EatRamen
09-23-2007, 07:27 PM
Simple login script
Note: These are NOT the same script that Galapets uses, this is just a simple tutorial to show how a login using PHP works.
Required
- Webserver with PHP installed.
- Mysql database.
- Cookies enabled on your browser
Overview
We're setting this up using COOKIES. This is how it will work, the user logs in using his/her correct username/password combonation, we set a cookie on the users computer with:
a) Users username
b) Users password
Then we check to see if the user is logged on (for restricted content pages/etc).
STEP 1 Firstly, this is the HTML form we will be using. Save this in a file called 'login.php'.
<form action="login2.php" method="POST">
<table>
<td>Username: </td><td><input type="text" name="usern"></td>
<tr>
<td>Password:</td><td><input type="password" name="pw"></td>
</table>
</form>
Notice:
<input type="text" name="usern">
And...
<input type="password" name="pw">
You see how we gave our inputs names? Well, thats gonna help us later on to specify the difference between the two.
STEP 2 Next, make a file called 'login2.php' and follow along with the //comments. (The comments won't apear anywhere on the page, they just help us comment on the script.)
<?php //PHP start
ob_start(); //Allows us to use cookies, make sure this is on the top of every page that you use cookies in ANY way.
$usern = htmlspecialchars(strip_tags(mysql_escape_string($_ POST['usern']))); //Here we set the variable for the username, what all the functions do is make sure the user doesn't input 'harmful' strings into your database, etc.
$pw = htmlspecialchars(strip_tags(mysql_escape_string($_ POST['pw']))); //Same as above, except we set the variable for the password.
if ($usern == ""|$pw == "") {echo ("You left a field blank!"); die;} //Checks to see if the user forgot to fill in a field, if a field is blank, the page will 'die' here and discontinue from here on.
mysql_connect("HOST NAME HERE", "DATABASE USERNAME HERE", "DATABASE PASSWORD HERE"); //This connects us to your database, make sure you change the information to your database login info though
mysql_select_db(DATABASE NAME HERE); //This selects the database to user, again replace with your info
$usercheck = mysql_fetch_array(mysql_query("SELECT * FROM users WHERE username ='$usern'")); //Selects the user in your database with the same username that the user has just entered
if ($usercheck[password] != $pw) {echo ("Invalid login information"); die;} //Checks to see if the username's password matches the password that the user just entered
//If the page hasn't 'died' yet, that means that there were no errors, so we continue with login
setcookie("username", $usern, time()+3600); //Set the cookie called 'username' on the users browser that will last for 1 hour
setcookie("password", $pw, time()+3600); //Set the cookie called 'password' on the users browser that will last for 1 hour
echo ("You are now logged in!"); //Let user know he/she is logged in
?> //PHP end
So thats the PHP part of it, pretty simple, eh? Next lets set the database up.
STEP 3 Now log on to your database's PHPMyAdmin and follow these directions:
1. Click on your database name that is on the left hand side navigation bar.
2. Type in the name 'users' for the table name, and '3' for the number of rows and click go/save/whatever.
3. Type in 'id' for the first row's name, 'username' for the second rows name and 'password' for the third (Make sure that the type for all is varchar).
4. Type in '11' for the limit/amount for 'id' and 255' for both username and password.
5. Go back to 'id' and change 'varchar' to 'int' and extra to 'auto_increment' and click the radio next to the key icon.
Click on the button 'save'.
Next, (Almost done, bare with me) click on 'insert' on the top of the page, and insert the username/password you want on the first set of fields (Ignore the second set of fields underneath, and ignore the 'id' field)
Then click submit/done/whatever the button is called.
Its all done! Test it out using the username/password you added in your database!
(Note: I'll add the 'check login part in a few hours)
Its not tested, so if you find any errors, please tell. And also, if you have any problems understanding me, let me know D:
Note: These are NOT the same script that Galapets uses, this is just a simple tutorial to show how a login using PHP works.
Required
- Webserver with PHP installed.
- Mysql database.
- Cookies enabled on your browser
Overview
We're setting this up using COOKIES. This is how it will work, the user logs in using his/her correct username/password combonation, we set a cookie on the users computer with:
a) Users username
b) Users password
Then we check to see if the user is logged on (for restricted content pages/etc).
STEP 1 Firstly, this is the HTML form we will be using. Save this in a file called 'login.php'.
<form action="login2.php" method="POST">
<table>
<td>Username: </td><td><input type="text" name="usern"></td>
<tr>
<td>Password:</td><td><input type="password" name="pw"></td>
</table>
</form>
Notice:
<input type="text" name="usern">
And...
<input type="password" name="pw">
You see how we gave our inputs names? Well, thats gonna help us later on to specify the difference between the two.
STEP 2 Next, make a file called 'login2.php' and follow along with the //comments. (The comments won't apear anywhere on the page, they just help us comment on the script.)
<?php //PHP start
ob_start(); //Allows us to use cookies, make sure this is on the top of every page that you use cookies in ANY way.
$usern = htmlspecialchars(strip_tags(mysql_escape_string($_ POST['usern']))); //Here we set the variable for the username, what all the functions do is make sure the user doesn't input 'harmful' strings into your database, etc.
$pw = htmlspecialchars(strip_tags(mysql_escape_string($_ POST['pw']))); //Same as above, except we set the variable for the password.
if ($usern == ""|$pw == "") {echo ("You left a field blank!"); die;} //Checks to see if the user forgot to fill in a field, if a field is blank, the page will 'die' here and discontinue from here on.
mysql_connect("HOST NAME HERE", "DATABASE USERNAME HERE", "DATABASE PASSWORD HERE"); //This connects us to your database, make sure you change the information to your database login info though
mysql_select_db(DATABASE NAME HERE); //This selects the database to user, again replace with your info
$usercheck = mysql_fetch_array(mysql_query("SELECT * FROM users WHERE username ='$usern'")); //Selects the user in your database with the same username that the user has just entered
if ($usercheck[password] != $pw) {echo ("Invalid login information"); die;} //Checks to see if the username's password matches the password that the user just entered
//If the page hasn't 'died' yet, that means that there were no errors, so we continue with login
setcookie("username", $usern, time()+3600); //Set the cookie called 'username' on the users browser that will last for 1 hour
setcookie("password", $pw, time()+3600); //Set the cookie called 'password' on the users browser that will last for 1 hour
echo ("You are now logged in!"); //Let user know he/she is logged in
?> //PHP end
So thats the PHP part of it, pretty simple, eh? Next lets set the database up.
STEP 3 Now log on to your database's PHPMyAdmin and follow these directions:
1. Click on your database name that is on the left hand side navigation bar.
2. Type in the name 'users' for the table name, and '3' for the number of rows and click go/save/whatever.
3. Type in 'id' for the first row's name, 'username' for the second rows name and 'password' for the third (Make sure that the type for all is varchar).
4. Type in '11' for the limit/amount for 'id' and 255' for both username and password.
5. Go back to 'id' and change 'varchar' to 'int' and extra to 'auto_increment' and click the radio next to the key icon.
Click on the button 'save'.
Next, (Almost done, bare with me) click on 'insert' on the top of the page, and insert the username/password you want on the first set of fields (Ignore the second set of fields underneath, and ignore the 'id' field)
Then click submit/done/whatever the button is called.
Its all done! Test it out using the username/password you added in your database!
(Note: I'll add the 'check login part in a few hours)
Its not tested, so if you find any errors, please tell. And also, if you have any problems understanding me, let me know D: