4" type="text"></font></td>
</tr>
<tr>
<td style="width: 60px;"> <input name="correct_code" value="<?= $code ?>" type="hidden">
/* 10 */ <input name="Submit" value="Submit!" type="submit"></td>
<td style="width: 649px;"></td>
</tr>
</tbody>
/* 11 */ </form>
/* 12 */</table>
Explanation
line____________explanation
01 open a table with this characteristics: align text on left, width size = 100% of the page, none border, cellpadding or cellspacing
02 open a form thats send informations to register.php with the post method
03 <tr> represents rows
04 show the error msg, if exists
05 close this row
06 <td> represents cols, on this col have a login gap with text type
07 password gap, password type is those that transform all character in **************
08 email gap
09 shows the generated random code(antibot system)
10 submit the of information of this gaps to register.php
11 close this form
12 close this table
2nd Step - placing the table on php code:
Create a file and rename to index.php. Place this:
CODE
<?phpsrand((double)microtime()*1000000);
/* 01 */$code=rand(1000, 5000);
/* 02 */$msg = $_GET['msg'];
/* 03 */$m=base64_decode($msg);
/* 04 */$evalue = $_GET['evalue'];
/* 05 */$lvalue = $_GET['lvalue'];
/* 06 */$emailvalue=base64_decode($evalue);
/* 07 */$loginvalue=base64_decode($lvalue);
?>
/* 08 */ <table style="text-align: left; width: 100%;" border="0" cellpadding="0" cellspacing="0">
/* 09 */ <form action="register.php" method="post">
<tbody>
/* 10 */ <tr>
/* 11 */ <font color="#ff0000" size="2"><strong><?= $m ?></strong></font>
/* 12 */ </tr>
<tr>
/* 13 */ <td style="width: 60px;">Login:</td>
/* 14 */ <td style="width: 649px;"><input name="login" type="text" value="<?= $loginvalue ?>"></td>
</tr>
<tr>
/* 15 */ <td style="width: 60px;">Password:</td>
/* 16 */ <td style="width: 649px;"><input name="password" type="password"></td>
</tr>
<tr>
/* 17 */ <td style="width: 60px;">Email:</td>
/* 18 */ <td style="width: 649px;"><input name="email"
type="text" value="<?= $emailvalue ?>"></td>
</tr>
<tr>
/* 19 */ <td style="width: 60px;">Code:</td>
<td style="width: 649px;">
/* 20 */ <font color="#6633cc" face="Tahoma" size="2"><strong><?= $code ?></strong></font><font color="#6633cc" face="Tahoma" size="2">
/* 21 */ <input name="code" size="4" maxlength="4" type="text"></font></td>
</tr>
<tr>
/* 22 */ <td style="width: 60px;"> <input name="correct_code" value="<?= $code ?>" type="hidden">
/* 23 */ <input name="Submit" value="Submit!" type="submit"></td>
<td style="width: 649px;"></td>
</tr>
</tbody>
/* 24 */ </form>
/* 25 */</table>
Explanation
line____________explanation
01 defines a variable with a code randomized between 1000 and 5000. thats for the antibot system
02 $_GET[] is a sintax that get a information in GET method, thats spefied by the clasps inside. in this example this gets the information sent by 'msg'.
03 base64_decode() decodes values encodeds using base64[to encode use base64_encode()] this decodes the information sent by form with GET method, got by $msg
04 $_GET[] is a sintax that get a information in GET method, thats spefied by the clasps inside. in this example this gets the information sent by 'evalue'.
05 $_GET[] is a sintax that get a information in GET method, thats spefied by the clasps inside. in this example this gets the information sent by 'lvalue'.
06 base64_decode() decodes values encodeds using base64[to encode use base64_encode()] this decodes the information sent by form with GET method, got by $evalue
07 base64_decode() decodes values encodeds using base64[to encode use base64_encode()] this decodes the information sent by form with GET method, got by $lvalue
08 open a table with this characteristics: align text on left, width size = 100% of the page, none border, cellpadding or cellspacing
09 open a form thats send informations to register.php with the post method
10 <tr> represents rows
11 show the error msg, if exists
12 close this row
13 thats the label(login:) for the input <input name="login" type="text" value="<?= $loginvalue ?>">
14 login gap.. the value is to when have any error this returns to this forms and show the information previously typed.. thir shows the login typed.. got by $_GET['lvalue'] and decoded by $loginvalue=base64_decode($lvalue); (7th line)
15 "password:" label for the input: <input name="password" type="password">
16 password gaps (with the type: password, thats transforms all characters in ***********)
17 "email:" for <input name="email" type="text" value="<?= $emailvalue ?>">
18 email gap.. the value is to when have any error this returns to this forms and show the information previously typed.. thir shows the email typed.. got by $_GET['evalue'] and decoded by $emailvalue=base64_decode($evalue); (8th line)
19 "code:" label for <?= $code ?> and <input name="code" size="4" maxlength="4" type="text">
20 shows the code randomized for antibot system.. with #6633cc color, Tahoma face and size 2
21 thats the gap to the user type the code showed before
22 sends the correct code, to compare with the code typed
23 submit gap, sends all this information typed by the user
24 close this form
25 close this table
Save this file.
3rd Step - Validating the antibot code. Create a document with the name "register.php" and place this:
CODE
<?php$login = $_POST['login']; /* geting the login */
$password = $_POST['password']; /* geting the password */
$code = $_POST['code']; /* geting the code */
$email = $_POST['email']; /* geting the email */
$correct_code = $_POST['correct_code']; /* geting the correct code */
if(!empty($code)){ /* looking if the code was written */
/* looking if the code is correct */
if($code == $correct_code){
$l = base64_encode($login);
$s = base64_encode($password);
$e = base64_encode($email);
header("Location: register2.php?l=$l&s=$s&e=$e"); /* here the code is right and the registration is being redirecting */
}
else{
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
$m = base64_encode("Invalid Code!");
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");}
}else{
$m = base64_encode("Write the code!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
}
?>
4th Step - Filtering the informations. Create a file with the name "register2.php" and write this:
CODE
<?phpinclude ("config.php");
mysql_select_db($base,$link);
$e = $_GET['e'];
$l = $_GET['l'];
$s = $_GET['s'];
$email = base64_decode($e);
$login = base64_decode($l);
$password = base64_decode($s);
$pattern2 = "([0-9_A-Z_a-z])+[-_,_._>_<_~_^_/_?_°_\_|_!_¹_²_³_£_¢_¬_§_º_@_#_%_¨_&_*_+_}_*_'_]";
/* filtering characters on login */
if(ereg($pattern2,$login) == true)
{
$m = base64_encode("Login contains invalid characters!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
$pattern2 = "([0-9_A-Z_a-z])+[-_,_._>_<_~_^_/_?_°_\_|_!_¹_²_³_£_¢_¬_§_º_@_#_%_¨_&_*_+_}_*_'_]";
/* filtering characters on password */
if(ereg($pattern2,$password) == true)
{
$m = base64_encode("Password contains invalid characters!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
$pattern3 = "([0-9_A-Z_a-z])+[,><~^/?°\|!¹²³£¢¬§º#%¨&*+}*']";
/* filtering characters on email */
if(ereg($pattern3,$email) == true)
{
$m = base64_encode("E-mail contains invalid characters!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
/* looking if e-mail is valid */
if (!(strpos($email,"@")) OR strpos($email,"@") != strrpos($email,"@"))
{
$m = base64_encode("Invalid E-mail!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
/* looking if the password have more than 6 characters */
if(strlen($password) < 6)
{
$m = base64_encode("Your password must contain at least 6 characters !");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
/* looking if the password have more than 3 characters */
if(strlen($login) < 3)
{
$m = base64_encode("Your login must contain at least 6 characters !");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
$sql=mysql_query("SELECT login FROM $table WHERE login='$login'");
/* looking if the login exists */
if(mysql_num_rows($sql)>0){
$m = base64_encode("Existing user!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
$sql1=mysql_query("SELECT login FROM $table WHERE email='$email'");
/* looking if the email exists */
if(mysql_num_rows($sql)>0){
$m = base64_encode("Registered email already!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
else{
$c_password1= base64_encode($password);
$date= date("Y/m/d");
$hour= date("H:i:s");
mysql_query("
INSERT INTO `$table` ( `id` , `login` , `password` , `email` , `date` , `time` )
VALUES (
'', '$login', '$c_password1', '$email', '$date', '$hour'
)") OR die("Error at open database!");
$m = base64_encode("Registration completed. Now you can log in!");
header("Location: login.php?msg=$m");
exit;
}
mysql_close($link);
?>
Creating a Login form:
1st Step: Create a file with this name: login.php, and write this:
CODE
<?phpinclude ("config.php");
$msg = $_GET['msg'];
$m = base64_decode("$msg");
$lvalue = $_GET['lvalue'];
$loginvalue = base64_decode("$lvalue");
$loginenc = base64_encode("login");
$passwordenc = base64_encode("password");
$login1 = @$_COOKIE['$loginenc'];
$password1 = @$_COOKIE['$passwordenc'];
$logout = base64_encode("logout");
mysql_select_db($base,$link);
$sql5 = "SELECT * FROM $table WHERE login='$login1'";
$result = mysql_query($sql5);
$row = mysql_fetch_assoc($result);
$get_login = $row['login'];
$v_password = $row['password'];
$get_password = base64_decode("$v_password");
$sql1=mysql_query("SELECT login FROM $table WHERE login='$login1'");
/* verifying if the user is already log in */
if(mysql_num_rows($sql1)>0){
if($password1 == $get_password && $get_login == $login1){
?> <center>Welcome, <?= $login1 ?><a href="login2.php?action=<?= $logout ?>"> Logout</a><br><br> put here the user page <?
exit;
}
}
/* if the user arent logged in, open the login form */
else{
?>
<table align="center" style="text-align: center;" border="0"
cellpadding="0" cellspacing="0">
<form action="login2.php?action=<?= $loginenc ?>" method="post">
<tbody>
<tr>
<td colspan="2" rowspan="1"><font color="#CC0033" size="2"><strong>
<?= $m ?><br><br></strong></td>
</tr>
<tr>
<td style="width: 60px;">Login:</td>
<td><input class=field name="login" type="text" value="<?= $loginvalue ?>"></td>
</tr>
<tr>
<td style="width: 60px;">Password:</td>
<td><input class=field name="password" type="password"></td>
</tr>
<tr>
<td style="width: 60px;"></td>
<td><input class=bottom name="Submit" value="Log in!" type="submit"></td>
</tr>
</tbody>
</table>
</form>
<?
}
mysql_close($link);
?>
2nd Step: Create a file with the name: login2.php, and write this:
CODE
<?phpinclude ("config.php");
$get_login = $_POST['login'];
$get_password = $_POST['password'];
$get_action = $_GET['action'];
$loginenc = base64_encode("login");
$passwordenc = base64_encode("password");
mysql_select_db($base,$link);
$sql5 = "SELECT * FROM $table WHERE login='$get_login'";
$result = mysql_query($sql5);
$row = mysql_fetch_assoc($result);
$ver_login = $row['login'];
$v_password = $row['password'];
$get_password2 = base64_decode("$v_password");
/* loging out */
$logout = base64_encode("logout");
if($get_action == $logout){
setcookie('$loginenc',00);
setcookie('$passwordenc',00);
header('Location: login.php');
}
if($get_action == $loginenc){
$pattern2 = "([0-9_A-Z_a-z])+[-_,_._>_<_~_^_/_?_°_\_|_!_¹_²_³_£_¢_¬_§_º_@_#_%_¨_&_*_+_}_*_'_]";
if(ereg($pattern2,$get_login) == true || ereg($pattern2,$get_password) == true)
{
$m = base64_encode("Login ou password incorreto!");
header("Location: login.php?msg=$m");
exit;
}
/* if the password is valid to this login set a cookie with this information */
if($get_password2 == $get_password){
setcookie('$loginenc',$get_login);
setcookie('$passwordenc',$get_password);
header("Location: login.php");
exit;
}
else{
$m = base64_encode("Login ou password incorreto!");
header("Location: login.php?msg=$m");
}
}
mysql_free_result($result);
mysql_close($link);
?>
Finishing: up this files and test the system.
Sorry if anything is wrong or incomplete, this is my first tutorial.. if anything is wrong please post here and if is possible with the fix xD
Yours Impious
Sat Jul 21, 2007 Reply New Discussion
Thanks so much for this tutorial!
ill try it soon sometime, its just what i needed, to make a members system for my website!
i hope it works, after i try it ill tell u any problems i find in it!
thanks!
ill try it soon sometime, its just what i needed, to make a members system for my website!
i hope it works, after i try it ill tell u any problems i find in it!
thanks!
Sat Jul 21, 2007 Reply New Discussion
Same here! From a quick look the code looks good, but I might have missed something! I'll try it out in a few days - when i get a moment of spare time!
-jimmy
-jimmy
Sat Jul 21, 2007 Reply New Discussion
Errors fixed:
*wrong tags
*wrong values
*wrong variables
*wrong texts
*data base errors
added attached files
*wrong tags
*wrong values
*wrong variables
*wrong texts
*data base errors
added attached files
Thu Jul 26, 2007 Reply New Discussion
Looks pretty good to me at a first glance.
Might consider expanding it, to explain some of the code for the newbies out there, maybe some of the functions etc you use?
Or perhaps just a bit more in-depth as to what each bits and bobs do.
Might consider expanding it, to explain some of the code for the newbies out there, maybe some of the functions etc you use?
Or perhaps just a bit more in-depth as to what each bits and bobs do.
Sun Jul 29, 2007 Reply New Discussion
you're right chesso.. I already was thinking on explaining the functions, etc better..
but, in the principle this post is for more experienced people and/or for who that simply want a system, without knowing necessarily as it functions..
but, i'll do this on the next week, cause im very busy now..
but, in the principle this post is for more experienced people and/or for who that simply want a system, without knowing necessarily as it functions..
but, i'll do this on the next week, cause im very busy now..
Mon Jul 30, 2007 Reply New Discussion
Nice job anyways, even without an explanation of what things do someone that knows a bit of php/mysql can easily figure out what it is and how you got it to work. This can easily be adapted to form something better as well as giving a good example of how mysql can be used to secuerly store information.
-HellFire
-HellFire
Tue Jul 31, 2007 Reply New Discussion
 |
 |
|
 |
 |
| Reply / Comment | Ask a Question? | Share / Bookmark | E-Mail a Friend |
![Oh Noes! I Deleted Internet Explorer!~[batch]](http://www.astahost.com/template/x/html//images/left.png) Oh Noes! I Deleted Internet Explorer!~[batch] (0)
|
(3) Something To Start With... I want to start programming 
|