SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    SitePoint Addict smartboyinuk's Avatar
    Join Date
    Jul 2001
    Location
    Essex, UK
    Posts
    215
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    PHP+MySql:User Reg+Email Verification+Login Scripts

    I needed a script which I could then use to create my sites/scripts.

    My requirements:
    User Registration
    Email verification
    User Authentication / Login
    PHP+MySql (no flat file or other databases)
    Preferably GPL with free distribution

    I would have preferred to include a simple code / include file to be used in my scripts so that if a user tries to access that file, if an authentication session has not been established, the user will be asked to login.

    I searched google & hotscripts + a lot of other sites for last 4 weeks.

    I came up with the following:

    1. Access User Class by Olaf Lederer available at http://www.finalwebsites.com

    2. Easy Authenticator by Zack Preble

    3. Login Script by www.hintondesign.net

    4. EzUser Manager at http://php.reinsveien.com/ezUserManager/

    5. http://www.phpSecurePages.com

    Now does any one have better and easier to use scripts satisfying the criteria mentioned above ? If you have used the above scripts, please comment.

    Thanks.

  2. #2
    SitePoint Guru ripcurlksm's Avatar
    Join Date
    Aug 2004
    Location
    San Clemente, CA
    Posts
    859
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    This will work

    I hope this works for ya! 2 parts, admin and user login

    =====================================================================
    1) ADMIN LOGIN FORM>ADD NEW USER PAGE
    =====================================================================

    Here is an admin only page to initally add users to a database
    Code:
    <form name="form1" method="post" action="">
    Administrative Login:<br>
    
    <input name="username" type="text" id="username" size="15"><br>
    
    <input name="password" type="password" id="password" size="15"><br>
    
    <input type="submit" name="Submit" value="Submit"><br>
    
    </form>
                            
    </table>
                        
    <?php
    // Stores data from form.
    $user = $_POST['username'];
    $pass = $_POST['password'];
    // Sets up user authentication variables
    $user_auth = FALSE;
    
    // Sets up user array.
    $known_users = array (
    array (
    "name"=> "USERNAME",
    "pass"=> "PASSWORD",
    )
    );
    // Scrolls through user array.
    foreach ( $known_users as $val )
    { // Stores sub array data
    foreach ( $val as $key=>$final_val )
    {
    if ( $key == "name" )
    { $array_name = $final_val;
    } if ( $key == "pass" )
    { $array_pass = $final_val;
    } }
    // Checks stored user array data aginst submited data.
    if ( $array_name == $user && $array_pass == $pass)
    {
    $user_auth = TRUE;
    }
    }
    // Checks user authenticity
    if ( $user_auth ) 
    { 
    	$_SESSION['name'] = $user; // Creates sesion ID
    	print '<h2>Welcome ' .$user. '</h2><p>Logging in...</p><meta http-equiv="Refresh" content="2; URL=AdMiN1.php"/>';
    } 
    else 
    { // Bad username escape
    	print '<font size="2" color="FF0000">*You Are Not Logged In/Invalid User-Pass</font>';
    }
    ?>
    On successful login the admin is redirected here to add users to the database:

    Code:
    <?php
    	
    	session_start(); // Starts the session
    
    	header("Cache-control: private"); // IE6 Fix. Why? Because it's rubbish
    ?>
    <html>
    <head>
    </head>
    
    <?php
    if ( $_SESSION['name'] ) 
    { //Checks session existance (Security)
    ?> 
    <body>
    //THIS FORM ADDS A USER TO THE VISITOR LOGIN LISTED FURTHER BELOW
    <table width="504" border="0" cellspacing="0" cellpadding="0">
                        <tr> 
                          <td valign="top">
    <form method=post action="new_user.php">
                              <font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong>Add 
                              New User </strong><br>
                              </font> 
                              <table bgcolor=#FFFFFF>
                                <tr> 
                                  <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Preferred 
                                    username <br />
                                    (max 16 chars):</font></td>
                                  <td valign=top><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
                                    <input type=text name=username
                         size=16 maxlength=80>
                                    </font></td>
                                </tr>
                                <tr> 
                                  <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Password 
                                    <br />
                                    (between 6 and 16 chars):</font></td>
                                  <td valign=top><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
                                    <input type=password name=passwd
                         size=16 maxlength=16>
                                    </font></td>
                                </tr>
                                <tr> 
                                  <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Email 
                                    address:</font></td>
                                  <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
                                    <input type=text name=email size=30 maxlength=100>
                                    </font></td>
                                </tr>
                                <tr> 
                                  <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">First 
                                    Name:</font></td>
                                  <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
                                    <input type=text name=first size=30 maxlength=100>
                                    </font></td>
                                </tr>
                                <tr> 
                                  <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Last 
                                    Name:</font></td>
                                  <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
                                    <input type=text name=last size=30 maxlength=100>
                                    </font></td>
                                </tr>
                                <tr> 
                                  <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Address:</font></td>
                                  <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
                                    <input type=text name=address size=30 maxlength=100>
                                    </font></td>
                                </tr>
                                <tr> 
                                  <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">City:</font></td>
                                  <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
                                    <input type=text name=city size=30 maxlength=100>
                                    </font></td>
                                </tr>
                                <tr> 
                                  <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">State:</font></td>
                                  <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
                                    <input type=text name=state size=30 maxlength=100>
                                    </font></td>
                                </tr>
                                <tr> 
                                  <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Zip:</font></td>
                                  <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
                                    <input type=text name=zip size=30 maxlength=100>
                                    </font></td>
                                </tr>
                                <tr> 
                                  <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Phone:</font></td>
                                  <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
                                    <input type=text name=phone size=30 maxlength=100>
                                    </font></td>
                                </tr>
                                <tr> 
                                  <td colspan=2 align=center> <font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
                                    <input type=submit value="Register">
                                    </font></td>
                                </tr>
                              </table>
                            </form>
                            <p></p></td>
                        </tr>
                      </table>
    
    <?php
    }
    else
    { // Exit of security if 
    echo "You do not have permision to view this page. Click <a href='http://onestopauctionshop.net/onestop.php'>here</a>";
    }
    ?>
    </body>
    </html>
    The above code refrences new_user.php, this is the code that you will have to add your database info to.
    new_user.php:

    Code:
    <?php
    	
    	session_start(); // Starts the session
    
    	header("Cache-control: private"); // IE6 Fix. Why? Because it's rubbish
    <html>
    <head>
    </head>
    <body>
    <?php
    
      $db = mysql_connect("localhost", "MYSQLuser", "MYSQLpass");
    
      mysql_select_db("db_name",$db);
    
    $username=$HTTP_POST_VARS['username'];
    $passwd=$HTTP_POST_VARS['passwd'];
    $email=$HTTP_POST_VARS['email'];
    $first=$HTTP_POST_VARS['first'];
    $last=$HTTP_POST_VARS['last'];
    $phone=$HTTP_POST_VARS['phone'];
    $address=$HTTP_POST_VARS['address'];
    $city=$HTTP_POST_VARS['city'];
    $state=$HTTP_POST_VARS['state'];
    $zip=$HTTP_POST_VARS['zip'];
    
      //$sql = "INSERT INTO user (username, passwd, email, first, last, phone, address, city, state, zip) VALUES ('$username','$passwd','$email','$first','$last','$phone','$address','$city','$state','$zip')";
      //$sql = "INSERT INTO user (username, passwd, email, first, last, phone, address, city, state, zip) VALUES ('" . $username . "','" . $passwd . "','" . $email . "','" . $first . "','" . $last . "','" . $phone ."','" . $address . "','" . $city . "','" . $state . "','" . $zip . "')";
    
      $sql = "insert into user values ('$username', password('$passwd'), '$email','$first','$last','$phone','$address','$city','$state','$zip')";
    
      $result = mysql_query($sql);
    
      echo "New User Created.\n";
     
      ?>
    </body>
    </html>
    ?>
    =====================================================================
    2) USER LOGIN FORM>AUTH PAGE>PROTECTED PAGE
    =====================================================================
    Here is a login form, a verification page with redirects you to a success or failure page. The last script is how you would protect pages that require a login. All protected pages should have that format...

    LOGIN FORM
    Code:
    <form name="loginform" method=post action="member.php">
                         
    User: <input type="text" name="username" value="" size="10"><p>
                                   
    Pass: <input name="passwd" type="password" value="" size="10"><p>
                                    
    <input name="submit" type=submit value="Log in"><p>
    
    </form>
    member.php
    Code:
    <?
    $username = $_POST['username'];
    $passwd = $_POST['passwd'];
    
    if ($username && $passwd){
    if (login($username, $passwd)){
    session_start();
    $_SESSION['valid_user'] = $username;
    require_once('welcome.php');
    }else{
    require_once('failure.php');
    }
    }
    function db_connect()
    {
    $result = mysql_connect('localhost', 'MYSQLuser', 'MYSQLpass');
    if (!$result)
    return false;
    if (!mysql_select_db('db_name'))
    return false;
    
    return $result;
    }
    function login($username, $passwd){
    
    $conn = db_connect();
    if (!$conn)
    return false;
    $result = mysql_query("select * from user
    where username='$username'
    and passwd = password('$passwd')");
    if (!$result)
    return false;
    
    if (mysql_num_rows($result)>0)
    return true;
    else
    return false;
    } 
    
    ?>
    welcome.php
    Code:
    <?
    session_start();
    
    ?>
    <html>
      <head>
      </head>
    <?php
    if ( $_SESSION['valid_user'] ) 
    { //Checks session existance (Security)
    ?> 
    <body>
    //HTML HERE FOR SUCCESSFUL LOGIN
    
    <?php
    }
    else
    { // HTML HERE FOR INVALID LOGIN
    echo "You do not have permision to view this page. Click <a href='#'>here</a>";
    }
    ?>
    </body>
    </html>
    You also want to make a page called "failure.php" with the above login form for those who enter in the wrong username/pass.


    Regards,
    Kevin


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •