Jump to content

User Login

william205

By william205
in PHP Coding Help

 Share

Recommended Posts

adamlacombe Member

adamlacombe

Posted
Posted

I'll write out the basics for you  8)

 

Alright so first step would be to create the signup page.

so here is what signup.php should look like

<?php
include ('connect.php');
if($_POST['submit']){
$username=$_POST['username'];
$password=$_POST['pass'];

  $sql = "INSERT into `users`(`username`,`password`)
  VALUES ('$username','".md5($password)."');";

$query = mysql_query($sql) or die(mysql_error());

}else{ echo '
<form method="post" action="signup.php">

Username: <input  id="username" size="30" type="text" name="username"><br>
Password: <input  id="username" size="30" type="text" name="username"><br>

<input type="submit" name="submit" value="Signup!">';

} ?>

 

 

Now the login page:

<?php
include('connect.php');
if($_POST['submit']){
  $user = $_POST['usernamel'];
  $pass = $_POST['password'];

if($user && $pass)
{
$pass = md5($pass);
$sql="SELECT id,username,password FROM `users` WHERE `username`='$user' AND `password`='$pass'";
$query=mysql_query($sql) or die(mysql_error());

    if(mysql_num_rows($query) > 0)
    {
      $row = mysql_fetch_assoc($query);
      $_SESSION['id'] = $row['id'];
      $_SESSION['username'] = $row['username'];
      $_SESSION['password'] = $row['password'];


echo '<meta http-equiv="REFRESH" content="0;url=index.php">';
    }
    else
   {
    echo "Email and password combination is incorrect!";
   }	
}
else
{			
   echo "You need to gimme a email AND password!";
}

}else{
   echo "<form action='login.php' method='post'>
Username: <input type='text' name='username' size='30'><br />
Password: <input type='password' name='password' size='30'><br />
?>

 

 

then the user page:

<?php
include('connect.php');

if(!$_SESSION['id']){
echo "You are not logged in!";
}else{
echo "Welcome $_SESSION[username]";
}
?>

 

 

 

** dont forget to clean everything

Link to comment
Share on other sites
william205 Newbie

william205

Posted
  • Author
Posted

The use that I need it for doesn't need a sign up page because it is for a school so they have all the usernames and passwords of the students in a database already.

 

Before I saw your login script I had the following and still do because your one didn't work for some reason.

 

<?php
$host="localhost"; 
$username="root"; 
$password="root"; 
$db_name="portal"; 
$tbl_name="login"; 


mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");


$user=$_POST['user']; 
$pass=$_POST['pass'];


$user = stripslashes($user);
$pass = stripslashes($pass);
$user = mysql_real_escape_string($user);
$pass = mysql_real_escape_string($pass);

$sql="SELECT * FROM $tbl_name WHERE user='$user' and pass='$pass'";
$result=mysql_query($sql);


$count=mysql_num_rows($result);


if($count==1){

session_register("user");
session_register("pass"); 
header("location:aments.php");
}
else {
header("location:wrong.html");
}
?>

 

And I need it so that when a student logs on it will show them their own time table and grades, would your way work to do this?

 

If their is any other files you need to see just say and I will attach them.

 

Many Thanks

 

 

Link to comment
Share on other sites
adamlacombe Member

adamlacombe

Posted
Posted 

<?php
$host="localhost"; 
$username="root"; 
$password="root"; 
$db_name="portal"; 
$tbl_name="login"; 


mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

function clean ($str){
    $str = strip_tags ($str);
    $str = htmlspecialchars ($str, ENT_NOQUOTES);
    $str = stripslashes ($str);
    $str = mysql_real_escape_string($str);
    return $str;
}

session_start();

$user=clean($_POST['user']); 
$pass=clean($_POST['pass']);

$sql="SELECT * FROM $tbl_name WHERE user='$user' and pass='$pass'";
$result=mysql_query($sql);

$count=mysql_num_rows($result);

if($count==1){

      $row = mysql_fetch_assoc($result);
      $_SESSION['id'] = $row['id'];
      $_SESSION['user'] = $row['user'];


echo '<meta http-equiv="REFRESH" content="0;url=aments.php">';
}else{
echo '<meta http-equiv="REFRESH" content="0;url=wrong.html">';
}
?>

That should work..

 

Always remember to put a session_start(); in every page though..

I cleaned all your $_POSTs also.

 

Now do you have their grades, etc. in a different table? if so all you would need to do is make sure that there is a field called "user" or something in that table with their id.

then select everything from the grades table where user=$_SESSION[id]

You can also do it by username but if someone wants to change their username it would be easier to use id's

Link to comment
Share on other sites
william205 Newbie

william205

Posted
  • Author
Posted

Thanks

 

At the moment I have a table called timetable and a table called grades and each pupil has an id in the first column of the table.

 

so would I put user=$_SESSION[id] like that or something like $user=mysql_query("SELECT * from timetable where user=$_SESSION[id]")

 

 

 

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.