Jump to content



Welcome to AstaHost - Dear Guest , Please Register here to get Your own website. - Ask a Question / Express Opinion / Reply w/o Sign-Up!

Toggle shoutbox Shoutbox Open the Shoutbox in a popup

@  yordan : (16 June 2013 - 05:41 PM) You're Welcome, Agyat!
@  agyat : (16 June 2013 - 07:38 AM) Thanks Yordan...
@  velma : (16 June 2013 - 12:06 AM) I Have Asked Opa To Check For A Backup.. He'll Let Me Know Soon :)
@  velma : (16 June 2013 - 12:05 AM) T_T It Seems That Someone Has Deleted That Topic Since I Found The Url Of The Topic But It Gives Me An Error
@  yordan : (15 June 2013 - 10:31 PM) @velma : It's A Tuto On How To Create A Login Program.
@  yordan : (15 June 2013 - 10:31 PM) Happy Birthday To Youuuuuu Agyat!
@  yordan : (15 June 2013 - 10:31 PM) Ba$
@  agyat : (15 June 2013 - 04:41 PM) :(
@  agyat : (15 June 2013 - 04:41 PM) Where The Hall I Were? 15Th Is Almost At End And No-One Wished Me "happy Birthday"!!!
@  velma : (14 June 2013 - 10:39 AM) Which Tutorial Is He Searching For?
@  velma : (14 June 2013 - 10:38 AM) Which Tutorial Is He Searching For?
@  yordan : (14 June 2013 - 07:47 AM) Ok, Have A Look Tomorrow.
@  yordan : (13 June 2013 - 03:19 PM) @velma, Can You Have A Look At Feelay's Problem? Seems That His Tutorial Is Not Searchable Today.
@  Feelay : (13 June 2013 - 08:11 AM) Oh, Haha
@  velma : (12 June 2013 - 05:39 PM) T_T Lately My Levels Of Procrastination..... **sigh**
@  velma : (12 June 2013 - 05:38 PM) I'll Do It Later
@  velma : (12 June 2013 - 05:38 PM) Procrastinators.. People Who Keep Saying "i'll Do This In A Bit"
@  Feelay : (12 June 2013 - 02:05 PM) Deal Punishments To What?
@  velma : (12 June 2013 - 01:27 PM) T_T We Should Deal Punishments To Procrastinators... Especially Me
@  Feelay : (12 June 2013 - 12:06 PM) As Well As Making It More Secure.

Photo
- - - - -

Step By Step: Login System

Started by Impious, Jul 21 2007 01:54 AM

6 replies to this topic

#1 Impious

Impious

    Member - Active Contributor

  • [HOSTED]
  • 78 posts

Posted 21 July 2007 - 01:54 AM

Making a simple login system. (Step by step)

Creating the configuration file:

1st Step - Open the notepad. After puting the tag "<?php"(without quotes) write this:


$server = 'PUT HERE THE URL OF YOUR MYSQL SERVER';
$user = 'USER NAME OF YOUR MYSQL ACCOUNT';
$pass = 'PASSWORD OF YOUR MYSQL ACCOUNT';
$link = mysql_connect($server,$user,$pass);
$base = 'DATABASE NAME';
$table = 'TABLE NAME';

2nd Step - close the php code with: "?>"
3rd Step - save the file with the name "config.php"

Creating the database installation file:

1st Step - Open the notepad. After puting the tag "<?php"(without quotes) write this:

/* 01 */ include ("config.php"); 
/* 02 */ mysql_select_db($base,$link);
/* 03 */ $install = mysql_query("
/* 04 */ CREATE TABLE $table (
/* 05 */   id int(255) NOT NULL auto_increment,
/* 06 */   login varchar(200) NOT NULL default '',
/* 07 */   password varchar(200) NOT NULL default '',
/* 08 */   email varchar(200) NOT NULL default '',
/* 09 */   date DATE NOT NULL default '0000-00-00',
/* 10 */   time TIME NOT NULL default '00:00:00',
/* 11 */   PRIMARY KEY (id)
/* 12 */ ) TYPE=MyISAM;") or die("Wrong to create: $table <br>".mysql_error());
/* 13 */ $insertTest=mysql_query("INSERT INTO $table (id,login,password,email,date,time) VALUES  
('','test','dGVzdGU=','t-traders@hotmail.com','2007/07/05','14:04:23')"); 
if($install)
{
/* 14 */ print("Instalation complete! Destroy the file install.php to the system run perfectly!"); 
}
else
{
/* 15 */ print("Error! Verify if the file config.php is configured!"); 
}
?>
Explanation
line____________explanation
01 request the configuration file(config.php)
02 mysql command: open the database (DATABASE NAME, mysql_connect('YOUR MYSQL SERVER','YOUR MYSQL ACCOUNT NAME','YOUR MYSQL PASSWORD');
03 all variables starts with '$' on php, thats a example of one($install)
04 mysql command: create a table on mysql database with the name 'TABLE NAME' ($table)
05 mysql command: insert a field with the name: "id", this is using the auto_increment option, this auto complete the field when added any base
06 mysql command: insert a login field
07 mysql command: insert a password field
08 mysql command: insert a email field
09 mysql command: insert a date field with '0000-00-00' as default
10 mysql command: insert a time field with '00:00:00' as default
11 mysql command: set "id' as primary key of the table
12 mysql command: if have anything wrong and it cant add a table to the database this write the msg with the error
13 mysql command: insert test bases
14 if the script runs OK the msg "Instalation complete! Destroy the file install.php to the system run perfectly!" is show
15 if this not work shows the msg "Error! Verify if the file config.php is configured!"

2nd Step - Save the file with the name: install.php
3rd Step - Upload the files: config.php and install.php . Execute the install.php.
4th Step - Delete the file "install.php".

Creating the Registration Form:
1st Step - Create a table like this:


$m is the varible that shows the error message like: "Invalid E-mail"
$loginvalue is the value of the gap "login"(its for when anything is wrong the user dont have to write all gaps again
$emailvalue is like the loginvalue
$code is a random code antibots
the table contains a login gap; a password gap; an e-mail gap and an antibot gap

/* 01 */<table style="text-align: left; width: 100%;" border="0" cellpadding="0" cellspacing="0">
/* 02 */	<form action="register.php" method="post">
	<tbody>
/* 03 */	  <tr>
/* 04 */		 <font color="#ff0000" size="2"><strong><?= $m ?></strong></font>
/* 05 */	  </tr>
	  <tr>
		<td style="width: 60px;">Login:</td>
/* 06 */		<td style="width: 649px;"><input name="login" type="text" value="<?= $loginvalue ?>"></td>
	  </tr>
	  <tr>
		<td style="width: 60px;">Password:</td>
/* 07 */		<td style="width: 649px;"><input name="password" type="password"></td>
	  </tr>
	  <tr>
		<td style="width: 60px;">Email:</td>
/* 08 */		<td style="width: 649px;"><input name="email" type="text" value="<?= $emailvalue ?>"></td>
	  </tr>
	  <tr>
		<td style="width: 60px;">Code:</td>
		<td style="width: 649px;">  
/* 09 */		<font color="#6633cc" face="Tahoma" size="2"><strong><?= $code ?></strong></font><font color="#6633cc" face="Tahoma" size="2">
	  <input name="code" size="4" maxlength="4" type="text"></font></td>
	  </tr>
	  <tr>
		<td style="width: 60px;"> <input name="correct_code" value="<?= $code ?>" type="hidden">
/* 10 */		<input name="Submit" value="Submit!" type="submit"></td>
		<td style="width: 649px;"></td>
	  </tr>
	</tbody>
/* 11 */  </form>
/* 12 */</table>

Explanation
line____________explanation
01 open a table with this characteristics: align text on left, width size = 100% of the page, none border, cellpadding or cellspacing
02 open a form thats send informations to register.php with the post method
03 <tr> represents rows
04 show the error msg, if exists
05 close this row
06 <td> represents cols, on this col have a login gap with text type
07 password gap, password type is those that transform all character in **************
08 email gap
09 shows the generated random code(antibot system)
10 submit the of information of this gaps to register.php
11 close this form
12 close this table


2nd Step - placing the table on php code:
Create a file and rename to index.php. Place this:

<?php
srand((double)microtime()*1000000); 
/* 01 */$code=rand(1000, 5000); 
/* 02 */$msg = $_GET['msg']; 
/* 03 */$m=base64_decode($msg); 
/* 04 */$evalue = $_GET['evalue']; 
/* 05 */$lvalue = $_GET['lvalue']; 
/* 06 */$emailvalue=base64_decode($evalue);  
/* 07 */$loginvalue=base64_decode($lvalue); 

?>
/* 08 */  <table style="text-align: left; width: 100%;" border="0" cellpadding="0" cellspacing="0">
/* 09 */	<form action="register.php" method="post">
	<tbody>
/* 10 */	  <tr>
/* 11 */		 <font color="#ff0000" size="2"><strong><?= $m ?></strong></font>
/* 12 */	  </tr>
	  <tr>
/* 13 */		<td style="width: 60px;">Login:</td>
/* 14 */		<td style="width: 649px;"><input name="login" type="text" value="<?= $loginvalue ?>"></td>
	  </tr>
	  <tr>
/* 15 */		<td style="width: 60px;">Password:</td>
/* 16 */		<td style="width: 649px;"><input name="password" type="password"></td>
	  </tr>
	  <tr>
/* 17 */		<td style="width: 60px;">Email:</td>
/* 18 */		<td style="width: 649px;"><input name="email"
type="text" value="<?= $emailvalue ?>"></td>
	  </tr>
	  <tr>
/* 19 */		<td style="width: 60px;">Code:</td>
		<td style="width: 649px;">  
/* 20 */		<font color="#6633cc" face="Tahoma" size="2"><strong><?= $code ?></strong></font><font color="#6633cc" face="Tahoma" size="2">
/* 21 */	  <input name="code" size="4" maxlength="4" type="text"></font></td>
	  </tr>
	  <tr>
/* 22 */		<td style="width: 60px;"> <input name="correct_code" value="<?= $code ?>" type="hidden">
/* 23 */		<input name="Submit" value="Submit!" type="submit"></td>
		<td style="width: 649px;"></td>
	  </tr>
	</tbody>
/* 24 */  </form>
/* 25 */</table>
Explanation
line____________explanation
01 defines a variable with a code randomized between 1000 and 5000. thats for the antibot system
02 $_GET[] is a sintax that get a information in GET method, thats spefied by the clasps inside. in this example this gets the information sent by 'msg'.
03 base64_decode() decodes values encodeds using base64[to encode use base64_encode()] this decodes the information sent by form with GET method, got by $msg
04 $_GET[] is a sintax that get a information in GET method, thats spefied by the clasps inside. in this example this gets the information sent by 'evalue'.
05 $_GET[] is a sintax that get a information in GET method, thats spefied by the clasps inside. in this example this gets the information sent by 'lvalue'.
06 base64_decode() decodes values encodeds using base64[to encode use base64_encode()] this decodes the information sent by form with GET method, got by $evalue
07 base64_decode() decodes values encodeds using base64[to encode use base64_encode()] this decodes the information sent by form with GET method, got by $lvalue
08 open a table with this characteristics: align text on left, width size = 100% of the page, none border, cellpadding or cellspacing
09 open a form thats send informations to register.php with the post method
10 <tr> represents rows
11 show the error msg, if exists
12 close this row
13 thats the label(login:) for the input <input name="login" type="text" value="<?= $loginvalue ?>">
14 login gap.. the value is to when have any error this returns to this forms and show the information previously typed.. thir shows the login typed.. got by $_GET['lvalue'] and decoded by $loginvalue=base64_decode($lvalue); (7th line)
15 "password:" label for the input: <input name="password" type="password">
16 password gaps (with the type: password, thats transforms all characters in ***********)
17 "email:" for <input name="email" type="text" value="<?= $emailvalue ?>">
18 email gap.. the value is to when have any error this returns to this forms and show the information previously typed.. thir shows the email typed.. got by $_GET['evalue'] and decoded by $emailvalue=base64_decode($evalue); (8th line)
19 "code:" label for <?= $code ?> and <input name="code" size="4" maxlength="4" type="text">
20 shows the code randomized for antibot system.. with #6633cc color, Tahoma face and size 2
21 thats the gap to the user type the code showed before
22 sends the correct code, to compare with the code typed
23 submit gap, sends all this information typed by the user
24 close this form
25 close this table


Save this file.

3rd Step - Validating the antibot code. Create a document with the name "register.php" and place this:

<?php

$login = $_POST['login']; /* geting the login */
$password = $_POST['password']; /* geting the password */
$code = $_POST['code']; /* geting the code */
$email = $_POST['email']; /* geting the email */
$correct_code = $_POST['correct_code']; /* geting the correct code */
		 
if(!empty($code)){ /* looking if the code was written */
		 /* looking if the code is correct */
		 if($code == $correct_code){
		 $l = base64_encode($login);
		 $s = base64_encode($password);
		 $e = base64_encode($email);
		 header("Location: register2.php?l=$l&s=$s&e=$e"); /* here the code is right and the registration is being redirecting */
		 }
		 else{
		 $lvalue = base64_encode($login);
		 $evalue = base64_encode($email);
		 $m = base64_encode("Invalid Code!");		 
		 header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");}
}else{
$m = base64_encode("Write the code!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
}
?>

4th Step - Filtering the informations. Create a file with the name "register2.php" and write this:

<?php
include ("config.php");
mysql_select_db($base,$link);

$e = $_GET['e'];
$l = $_GET['l'];
$s = $_GET['s'];
$email = base64_decode($e);
$login = base64_decode($l);
$password = base64_decode($s);

$pattern2 = "([0-9_A-Z_a-z])+[-_,_._>_<_~_^_/_?_°_\_|_!_¹_²_³_£_¢_¬_§_º_@_#_%_¨_&_*_+_}_*_'_]";
/* filtering characters on login */
if(ereg($pattern2,$login) == true)
{
$m = base64_encode("Login contains invalid characters!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
$pattern2 = "([0-9_A-Z_a-z])+[-_,_._>_<_~_^_/_?_°_\_|_!_¹_²_³_£_¢_¬_§_º_@_#_%_¨_&_*_+_}_*_'_]";
/* filtering characters on password */
if(ereg($pattern2,$password) == true)
{
$m = base64_encode("Password contains invalid characters!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
$pattern3 = "([0-9_A-Z_a-z])+[,><~^/?°\|!¹²³£¢¬§º#%¨&*+}*']";
/* filtering characters on email */
if(ereg($pattern3,$email) == true)
{
$m = base64_encode("E-mail contains invalid characters!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
/* looking if e-mail is valid */
if (!(strpos($email,"@")) OR strpos($email,"@") != strrpos($email,"@"))
{
$m = base64_encode("Invalid E-mail!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
/* looking if the password have more than 6 characters */
if(strlen($password) < 6)
{
$m = base64_encode("Your password must contain at least 6 characters !");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
/* looking if the password have more than 3 characters */
if(strlen($login) < 3)
{
$m = base64_encode("Your login must contain at least 6 characters !");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
$sql=mysql_query("SELECT login FROM $table WHERE login='$login'");
/* looking if the login exists */
if(mysql_num_rows($sql)>0){
$m = base64_encode("Existing user!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
$sql1=mysql_query("SELECT login FROM $table WHERE email='$email'");
/* looking if the email exists */
if(mysql_num_rows($sql)>0){
$m = base64_encode("Registered email already!");
$lvalue = base64_encode($login);
$evalue = base64_encode($email);
header("Location: index.php?msg=$m&evalue=$evalue&lvalue=$lvalue");
exit;
}
else{
	$c_password1= base64_encode($password);
	$date= date("Y/m/d");
	$hour= date("H:i:s");
	
	mysql_query("
	INSERT INTO `$table` ( `id` , `login` , `password` , `email` , `date` , `time` ) 
	VALUES (
	'', '$login', '$c_password1', '$email', '$date', '$hour'
	)") OR die("Error at open database!");

	$m = base64_encode("Registration completed. Now you can log in!");
	header("Location: login.php?msg=$m");
	exit;
}

mysql_close($link);
?>

Creating a Login form:

1st Step: Create a file with this name: login.php, and write this:

<?php
include ("config.php");
$msg = $_GET['msg'];
$m = base64_decode("$msg");
$lvalue = $_GET['lvalue'];
$loginvalue = base64_decode("$lvalue");
$loginenc = base64_encode("login");
$passwordenc = base64_encode("password");
$login1 = @$_COOKIE['$loginenc'];
$password1 = @$_COOKIE['$passwordenc'];
$logout = base64_encode("logout");

mysql_select_db($base,$link);


$sql5 = "SELECT * FROM $table WHERE login='$login1'";
$result = mysql_query($sql5);
$row = mysql_fetch_assoc($result);
$get_login = $row['login'];
$v_password = $row['password'];
$get_password = base64_decode("$v_password");

$sql1=mysql_query("SELECT login FROM $table WHERE login='$login1'");
/* verifying if the user is already log in */
if(mysql_num_rows($sql1)>0){
if($password1 == $get_password && $get_login == $login1){

?> <center>Welcome, <?= $login1 ?><a href="login2.php?action=<?= $logout ?>"> Logout</a><br><br> put here the user page <?
exit;
}
}
/* if the user arent logged in, open the login form */
else{
?>
<table align="center" style="text-align: center;" border="0"
cellpadding="0" cellspacing="0">

<form action="login2.php?action=<?= $loginenc ?>" method="post">
  <tbody>
	<tr>
	  <td colspan="2" rowspan="1"><font color="#CC0033" size="2"><strong>
		 <?= $m ?><br><br></strong></td>
	</tr>
	<tr>
	  <td style="width: 60px;">Login:</td>
	  <td><input class=field name="login" type="text" value="<?= $loginvalue ?>"></td>
	</tr>
	<tr>
	  <td style="width: 60px;">Password:</td>
	  <td><input class=field name="password" type="password"></td>
	</tr>
	<tr>
	  <td style="width: 60px;"></td>
	  <td><input class=bottom name="Submit" value="Log in!" type="submit"></td>
	</tr>
  </tbody>
</table>
</form>

<?	
}
mysql_close($link);
?>


2nd Step: Create a file with the name: login2.php, and write this:

<?php
include ("config.php");
$get_login = $_POST['login'];
$get_password = $_POST['password'];
$get_action = $_GET['action'];
$loginenc = base64_encode("login");
$passwordenc = base64_encode("password");

mysql_select_db($base,$link);

$sql5 = "SELECT * FROM $table WHERE login='$get_login'";
$result = mysql_query($sql5);
$row = mysql_fetch_assoc($result);
$ver_login = $row['login'];
$v_password = $row['password'];
$get_password2 = base64_decode("$v_password");

/* loging out */
$logout = base64_encode("logout");
if($get_action == $logout){
setcookie('$loginenc',00);
setcookie('$passwordenc',00);
header('Location: login.php');
}

if($get_action == $loginenc){
$pattern2 = "([0-9_A-Z_a-z])+[-_,_._>_<_~_^_/_?_°_\_|_!_¹_²_³_£_¢_¬_§_º_@_#_%_¨_&_*_+_}_*_'_]";
if(ereg($pattern2,$get_login) == true || ereg($pattern2,$get_password) == true)
{
$m = base64_encode("Login ou password incorreto!");
header("Location: login.php?msg=$m");
exit;
}
/* if the password is valid to this login set a cookie with this information */
if($get_password2 == $get_password){
setcookie('$loginenc',$get_login);
setcookie('$passwordenc',$get_password);
header("Location: login.php");
exit;
}
else{
$m = base64_encode("Login ou password incorreto!");
header("Location: login.php?msg=$m");
}
}
mysql_free_result($result);
mysql_close($link);
?>

Finishing: up this files and test the system.

Sorry if anything is wrong or incomplete, this is my first tutorial.. if anything is wrong please post here and if is possible with the fix xD

Yours Impious

Attached Files


Edited by Impious, 20 August 2007 - 01:17 PM.

#2 Sten

Sten

    Oh come on Mrs. B!

  • Members
  • 648 posts
  • Gender:Male
  • Location:Tasmania, Australia

Posted 21 July 2007 - 03:55 AM

Thanks so much for this tutorial!
ill try it soon sometime, its just what i needed, to make a members system for my website!

i hope it works, after i try it ill tell u any problems i find in it!

thanks!

#3 Jimmy89

Jimmy89

    Living at the Datacenter

  • [HOSTED]
  • 713 posts
  • Gender:Male
  • Location:Australia
  • myCENTs:14.01

Posted 21 July 2007 - 09:39 AM

Same here! From a quick look the code looks good, but I might have missed something! I'll try it out in a few days - when i get a moment of spare time!
-jimmy

#4 Impious

Impious

    Member - Active Contributor

  • [HOSTED]
  • 78 posts

Posted 26 July 2007 - 09:40 PM

Errors fixed:
*wrong tags
*wrong values
*wrong variables
*wrong texts
*data base errors

added attached files

#5 Chesso

Chesso

    Teh Coder

  • Members
  • 1,053 posts
  • Gender:Male
  • Location:Australia
  • Interests:Software Programming, Web Programming, Skateboarding, Gaming and My Fiance!
  • myCENTs:89.25

Posted 29 July 2007 - 08:08 AM

Looks pretty good to me at a first glance.

Might consider expanding it, to explain some of the code for the newbies out there, maybe some of the functions etc you use?

Or perhaps just a bit more in-depth as to what each bits and bobs do.

#6 Impious

Impious

    Member - Active Contributor

  • [HOSTED]
  • 78 posts

Posted 30 July 2007 - 08:26 PM

you're right chesso.. I already was thinking on explaining the functions, etc better..

but, in the principle this post is for more experienced people and/or for who that simply want a system, without knowing necessarily as it functions..

but, i'll do this on the next week, cause im very busy now.. :P

#7 HellFire121

HellFire121

    Premium Member

  • [HOSTED]
  • 438 posts

Posted 31 July 2007 - 06:39 AM

Nice job anyways, even without an explanation of what things do someone that knows a bit of php/mysql can easily figure out what it is and how you got it to work. This can easily be adapted to form something better as well as giving a good example of how mysql can be used to secuerly store information.

-HellFire
Back to Programming General

Reply to this topic



  


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Open Discussion & Free Web Hosting
  2. Computers & Tech
  3. Programming
  4. Programming General
  5. Rules