Monday 20 February 2012

PHP Login script tutorial


Overview
In this tutorial create 3 files
1. main_login.php
2. checklogin.php
3. login_success.php

Step
1. Create table "members" in database "test".
2. Create file main_login.php.
3. Create file checklogin.php.
4. Create file login_success.php.
5. Create file logout.php
If you don't know how to create databse, click here

Create table "members"
CREATE TABLE `members` (
`id` int(4) NOT NULL auto_increment,
`username` varchar(65) NOT NULL default '',
`password` varchar(65) NOT NULL default '',
PRIMARY KEY (`id`)
) TYPE=MyISAM AUTO_INCREMENT=2 ;
--
-- Dumping data for table `members`
--
INSERT INTO `members` VALUES (1, 'john', '1234');


Create file main_login.php
View In Browser 

############### Code
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>

Create file checklogin.php
 
############### Code
<?php
$host="localhost"; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="test"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form 
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

Create file login_success.php
############### Code
// Check if session is not registered , redirect back to main page. 
// Put this code in first line of web page. 
<?
session_start();
if(!session_is_registered(myusername)){
header("location:main_login.php");
}
?>

<html>
<body>
Login Successful
</body>
</html>

Logout.php
If you want to logout, create this file

// Put this code in first line of web page. 
<?
session_start();
session_destroy();
?>

For PHP5 User - checklogin.php
############### Code
<?php
ob_start();
$host="localhost"; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="test"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Define $myusername and $mypassword 
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>


Posted by at No comments:

Sunday 19 February 2012

Easy to make Add Update Delete Forms

Form.php



<html>
<body>
<h1> Registration Form : </h1>
<form name="form1" action="register.php" method="post" />
Name :
   <input type="text" name="name" value=""/>

Address :
  <input type="text" name="address" value=""/>
  <input type="submit" name="submit" value="Register"/>
  </form>

</body>
</html>

register.php
<?php
include("cls.php");
$obj= new connect();
$obj->abcconnect();

$varname=$_POST['name'];
$varaddress=$_POST['address'];

$sqlinsert= "insert into reg(name,address)values('$varname','$varaddress')";

if(!mysql_query($sqlinsert))
{
echo "errro in querry".mysql_error();
}
else
{
echo"registration complete";
}
?>

cls.php

<?php 
class connect
{
function abcconnect()
{
$con = mysql_connect('localhost','root','');
if(!$con)
{
die("Error in database connection");
}
$sdb=mysql_select_db('db',$con);
if(!$sdb)
{
die("Erroe in database selection");
}
}
}
?>

updateform.php

<?php 
include("cls.php");
$obj = new connect();
$obj->abcconnect();

$varid = $_GET["id"];
$sqlselect=mysql_query("select * from reg where id = $varid");

while($row=mysql_fetch_array($sqlselect))
{
$varid=$row["id"];
$varname=$row["name"];
$varaddress=$row["address"];
}
?>

<html>
<body>
<h1> Registration Form : </h1>
<form name="form1" action="update.php?id=<?php echo $varid; ?>" method="post" />
Name :
   <input type="text" name="name" value="<?php echo $varname; ?>"/>

Address :
  <input type="text" name="address" value="<?php echo $varaddress; ?>"/>
  <input type="submit" name="submit" value="Update"/>
  </form>

</body>
</html>

update.php
<?php 
include("cls.php");
$obj = new connect();
$obj->abcconnect();

$varid = $_GET["id"];
$varname=$_POST['name'];
$varaddress=$_POST['address'];

//echo $varid;

//$sql = "delete from reg where id =$varid";
$sql = "update reg set name='$varname',address='$varaddress' where id = $varid";
if(!mysql_query($sql))
{
echo "Query does not execute";

}
else
{
echo "Record have been updated";
}

?>

delete.php

<?php 
include("cls.php");
$obj = new connect();
$obj->abcconnect();

$varid = $_GET["id"];

echo $varid;

$sql = "delete from reg where id =$varid";

if(!mysql_query($sql))
{
echo "Query does not execute";

}
else
{
echo "Record have been deleted";
}

?>

regdesplay1.php

<?php
include("cls.php");
$obj=new connect();
$obj->abcconnect();

$sqlselect=mysql_query("select * from reg");
?>

<table>

<tr>
<td>Id</td>
<td>Name</td>
<td>Address</td>
<td>Delete</td>
<td>Update</td>

</tr>

<?php 
while($row=mysql_fetch_array($sqlselect))
{
$varid=$row["id"];
$varname=$row["name"];
$varaddress=$row["address"];
?>
<tr>
<td><?php echo "$varid"; ?></td>
<td><?php echo "$varname"; ?></td>
<td><?php echo "$varaddress";?></td>
<td><a href="delete.php?id=<?php echo "$varid"; ?>">Delete</a></td>
<td><a href="updateform.php?id=<?php echo "$varid"; ?>">Update</a></td>

</tr>
<?php 

}
?>
</table>

Posted by at 1 comment:
Labels:
Subscribe to: Posts (Atom)