Database
We are going to create a simple login system using PHP code on our
pages, and a MySQL database to store our users information. We will
track the users who are logged in with cookies.
Registration Page 1
<?php
// Connects to your Database
mysql_connect("your.hostaddress.com", "username", "password") or die(mysql_error());
mysql_select_db("Database_Name") or die(mysql_error());
//This makes sure they did not leave any fields blank
if (!$_POST['username'] | !$_POST['pass'] | !$_POST['pass2'] ) {
die('You did not complete all of the required fields');
}
<h1>Registered</h1>
<p>Thank you, you have registered - you may now login</a>.</p>
Script continued and explained on the next page.
Registration Page 2
<?php
}
else
{
?>
<?php
}
?>
Basically what this does is check to see if the form has been
submitted. If it has been submitted it checks to make sure that the
data is all OK (passwords match, username isn't in use) as
documented in the code. If everything is OK it adds the user to the
database, if not it returns the appropriate error.
If the form has not been submitted, they are shown the registration
form, which collects the username and password.
//if there is, it logs you in and directes you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or
die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
}
else
{
header("Location: members.php");
}
}
}
if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".
$_POST['username']."'")or die(mysql_error());
else
{
?>
Login Full Code
Members Area
<?php
// Connects to your Database
mysql_connect("your.hostaddress.com", "username", "password") or die(mysql_error());
mysql_select_db("Database_Name") or die(mysql_error());
//checks cookies to make sure they are logged in
if(isset($_COOKIE['ID_my_site']))
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or
die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
//if the cookie has the wrong password, they are taken to the login page
if ($pass != $info['password'])
{ header("Location: login.php");
}
//if the cookie does not exist, they are taken to the login screen
{
header("Location: login.php");
}
?>
This code checks our cookies to make sure the user is logged in, the
same way the login page did. If they are logged in, they are shown the
members area. If they are not logged in they are redirected to the
login page.
Logout Page
<?php
$past = time() - 100;
//this makes the time in the past to destroy the cookie
setcookie(ID_my_site, gone, $past);
setcookie(Key_my_site, gone, $past);
header("Location: login.php");
?>
All our logout page does is destroy the cookie, and then direct them
back to the login page. We destroy the cookie by setting the expiration
to some time in the past.