Forum Moderators: coopster
-----------------------------------------------------------
html registration form
-----------------------------------------------------------
<html>
<body>
<link rel="stylesheet" href="http://www.************.co.uk/********.css">
<center><b>Please Input Your Username, Password and Email Address</b>
<form method="POST" action="register_add.php">
<table>
<tr><td align=right><b><font size=-1>Enter Username : </td><td><b><font size=-1><input type=text name="USERNAME"></td></tr>
<tr><td align=right><b><font size=-1>Enter Password : </td><td><b><font size=-1><input type=password name="PASSWORD"></td></tr>
<tr><td align=right><b><font size=-1>Re-Enter Password : </td><td><b><font size=-1><input type=password name="PASSWORD2"></td></tr>
<tr><td><b><font size=-1>Enter a Valid Email Address :</td><td><b><font size=-1><input type=text name="EMAILADD"></td></tr>
<tr><td align=right><b><font size=-1>Re-Enter Email Address : </td><td><b><font size=-1><input type=text name="EMAILADD2"></td></tr>
<tr><td><input type="submit" value="Register Me"></td><td><input type="reset" value="Start Again"></td></tr>
</table>
</form>
</center>
</body>
</html>
-----------------------------------------------------------
php which passes the info to the database
-----------------------------------------------------------
<link rel="stylesheet" href="http://www.**********.co.uk/********.css">
<?php
include ("connection.php");
echo "<center><b>Registration Form</b></center>";
$error=false;
$pass_error=false;
$email_error=false;
if (($USERNAME == "") ¦¦ ($PASSWORD == "") ¦¦ ($EMAILADD == "") ¦¦ ($PASSWORD2 == "") ¦¦ ($EMAILADD2 == "") )
{
$error=true;
}
if ($PASSWORD!= $PASSWORD2)
{
$pass_error=true;
}
if ($EMAILADD!= $EMAILADD2)
{
$email_error=true;
}
if ($error)
{
echo "<br>All fields need to be filled in";
}
if ($pass_error)
{
echo "<br>Both the password fields need to match";
}
if ($email_error)
{
echo "<br>Both the Email Address fields need to match";
}
if (($error) ¦¦ ($pass_error) ¦¦ ($email_error))
{
echo "<br>Back to the Registration <a href=\"register.php\">Form</a>";
exit;
}
$sql="INSERT INTO USERS (USERNAME,PASSWORD,EMAILADD) VALUES ('$USERNAME', MD5('$PASSWORD'),'$EMAILADD')";
$sql2="SELECT * FROM USERS WHERE USERNAME='$USERNAME' AND PASSWORD='$PASSWORD' AND EMAILADD='$EMAILADD'";
$mysql_result=mysql_query(sql2);
$num_rows=@mysql_num_rows($mysql_result);
if ( $num_rows!= 0)
{
echo "<br>USERNAME already in use, Please Choose another <a href=\"register.php\">Back</a>";
exit;
}
if (!mysql_query($sql))
{
echo "Error cannot add record..Retry";
echo "<br><a href=\"register.php\">Back</a>";
exit;
}
else
{
echo "Table updated [".mysql_affected_rows()."] record added<br>";
echo "Welcome Please make note of your details<br>";
echo "Username : <b>$USERNAME</b><br>Password : <b>$PASSWORD</b><br> Email Address : <b>$EMAILADD</b>";
echo "<br>You now need to <a href=\"loginpage.php\">LOGIN</a>";
}
?>
-----------------------------------------------------------
The info gets passed to the database and the password is encrypted, but how do i now use the info to login?
When you process the form data, compare the hash to the one in the database.
//From form
$pass = $_POST['pass'];
$user = $_POST['user'];
//Query the DB
$query = mysql_query("SELECT USERNAME,PASSWORD FROM USERS WHERE USERNAME = '".md5($user)."' AND PASSWORD = '".md5($pass)."' LIMIT 1") or die(mysql_error());
if (mysql_num_rows($query)>0)
{
//ok
//register session data
}
else
{
//not ok
}
Hope that helps.
dc
//From form
$pass = $_POST['pass'];
$user = $_POST['user'];
Access POST variables as I mentioned.
dc
login form
------------------------------------------------------
<html>
<body>
<link rel="stylesheet" href="http://www.clanore.co.uk/XeonStyle.css">
<center><b>Please Input Your Username, Password and Email Address</b>
<form method="POST" action="login3.php">
<table>
<tr><td align=right><b><font size=-1>Enter Username : </td><td><b><font size=-1><input type=text name="USERNAME"></td></tr>
<tr><td align=right><b><font size=-1>Enter Password : </td><td><b><font size=-1><input type=password name="PASSWORD"></td></tr>
<tr><td><input type="submit" value="LOG IN"></td></tr>
</table>
</form>
</center>
</body>
</html>
------------------------------------------------------
PHP
------------------------------------------------------
<?php
include ("connection.php");
$PASSWORD = $_POST['PASSWORD'];
$USERNAME = $_POST['USERNAME'];
//Query the DB
$sql = "SELECT USERNAME,PASSWORD FROM USERS WHERE USERNAME = '".md5($USERNAME)."' AND PASSWORD = '".md5($PASSWORD)."' LIMIT 1";
$mysql_result=mysql_query($sql) or die(mysql_error());
if (!mysql_query($sql))
{
echo "ok";
//register session data
}
else
{
echo "not ok";
}
?>
------------------------------------------------------
it always seems to drop down to the "not ok" bit any idears
Try mysql_num_rows to see if any rows were returned.
if (mysql_num_rows($mysql_result)>0)
{
echo "OK";
}
else
{
echo "NOT OK";
}
dc
-------------------------------------------------------
From my web page USERNAME and PASSWORD are md5 encoded
-------------------------------------------------------
Username : c165c74dd5bc1ce0b0498653d5b465e8
Password : f079b4d872e7d1415bace2a536f91407
-------------------------------------------------------
This is what it is stored as in the data base
-------------------------------------------------------
USERNAME : f34a14d72e6f6a2b836c3c68347c283b
PASSWORD : b99b7467c512b54c14673a7fdc78bd4c
I have just also noticed that when i register as a new person that both the encypted username and password are the same as another person already in the data base with completly different usernames and passwords how can this be?
Does anyone known why IE6 does not work right. and why I cant get my login page to work
Help please this is doing my nut in.
How do I go about doing authentication on my web pages?
Look into sessions for what you want. Try this thread for starters:
[webmasterworld.com...]
dc
