Page 1 of 1

A Simple PHP+ Mysql Connection Insert, Updateing, Deleting and etc.. Rate Topic: ***** 2 Votes

#1 noorahmad  Icon User is offline

  • Untitled
  • member icon

Reputation: 209
  • View blog
  • Posts: 2,290
  • Joined: 12-March 09

Posted 03 May 2009 - 05:28 AM

I always saw every one is a asking about Insertion, Edition, Updating, connection etc… so I started to make a tutorial.
Introduction:
In this tutorial I’m using:
PHP Connection with MySQL
How to Use Form in PHP
PHP SESSIONS, COOKIE, POST, GET, include, require etc…

Requirements for This:
Apache Version: 2.2.11
PHP Version: 5.2.9-2 (Available in Apache)

Now Let’s Start
First of All Create a Database “dblogin” and then create a table “users”

UserID Username Password Group Status
1 Noor Ahmad Xxxxxx 1 1

What is Group: in group we are using 1-2 (1=Admin, 2=User)
What is Status: By Status we can Disable and Enable a User.
<?php
$hostname = "localhost"; 	//Your Server Name.
$user = "root";				// Username of Server.
$password = "";				// Password of Server's User.
$dbname = "dblogin";		//Your Database.

$cn = mysql_connect($hostname,$user,$password) or die(mysql_error());
$db = mysql_select_db($dbname,$cn) or die(mysql_error());
?>


And then create out Index.php Page
<?php
if(!isset($_SESSION)){
session_start();
}
?>


What is SESSION: Session is a global Variable which we can use it everywhere in every page.
And then create a login aria in our index Page
What is isset() in PHP it use for if this Variable, SESSION, COOKIE is available then do something.

<form action="login.php" method="post" name="frmlogin" id="frmlogin">
  <table width="300" border="1" align="center" cellpadding="3" cellspacing="0" bordercolor="#FFFFFF" bgcolor="#CCCCCC">
<?php
if(isset($_SESSION['Err']))
{
echo "<tr>";
echo "<td colspan=2 align='center'>";
echo $_SESSION['Err'];
$_SESSION['Err']=NULL;
echo "</td>";
echo "</tr>";
}
?>
	<tr>
	  <td width="176">User Name </td>
	  <td width="224"><label>
		<input name="Username" type="text" class="textbox" id="Username" />
	  </label></td>
	</tr>
	<tr>
	  <td>Password</td>
	  <td><input name="Password" type="password" class="textbox" id="Password" /></td>
	</tr>
	<tr>
	  <td valign="middle"> </td>
	  <td valign="middle"><label>
		<input <?php if(isset($_COOKIE['Username'])) echo "selected"; ?> name="Remember" type="checkbox" id="Remember" value="1" />
	  </label>
	  Remeber Me </td>
	</tr>
	<tr>
	  <td> </td>
	  <td><a href="new_user.php">Not a User Signup Now! </a></td>
	</tr>
	<tr>
	  <td><?php if(isset($_COOKIE['Username']))echo $_COOKIE['Username'];?></td>
	  <td><input name="Submit" type="submit" class="btn" value="Login" /></td>
	</tr>
  </table>
</form>


And then the login.php Page
Include Use for to import one page in another page
<?php
if(!isset($_SESSION)){
session_start();}

if(!include('myCon.php')){
require('myCon.php');}

if(isset($_POST['Username'])){
$Username = $_POST['Username'];}
else{
$_SESSION['Err']="Please Type Username";
header("Location: index.php");}

if(isset($_POST['Password'])){
$Password = $_POST['Password'];}
else{
$_SESSION['Err']="Please Type Password";
header("Location: index.php");}

$Query = mysql_query("SELECT * FROM users WHERE Username='$Username' And Password='$Password'") or die(mysql_error());
$Result = mysql_fetch_assoc($Query);
$row_Query = mysql_num_rows($Query);
if($row_Query>0){
if($Result['Status']==1)
{
$_SESSION['Err']='Sorry User Disabled By Admin';
header("Location:index.php");
}
if(isset($_POST['Remember']))
{
setcookie('Username',$Username);
}
$_SESSION['Username']=$Username;
header("Location:control_panel.php");
echo "done";
}
else
{
$_SESSION['Err']="Sorry Login Faild";
header("Location:index.php");
}
?>


The logout page logout.php
<?php
if(!include('myCon.php')){
require('myCon.php');}
if(!isset($_SESSION)){
session_start();
}
?>


Login Validation login_validation.php
It use when user is accessing the pages but he is not login “Access Restriction”
<?php
if(!isset($_SESSION)){
session_start();
}
if(isset($_COOKIE['Username']))
{
$_SESSION['Username']=$_COOKIE['Username'];
}
if(!isset($_SESSION['Username']))
{
$_SESSION['Err']="Please Login First";
header("Location: index.php");
}
?>
[code/]
After login success the user is coming to control_panel.php
[code]
<?php
if(!isset($_SESSION)){
session_start();
}
if(!include('login_validation.php')){
require('login_validation.php');}
?>
<table width="500" border="1" cellpadding="2" cellspacing="0" bordercolor="#FFFFFF" bgcolor="#CCCCCC">
  <tr>
	<td width="109"><a href="control_panel.php">Home Page </a></td>
	<td width="250" rowspan="3" valign="top">Welcome To Control Panel <?php if(isset($_SESSION['Username'])){echo $_SESSION['Username'];}?> </td>
  </tr>
  <tr>
	<td><a href="control_panel.php?pid=1">User Settings </a></td>
  </tr>
  <tr>
	<td><a href="logout.php">Logout</a></td>
  </tr>
</table>
<p>
  <?php
if(isset($_GET['pid'])){
$pid = $_GET['pid'];}
if(isset($pid)){
require 'user_settings.php';}
if(isset($pid)){
require 'user_edit.php';
}

?>
  <?php
if(isset($_SESSION['Err'])){
echo $_SESSION['Err'];
$_SESSION['Err']==NULL;
unset($_SESSION['Err']);
}
?>


And then the user_setting.php Page
<?php
if(!isset($_SESSION)){
session_start();}

if(!include('myCon.php')){
require('myCon.php');}

if(!include('login_validation.php')){
require('login_validation.php');}

$Query = mysql_query("SELECT * FROM users");
?>
<link href="css.css" rel="stylesheet" type="text/css">

<table width="500" border="1" cellpadding="2" cellspacing="0" bordercolor="#FFFFFF" bgcolor="#CCCCCC">
  <tr>
	<td>Edit</td>
	<td>Delete</td>
	<td>User ID </td>
	<td>Username </td>
	<td>Password</td>
	<td>Group</td>
	<td>Status</td>
<?php
while ($Result = mysql_fetch_assoc($Query))
{
?>
  </tr>
  <tr>
	<td align="center"><a href="control_panel.php?pid=2&uid=<?php echo $Result['UserID'];?>"><img src="b_edit.png" width="16" height="16" border="0"></a></td>
	<td align="center"><a href="user_delete.php?uid=<?php echo $Result['UserID'];?>"><img src="b_drop.png" width="16" height="16" border="0"></a></td>
	<td><?php echo $Result['UserID'];?></td>
	<td><?php echo $Result['Username'];?></td>
	<td><?php echo $Result['Password'];?></td>
	<td>
<?php
switch ($Result['Group'])
{
	case 1:
	echo "Admin";
	break;

	case 2:
	echo "User";
	break;

	case 3:
	echo "Guest";	
	break;
}
;?></td>
	<td>
<?php
if($Result['Status']==1){
echo "Enabled";}
else{
echo "Disabled";};?></td>
<?php
}
?>
  </tr>
</table>


Sign up page new_user.php
<?php
if(!isset($_SESSION))
{
session_start();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Signup For a New User</title>
<link href="css.css" rel="stylesheet" type="text/css" />
</head>

<body>
<form action="new_user_code.php" method="post" name="frmnewuser" id="frmnewuser">
  <table width="400" border="1" align="center" cellpadding="2" cellspacing="0" bordercolor="#FFFFFF" bgcolor="#CCCCCC">
<?php
if(isset($_SESSION['Err']))
{
echo "<tr>";
echo "<td colspan=2 align='center'>";
echo "</tr>";
echo $_SESSION['Err'];
}
?>	
	<tr>
	  <td width="138">Username</td>
	  <td width="248"><label>
		<input name="Username" type="text" class="textbox" id="Username" />
	  </label></td>
	</tr>
	<tr>
	  <td>Password</td>
	  <td><label>
		<input name="Password" type="password" class="textbox" id="Password" />
	  </label></td>
	</tr>
	<tr>
	  <td>Confirm Password</td>
	  <td><label>
		<input name="Confirm_Password" type="password" class="textbox" id="Confirm_Password" />
	  </label></td>
	</tr>
	<tr>
	  <td>Group</td>
	  <td><label>
		<select name="Group" class="textbox" id="Group">
		  <option value="1">Administrator</option>
		  <option value="2">User</option>
		  <option value="3">Guest</option>
		</select>
	  </label></td>
	</tr>
	<tr>
	  <td>Status</td>
	  <td><select name="Status" class="textbox" id="Status">
		<option value="0">Disabled</option>
		<option value="1">Enabled</option>
	  </select></td>
	</tr>
	<tr>
	  <td> </td>
	  <td><label>
		<input name="button" type="submit" class="btn" id="button" value="Submit" />
	  </label></td>
	</tr>
  </table>
</form>
</body>
</html>


After that new_user_code.php
<?php
if(!isset($_SESSION)){
session_start();}

if(!include('myCon.php')){
require('myCon.php');}

$Err = NULL;

if(isset($_POST['Username'])){
$un = $_POST['Username'];}
if(isset($_POST['Password'])){
$pass1 = $_POST['Password'];}
if(isset($_POST['Confirm_Password'])){
$pass2 = $_POST['Confirm_Password'];}
if(isset($_POST['Group'])){
$Group = $_POST['Group'];}
if(isset($_POST['Status'])){
$Status=$_POST['Status'];}

if($pass1!=$pass2){
$_SESSION['Err']="Password Not Matching";
header("Location:new_user.php");
}
$Query = mysql_query("SELECT `Username` FROM users WHERE Username='$un'") or die(mysql_error());
if(mysql_num_rows($Query)>0)
{
echo mysql_num_rows($Query);
$_SESSION['Err']="Username Already Exist";
header("Location:new_user.php");
}
else
{
$Query = mysql_query("INSERT INTO users (`Username`,`Password`,`Group`,`Status`) VALUES ('$un','$pass1',$Group,$Status)") or die(mysql_error());
$_SESSION['Err']="User Created Successfully";
header("Location:index.php");
}
?>


delete_user.php
<?php
if(!isset($_SESSION))
{
session_start();
}
if(!include('myCon.php')){
require('myCon.php');}

if(isset($_GET['uid'])){
$uid=$_GET['uid'];
$Query = mysql_query("DELETE FROM users WHERE UserID=$uid");
$_SESSION['Err']="User Deleted Successfully";
header("Location: control_panel.php?pid=2");
}
?>


Edit user page user_edit.php
<?php

if(isset($_GET['uid'])){
$uid=$_GET['uid'];
$Query = mysql_query("SELECT * FROM users WHERE UserID=$uid") or die(mysql_error());
$Result = mysql_fetch_assoc($Query)or die(mysql_error());
}elseif(isset($_GET['uid'])=='' && (!isset($_GET['uid']))){
die();
}
?>
<link href="css.css" rel="stylesheet" type="text/css">

<form action="user_update.php" method="post" id="frmuserpage">
<?php
if(mysql_num_rows($Query)>0)
{
echo mysql_num_rows($Query);
?>
  <table width="500" border="1" cellpadding="2" cellspacing="0" bordercolor="#FFFFFF" bgcolor="#CCCCCC">
	<tr>
	  <td>Username</td>
	  <td>Password</td>
	  <td>Group</td>
	  <td>Status</td>
	</tr>
	<tr>
	  <td><label>
		<input name="Username" type="text" class="textbox" id="Username" value="<?php echo $Result['Username'];?>">
	  </label></td>
	  <td><label>
		<input name="Password" type="text" class="textbox" id="Password" value="<?php echo $Result['Password']?>">
	  </label></td>
	  <td><label>
		<select name="Group" class="textbox" id="Group">
		  <option value="1" <?php if($Result['Group']==1) echo "selected";?>>Administrator</option>
		  <option value="2" <?php if($Result['Group']==2) echo "selected";?>>User</option>
		  <option value="3" <?php if($Result['Group']==3) echo "selected";?>>Guest</option>
		</select>
	  </label></td>
	  <td><label>
		<select name="Status" class="textbox" id="Status">
		  <option value="0"<?php if($Result['Status']==0) echo "selected";?>>Disabled</option>
		  <option value="1"<?php if($Result['Status']==1) echo "selected";?>>Enabled</option>
		</select>
	  </label></td>
	</tr>
	<tr>
	  <td><input name="UserID" type="hidden" id="UserID" value="<?php echo $Result['UserID'];?>"></td>
	  <td> </td>
	  <td> </td>
	  <td><label>
		<input name="Submit" type="submit" class="btn" value="Update" />
	  </label></td>
	</tr>
  </table>
<?php
}
else
{
?>
<table width="500" border="0" cellspacing="0" cellpadding="0">
  <tr>
	<td align="center">Sorry No User Found </td>
  </tr>
</table>
<?php
}
?> 
</form>


user_edit.php page send data to user_update.php
<?php
if(!isset($_SESSION)){
session_start();}
if(!include('myCon.php')){
require('myCon.php');}
if(isset($_POST['UserID'])) $UserID = $_POST['UserID'];
if(isset($_POST['Username'])) $Username = $_POST['Username'];
if(isset($_POST['Password'])) $Password = $_POST['Password'];
if(isset($_POST['Group'])) $Group = $_POST['Group'];
if(isset($_POST['Status'])) $Status = $_POST['Status'];

$Query = mysql_query("UPDATE users SET `Username`='$Username',`Password`='$Password', `Group`=$Group, `Status`=$Status WHERE UserID=$UserID") or die(mysql_error());
$_SESSION['Err']="User Update Successfully";
header("Location: control_panel.php?pid=2&uid=$UserID");

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>User Update</title>
</head>

<body>
</body>
</html>

Attached File(s)

  • Attached File  Login.zip (8.93K)
    Number of downloads: 531


Is This A Good Question/Topic? 1
  • +

Replies To: A Simple PHP+ Mysql Connection

#2 no2pencil  Icon User is offline

  • Toubabo Koomi
  • member icon

Reputation: 5182
  • View blog
  • Posts: 26,886
  • Joined: 10-May 07

Posted 05 May 2009 - 07:27 PM

I would suggest adding encryption (md5 or salts) to your password variable, rather than leaving it in plain text, as well as using strip_tags() while reading in post variables.
Was This Post Helpful? 0
  • +
  • -

#3 Wimpy  Icon User is offline

  • R.I.P. ( Really Intelligent Person, right? )
  • member icon

Reputation: 159
  • View blog
  • Posts: 1,038
  • Joined: 02-May 09

Posted 24 May 2009 - 06:42 AM

Is sha1() a salt? I thought a salt was something you added to the password along with the encryption, like:
<?php
$password = "Fiskpudding01";
$salt = "torsk";
$salted_password = md5($salt.$password);
?>


View Postno2pencil, on 6 May, 2009 - 04:27 AM, said:

I would suggest adding encryption (md5 or salts) to your password variable, rather than leaving it in plain text, as well as using strip_tags() while reading in post variables.

Was This Post Helpful? 0
  • +
  • -

#4 William_Wilson  Icon User is offline

  • lost in compilation
  • member icon

Reputation: 205
  • View blog
  • Posts: 4,807
  • Joined: 23-December 05

Posted 24 May 2009 - 07:05 AM

@wimpy: you are correct, No2's link should say sha1, since md5 and sha1 are both encryption and a salt is something added before the encryption. I'm sure it was just a type-o.

For installations of PHP5.0+ (which you're using: 5.2.9-2) using mysqli would probably be a better option, but most calls are exactly the same, eg: mysql_connect becomes mysqli_connect, it is better optimized than the mysql calls.
The i stands for "improved".
Was This Post Helpful? 0
  • +
  • -

#5 anavrin  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 1
  • Joined: 16-November 09

Posted 19 November 2009 - 07:10 PM

:^: thanks bro for this tutorial
thanks to dream in code too
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1