Login/register

[alexgeek]

Helloo.
I have mysql/php setup and I use dreamweaver to build my site.
It has a login feature builtin.
but all it does is redirect you to a page if you have a correct username/pass or somewhere else if you don't :/
What I want is to have people login/register, then that being stored in a cookie or whatever, and them being able to have a page called my account which changes for each user.
I have two tables in mysql,
userdir: username, name, password, type(account type), gender, email, newsletter, enabled, comment(specific comments from me)
and scores: username, scores(when users play flash games they get points sent to this tables)

A little help? I know it's a bit advanced and way out of my league, but i'd really appreciate the help!
and yes i've tried google, and a few tutorials. most of them gave me a nice blank page.

[c010depunkk]

The easiest way is using PHP sessions. You just have to call the 'session_start()' function at the top of every page where the user should stay logged in. Here's an example login script:

PHP: Select all

<?php
session_start();
$message="";
if($_POST['user']) {
    $query=mysql_query("SELECT * FROM your_table_name WHERE username LIKE '".$_POST['user']."' AND password LIKE '".$_POST['pass']."'");
    if(mysql_num_rows($query)>0) {
        $row=mysql_fetch_object($query);
        $_SESSION['logged_in']=true;
    } else {
        $message=GetString('text_user_pass_incorrect');
    }
}

if($_SESSION['logged_in']==true) {
    echo("<script type=\"text/javascript\">document.location.href=\"url of the page you want to redirect to\";</script>");
} else {
    echo("<form name=\"login_form\" method=\"post\" action=\"login.php\"><p>username: <input type=\"text\" name=\"user\" /></p><p>password: <input type=\"password\" name=\"pass\" /></p><p><input type=\"submit\" action=\"submit\" value=\"login\" /></p></form><p>".$message."</p>");
}
?>

You could replace the javascript redirect using the 'header()' function.

Hope it works 4 u!

[Voodoochilli]

Yeah I agree, use the header() function instead of javascript, as if its disabled or not working properly it wont redirect.

Also you want to check the session on the page you get directed to, as otherwiswe they could just type that in if they know it.

[alexgeek]

sorry i haven't replied.
Thankyou.
Will test it now!

[alexgeek]

what part of that has to be on every page?
I want it so that, they can view every page.
but there's an SSI page, that has the navigation and
a login form/logged in paragraph, if you get me.
so in that, little bit.
do i put something like:

Code: Select all

if($_SESSION['logged_in']==true) {
    echo("you $user. <a href="myaccount.php">link to my account</a> etc.");
} else {
    echo("Please login:<Br> login form bla bla bla etc etc etc.");
}
}
?>

Yes? or something else?

[c010depunkk]

Yeah, that would make sure that the user is logged in on every page. Don't forget to call the session_start() function at the very top of every page to keep the session alive.

[Voodoochilli]

personly, I would make a php include, eg check_user.php

inside it I would have this:

PHP: Select all

<?
ini_set('session.gc_maxlifetime', '200000'); //change this to how long the session is
session_start();
// Checks if it the user has got access to this page
if (!isset($_SESSION['usersession'])){//change the session name to yours
    header("Location: login.php");
exit();//needed just in case the header doesnt redirect imediatly, so no content is shown
}

?>

Then just include it on every page that needs to have a registered session. Make sure on login.php you dont have the check_user.php included, otherwise it will loop for ever.

on the login page, if the details are correct, you simply register the session and redirect to a page

[Voodoochilli]

hey alex, out of interest how do you display your code with php syntax highlighting? tried both (code) and (html)

[c010depunkk]

There's also a 'PHP' code button, directly to the left of the 'HTML' one.

[alexgeek]

thanks will give it a go
You mean the forum code?

it's

PHP
in []


if that's what you meant

[Voodoochilli]

cheers

[alexgeek]

Righttt, one more question where in the code do i name the session to correspond with this bit:

PHP: Select all

if (!isset($_SESSION['usersession'])){//change the session name to yours
    header("Location: login.php");
exit();//needed just in case the header doesnt redirect imediatly, so no content is shown
} 

And isn't that saying, if the session (logged in) is there take them to the login page?
sorry if i'm wrong.

[Voodoochilli]

['usersession'] - change that to what ever you want the session name to be

[Voodoochilli]

Quote:

Originally Posted by alexgeek

And isn't that saying, if the session (logged in) is there take them to the login page?
sorry if i'm wrong.

No it says "if the session is not set then make them go to the login page". The ! bit means not, so it means if not registered.

Its also use like this sometimes

PHP: Select all

if ($a !=$b) {// if $a Not equals $b 

[alexgeek]

no i mean, in the login code,
do i have to name the session there?
thanks for clearing that up about the !

[Voodoochilli]

Hang on, I will make some login code for you, wont be a min

[Voodoochilli]

PHP: Select all

 session_start();     
$username = "Voodoochilli";
$password = "123456";
if (isset($_POST['username']) && isset($_POST['password'])){
    if ($_POST['username'] == $username && $_POST['password'] == $password){
//thats them, log them in and redirect them
  $_SESSION['usersession'] = $username; //  doesnt have to be username, but it needs something
        header("Location: index.php");
}
    else{//wrong username /password
            $msg = "Wrong username or password";
    }
}//end isset post

echo $msg;//put this in your html where you want the error message 

Ok you should probably get the username and password from a database, it shouldnt be stored in the php file, not that anyone will be able to see it or anything. I just did it this way for simplicity. this code should obviously be at the top of the page, before any html

[alexgeek]

brilliant thanks
will try it now

[Voodoochilli]

I will stay online incase you have any problems

[alexgeek]

thank you.
i think it's all sorted for now
just need to get it to get the information from the database
and i know that one