|
Re: i need to find a PHP login/register script
Dan I Have Found Some PHP Scripts I Think You Would Like To Use
here are the list details below
or you can log on to the following address
http://www.free2code.net/plugins/articles/read.php?id=99
PHP Code:
<?php
//require the PEAR::DB classes.
require_once 'DB.php';
$db_engine = 'mysql';
$db_user = 'username';
$db_pass = 'password';
$db_host = 'localhost';
$db_name = 'database';
$datasource = $db_engine.'://'.
$db_user.':'.
$db_pass.'@'.
$db_host.'/'.
$db_name;
$db_object = DB::connect($datasource, TRUE);
/* assign database object in $db_object,
if the connection fails $db_object will contain
the error message. */
// If $db_object contains an error:
// error and exit.
if(DB::isError($db_object)) {
die($db_object->getMessage());
}
$db_object->setFetchMode(DB_FETCHMODE_ASSOC);
// we write this later on, ignore for now.
include('check_login.php');
?>
<?php
require 'db_connect.php';
// require above script
// change the path to match wherever you put it.
$table = "CREATE TABLE users (
id int(10) DEFAULT '0' NOT NULL auto_increment,
username varchar(40),
password varchar(50),
regdate varchar(20),
email varchar(100),
website varchar(150),
location varchar(150),
show_email int(2) DEFAULT '0',
last_login varchar(20),
PRIMARY KEY(id))";
$create = $db_object->query($table); //perform query
if(DB::isError($create)) {
die($create->getMessage());
} else {
echo 'Table created successfully.';
}
$db_object->disconnect();
?>
<?php
require('db_connect.php'); // database connect script.
?>
<html>
<head>
<title>Register an Account</title>
</head>
<body>
<?php
if (isset($_POST['submit'])) { // if form has been submitted
/* check they filled in what they supposed to,
passwords matched, username
isn't already taken, etc. */
if (!$_POST['uname'] | !$_POST['passwd'] | !$_POST['passwd_again'] | !$_POST['email']) {
die('You did not fill in a required field.');
}
// check if username exists in database.
if (!get_magic_quotes_gpc()) {
$_POST['uname'] = addslashes($_POST['uname']);
}
$name_check = $db_object->query("SELECT username FROM users WHERE username = '".$_POST['uname']."'");
if (DB::isError($name_check)) {
die($name_check->getMessage());
}
$name_checkk = $name_check->numRows();
if ($name_checkk != 0) {
die('Sorry, the username: <strong>'.$_POST['uname'].'</strong> is already taken, please pick another one.');
}
// check passwords match
if ($_POST['passwd'] != $_POST['passwd_again']) {
die('Passwords did not match.');
}
// check e-mail format
if (!preg_match("/.*@.*..*/", $_POST['email']) | preg_match("/(<|>)/", $_POST['email'])) {
die('Invalid e-mail address.');
}
// no HTML tags in username, website, location, password
$_POST['uname'] = strip_tags($_POST['uname']);
$_POST['passwd'] = strip_tags($_POST['passwd']);
$_POST['website'] = strip_tags($_POST['website']);
$_POST['location'] = strip_tags($_POST['location']);
// check show_email data
if ($_POST['show_email'] != 0 & $_POST['show_email'] != 1) {
die('Nope');
}
/* the rest of the information is optional, the only thing we need to
check is if they submitted a website,
and if so, check the format is ok. */
if ($_POST['website'] != '' & !preg_match("/^(http|ftp):///", $_POST['website'])) {
$_POST['website'] = 'http://'.$_POST['website'];
}
// now we can add them to the database.
// encrypt password
$_POST['passwd'] = md5($_POST['passwd']);
if (!get_magic_quotes_gpc()) {
$_POST['passwd'] = addslashes($_POST['passwd']);
$_POST['email'] = addslashes($_POST['email']);
$_POST['website'] = addslashes($_POST['website']);
$_POST['location'] = addslashes($_POST['location']);
}
$regdate = date('m d, Y');
$insert = "INSERT INTO users (
username,
password,
regdate,
email,
website,
location,
show_email,
last_login)
VALUES (
'".$_POST['uname']."',
'".$_POST['passwd']."',
'$regdate',
'".$_POST['email']."',
'".$_POST['website']."',
'".$_POST['location']."',
'".$_POST['show_email']."',
'Never')";
$add_member = $db_object->query($insert);
if (DB::isError($add_member)) {
die($add_member->getMessage());
}
$db_object->disconnect();
?>
<h1>Registered</h1>
<p>Thank you, your information has been added to the database, you may now <a href="login.php" title="Login">log in</a>.</p>
<?php
} else { // if form hasn't been submitted
?>
<h1>Register</h1>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table align="center" border="1" cellspacing="0" cellpadding="3">
<tr><td>Username*:</td><td>
<input type="text" name="uname" maxlength="40">
</td></tr>
<tr><td>Password*:</td><td>
<input type="password" name="passwd" maxlength="50">
</td></tr>
<tr><td>Confirm Password*:</td><td>
<input type="password" name="passwd_again" maxlength="50">
</td></tr>
<tr><td>E-Mail*:</td><td>
<input type="text" name="email" maxlength="100">
</td></tr>
<tr><td>Website:</td><td>
<input type="text" name="website" maxlength="150">
</td></tr>
<tr><td>Location</td><td>
<input type="text" name="location" maxlength="150">
</td></tr>
<tr><td>Show E-Mail?</td><td>
<select name="show_email">
<option value="1" selected="selected">Yes</option>
<option value="0">No</option></select>
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Sign Up">
</td></tr>
</table>
</form>
<?php
}
?>
</body>
</html>
<?php
/* check login script, included in db_connect.php. */
session_start();
if (!isset($_SESSION['username']) || !isset($_SESSION['password'])) {
$logged_in = 0;
return;
} else {
// remember, $_SESSION['password'] will be encrypted.
if(!get_magic_quotes_gpc()) {
$_SESSION['username'] = addslashes($_SESSION['username']);
}
// addslashes to session username before using in a query.
$pass = $db_object->query("SELECT password FROM users WHERE username = '".$_SESSION['username']."'");
if(DB::isError($pass) || $pass->numRows() != 1) {
$logged_in = 0;
unset($_SESSION['username']);
unset($_SESSION['password']);
// kill incorrect session variables.
}
$db_pass = $pass->fetchRow();
// now we have encrypted pass from DB in
//$db_pass['password'], stripslashes() just incase:
$db_pass['password'] = stripslashes($db_pass['password']);
$_SESSION['password'] = stripslashes($_SESSION['password']);
//compare:
if($_SESSION['password'] == $db_pass['password']) {
// valid password for username
$logged_in = 1; // they have correct info
// in session variables.
} else {
$logged_in = 0;
unset($_SESSION['username']);
unset($_SESSION['password']);
// kill incorrect session variables.
}
}
// clean up
unset($db_pass['password']);
$_SESSION['username'] = stripslashes($_SESSION['username']);
?>
<?php
// database connect script.
require 'db_connect.php';
if($logged_in == 1) {
die('You are already logged in, '.$_SESSION['username'].'.');
}
?>
<html>
<head>
<title>Hab-globe.com Login</title>
</head>
<body>
<?php
if (isset($_POST['submit'])) { // if form has been submitted
/* check they filled in what they were supposed to and authenticate */
if(!$_POST['uname'] | !$_POST['passwd']) {
die('You did not fill in a required field.');
}
// authenticate.
if (!get_magic_quotes_gpc()) {
$_POST['uname'] = addslashes($_POST['uname']);
}
$check = $db_object->query("SELECT username, password FROM users WHERE username = '".$_POST['uname']."'");
if (DB::isError($check) || $check->numRows() == 0) {
die('That username does not exist in our database.');
}
$info = $check->fetchRow();
// check passwords match
$_POST['passwd'] = stripslashes($_POST['passwd']);
$info['password'] = stripslashes($info['password']);
$_POST['passwd'] = md5($_POST['passwd']);
if ($_POST['passwd'] != $info['password']) {
die('Incorrect password, please try again.');
}
// if we get here username and password are correct,
//register session variables and set last login time.
$date = date('m d, Y');
$update_login = $db_object->query("UPDATE users SET last_login = '$date' WHERE username = '".$_POST['uname']."'");
$_POST['uname'] = stripslashes($_POST['uname']);
$_SESSION['username'] = $_POST['uname'];
$_SESSION['password'] = $_POST['passwd'];
$db_object->disconnect();
?>
<h1>Logged in</h1>
<p>Welcome back <?php echo $_SESSION['username']; ?>, you are logged in.</p>
<?php
} else { // if form hasn't been submitted
?>
<h1>Login</h1>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table align="center" border="1" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td>
<input type="text" name="uname" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="passwd" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}
?>
</body>
</html>
<?php
require 'db_connect.php'; // database connect script.
if ($logged_in == 0) {
die('You are not logged in so you cannot log out.');
}
unset($_SESSION['username']);
unset($_SESSION['password']);
// kill session variables
$_SESSION = array(); // reset session array
session_destroy(); // destroy session.
header('Location: index.php');
// redirect them to anywhere you like.
?>
<?php
require 'db_connect.php';
// require our database connection
// which also contains the check_login.php
// script. We have $logged_in for use.
if ($logged_in == 0) {
die('Sorry you are not logged in, this area is restricted to registered members. <a href="login.php">Click here</a> to log in.');
}
// show content
$db_object->disconnect();
// when you are done.
?>
<?php
require 'db_connect.php';
if ($logged_in == 1) {
echo 'Logged in as '.$_SESSION['username'].', <a href="logout.php">logout</a>';
} else {
echo 'Not logged in. <a href="login.php">Login</a>';
}
?>
or alternativley you can log on to the following address:
http://www.free2code.net/plugins/articles/read.php?id=99 |
26-Oct-2005, 11:48
2nd Week of IA Training by crystalattice
Similar Threads
