A Simple PHP+ Mysql Connection

Page 1 of 1

4 Replies - 11332 Views - Last Post: 19 November 2009 - 07:10 PM

#1 noorahmad  Icon User is offline

  • Untitled
  • member icon

Reputation: 209
  • View blog
  • Posts: 2,290
  • Joined: 12-March 09

A Simple PHP+ Mysql Connection

Posted 03 May 2009 - 05:28 AM

This tutorial uses the deprecated mysql extension (as of PHP 5.5.0) which should not be used for writing new code as it will be removed in the future. The mysqli (MySQL Improved) or PDO extension should be used instead.

Nevertheless, it has been decided to keep this tutorial available until such time as it has been either updated or re-written. In the meantime, if you wish to take the tutorial, then it is recommended that you change the mysql-extension code to use mysqli or PDO. (If you do this successfully then perhaps you might consider submitting a revised tutorial, contributing to dream.in.code and earning some Kudos!)




I always saw every one is a asking about Insertion, Edition, Updating, connection etc… so I started to make a tutorial.
Introduction:
In this tutorial I’m using:
PHP Connection with MySQL
How to Use Form in PHP
PHP SESSIONS, COOKIE, POST, GET, include, require etc…

Requirements for This:
Apache Version: 2.2.11
PHP Version: 5.2.9-2 (Available in Apache)

Now Let’s Start
First of All Create a Database “dblogin” and then create a table “users”

UserID Username Password Group Status
1 Noor Ahmad Xxxxxx 1 1

What is Group: in group we are using 1-2 (1=Admin, 2=User)
What is Status: By Status we can Disable and Enable a User.
<?php
$hostname = "localhost"; 	//Your Server Name.
$user = "root";				// Username of Server.
$password = "";				// Password of Server's User.
$dbname = "dblogin";		//Your Database.

$cn = mysql_connect($hostname,$user,$password) or die(mysql_error());
$db = mysql_select_db($dbname,$cn) or die(mysql_error());
?>


And then create out Index.php Page
<?php
if(!isset($_SESSION)){
session_start();
}
?>


What is SESSION: Session is a global Variable which we can use it everywhere in every page.
And then create a login aria in our index Page
What is isset() in PHP it use for if this Variable, SESSION, COOKIE is available then do something.

<form action="login.php" method="post" name="frmlogin" id="frmlogin">
  <table width="300" border="1" align="center" cellpadding="3" cellspacing="0" bordercolor="#FFFFFF" bgcolor="#CCCCCC">
<?php
if(isset($_SESSION['Err']))
{
echo "<tr>";
echo "<td colspan=2 align='center'>";
echo $_SESSION['Err'];
$_SESSION['Err']=NULL;
echo "</td>";
echo "</tr>";
}
?>
	<tr>
	  <td width="176">User Name </td>
	  <td width="224"><label>
		<input name="Username" type="text" class="textbox" id="Username" />
	  </label></td>
	</tr>
	<tr>
	  <td>Password</td>
	  <td><input name="Password" type="password" class="textbox" id="Password" /></td>
	</tr>
	<tr>
	  <td valign="middle"> </td>
	  <td valign="middle"><label>
		<input <?php if(isset($_COOKIE['Username'])) echo "selected"; ?> name="Remember" type="checkbox" id="Remember" value="1" />
	  </label>
	  Remeber Me </td>
	</tr>
	<tr>
	  <td> </td>
	  <td><a href="new_user.php">Not a User Signup Now! </a></td>
	</tr>
	<tr>
	  <td><?php if(isset($_COOKIE['Username']))echo $_COOKIE['Username'];?></td>
	  <td><input name="Submit" type="submit" class="btn" value="Login" /></td>
	</tr>
  </table>
</form>


And then the login.php Page
Include Use for to import one page in another page
<?php
if(!isset($_SESSION)){
session_start();}

if(!include('myCon.php')){
require('myCon.php');}

if(isset($_POST['Username'])){
$Username = $_POST['Username'];}
else{
$_SESSION['Err']="Please Type Username";
header("Location: index.php");}

if(isset($_POST['Password'])){
$Password = $_POST['Password'];}
else{
$_SESSION['Err']="Please Type Password";
header("Location: index.php");}

$Query = mysql_query("SELECT * FROM users WHERE Username='$Username' And Password='$Password'") or die(mysql_error());
$Result = mysql_fetch_assoc($Query);
$row_Query = mysql_num_rows($Query);
if($row_Query>0){
if($Result['Status']==1)
{
$_SESSION['Err']='Sorry User Disabled By Admin';
header("Location:index.php");
}
if(isset($_POST['Remember']))
{
setcookie('Username',$Username);
}
$_SESSION['Username']=$Username;
header("Location:control_panel.php");
echo "done";
}
else
{
$_SESSION['Err']="Sorry Login Faild";
header("Location:index.php");
}
?>


The logout page logout.php
<?php
if(!include('myCon.php')){
require('myCon.php');}
if(!isset($_SESSION)){
session_start();
}
?>


Login Validation login_validation.php
It use when user is accessing the pages but he is not login “Access Restriction”
<?php
if(!isset($_SESSION)){
session_start();
}
if(isset($_COOKIE['Username']))
{
$_SESSION['Username']=$_COOKIE['Username'];
}
if(!isset($_SESSION['Username']))
{
$_SESSION['Err']="Please Login First";
header("Location: index.php");
}
?>
[code/]
After login success the user is coming to control_panel.php
[code]
<?php
if(!isset($_SESSION)){
session_start();
}
if(!include('login_validation.php')){
require('login_validation.php');}
?>
<table width="500" border="1" cellpadding="2" cellspacing="0" bordercolor="#FFFFFF" bgcolor="#CCCCCC">
  <tr>
	<td width="109"><a href="control_panel.php">Home Page </a></td>
	<td width="250" rowspan="3" valign="top">Welcome To Control Panel <?php if(isset($_SESSION['Username'])){echo $_SESSION['Username'];}?> </td>
  </tr>
  <tr>
	<td><a href="control_panel.php?pid=1">User Settings </a></td>
  </tr>
  <tr>
	<td><a href="logout.php">Logout</a></td>
  </tr>
</table>
<p>
  <?php
if(isset($_GET['pid'])){
$pid = $_GET['pid'];}
if(isset($pid)){
require 'user_settings.php';}
if(isset($pid)){
require 'user_edit.php';
}

?>
  <?php
if(isset($_SESSION['Err'])){
echo $_SESSION['Err'];
$_SESSION['Err']==NULL;
unset($_SESSION['Err']);
}
?>


And then the user_setting.php Page
<?php
if(!isset($_SESSION)){
session_start();}

if(!include('myCon.php')){
require('myCon.php');}

if(!include('login_validation.php')){
require('login_validation.php');}

$Query = mysql_query("SELECT * FROM users");
?>
<link href="css.css" rel="stylesheet" type="text/css">

<table width="500" border="1" cellpadding="2" cellspacing="0" bordercolor="#FFFFFF" bgcolor="#CCCCCC">
  <tr>
	<td>Edit</td>
	<td>Delete</td>
	<td>User ID </td>
	<td>Username </td>
	<td>Password</td>
	<td>Group</td>
	<td>Status</td>
<?php
while ($Result = mysql_fetch_assoc($Query))
{
?>
  </tr>
  <tr>
	<td align="center"><a href="control_panel.php?pid=2&uid=<?php echo $Result['UserID'];?>"><img src="b_edit.png" width="16" height="16" border="0"></a></td>
	<td align="center"><a href="user_delete.php?uid=<?php echo $Result['UserID'];?>"><img src="b_drop.png" width="16" height="16" border="0"></a></td>
	<td><?php echo $Result['UserID'];?></td>
	<td><?php echo $Result['Username'];?></td>
	<td><?php echo $Result['Password'];?></td>
	<td>
<?php
switch ($Result['Group'])
{
	case 1:
	echo "Admin";
	break;

	case 2:
	echo "User";
	break;

	case 3:
	echo "Guest";	
	break;
}
;?></td>
	<td>
<?php
if($Result['Status']==1){
echo "Enabled";}
else{
echo "Disabled";};?></td>
<?php
}
?>
  </tr>
</table>


Sign up page new_user.php
<?php
if(!isset($_SESSION))
{
session_start();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Signup For a New User</title>
<link href="css.css" rel="stylesheet" type="text/css" />
</head>

<body>
<form action="new_user_code.php" method="post" name="frmnewuser" id="frmnewuser">
  <table width="400" border="1" align="center" cellpadding="2" cellspacing="0" bordercolor="#FFFFFF" bgcolor="#CCCCCC">
<?php
if(isset($_SESSION['Err']))
{
echo "<tr>";
echo "<td colspan=2 align='center'>";
echo "</tr>";
echo $_SESSION['Err'];
}
?>	
	<tr>
	  <td width="138">Username</td>
	  <td width="248"><label>
		<input name="Username" type="text" class="textbox" id="Username" />
	  </label></td>
	</tr>
	<tr>
	  <td>Password</td>
	  <td><label>
		<input name="Password" type="password" class="textbox" id="Password" />
	  </label></td>
	</tr>
	<tr>
	  <td>Confirm Password</td>
	  <td><label>
		<input name="Confirm_Password" type="password" class="textbox" id="Confirm_Password" />
	  </label></td>
	</tr>
	<tr>
	  <td>Group</td>
	  <td><label>
		<select name="Group" class="textbox" id="Group">
		  <option value="1">Administrator</option>
		  <option value="2">User</option>
		  <option value="3">Guest</option>
		</select>
	  </label></td>
	</tr>
	<tr>
	  <td>Status</td>
	  <td><select name="Status" class="textbox" id="Status">
		<option value="0">Disabled</option>
		<option value="1">Enabled</option>
	  </select></td>
	</tr>
	<tr>
	  <td> </td>
	  <td><label>
		<input name="button" type="submit" class="btn" id="button" value="Submit" />
	  </label></td>
	</tr>
  </table>
</form>
</body>
</html>


After that new_user_code.php
<?php
if(!isset($_SESSION)){
session_start();}

if(!include('myCon.php')){
require('myCon.php');}

$Err = NULL;

if(isset($_POST['Username'])){
$un = $_POST['Username'];}
if(isset($_POST['Password'])){
$pass1 = $_POST['Password'];}
if(isset($_POST['Confirm_Password'])){
$pass2 = $_POST['Confirm_Password'];}
if(isset($_POST['Group'])){
$Group = $_POST['Group'];}
if(isset($_POST['Status'])){
$Status=$_POST['Status'];}

if($pass1!=$pass2){
$_SESSION['Err']="Password Not Matching";
header("Location:new_user.php");
}
$Query = mysql_query("SELECT `Username` FROM users WHERE Username='$un'") or die(mysql_error());
if(mysql_num_rows($Query)>0)
{
echo mysql_num_rows($Query);
$_SESSION['Err']="Username Already Exist";
header("Location:new_user.php");
}
else
{
$Query = mysql_query("INSERT INTO users (`Username`,`Password`,`Group`,`Status`) VALUES ('$un','$pass1',$Group,$Status)") or die(mysql_error());
$_SESSION['Err']="User Created Successfully";
header("Location:index.php");
}
?>


delete_user.php
<?php
if(!isset($_SESSION))
{
session_start();
}
if(!include('myCon.php')){
require('myCon.php');}

if(isset($_GET['uid'])){
$uid=$_GET['uid'];
$Query = mysql_query("DELETE FROM users WHERE UserID=$uid");
$_SESSION['Err']="User Deleted Successfully";
header("Location: control_panel.php?pid=2");
}
?>


Edit user page user_edit.php
<?php

if(isset($_GET['uid'])){
$uid=$_GET['uid'];
$Query = mysql_query("SELECT * FROM users WHERE UserID=$uid") or die(mysql_error());
$Result = mysql_fetch_assoc($Query)or die(mysql_error());
}elseif(isset($_GET['uid'])=='' && (!isset($_GET['uid']))){
die();
}
?>
<link href="css.css" rel="stylesheet" type="text/css">

<form action="user_update.php" method="post" id="frmuserpage">
<?php
if(mysql_num_rows($Query)>0)
{
echo mysql_num_rows($Query);
?>
  <table width="500" border="1" cellpadding="2" cellspacing="0" bordercolor="#FFFFFF" bgcolor="#CCCCCC">
	<tr>
	  <td>Username</td>
	  <td>Password</td>
	  <td>Group</td>
	  <td>Status</td>
	</tr>
	<tr>
	  <td><label>
		<input name="Username" type="text" class="textbox" id="Username" value="<?php echo $Result['Username'];?>">
	  </label></td>
	  <td><label>
		<input name="Password" type="text" class="textbox" id="Password" value="<?php echo $Result['Password']?>">
	  </label></td>
	  <td><label>
		<select name="Group" class="textbox" id="Group">
		  <option value="1" <?php if($Result['Group']==1) echo "selected";?>>Administrator</option>
		  <option value="2" <?php if($Result['Group']==2) echo "selected";?>>User</option>
		  <option value="3" <?php if($Result['Group']==3) echo "selected";?>>Guest</option>
		</select>
	  </label></td>
	  <td><label>
		<select name="Status" class="textbox" id="Status">
		  <option value="0"<?php if($Result['Status']==0) echo "selected";?>>Disabled</option>
		  <option value="1"<?php if($Result['Status']==1) echo "selected";?>>Enabled</option>
		</select>
	  </label></td>
	</tr>
	<tr>
	  <td><input name="UserID" type="hidden" id="UserID" value="<?php echo $Result['UserID'];?>"></td>
	  <td> </td>
	  <td> </td>
	  <td><label>
		<input name="Submit" type="submit" class="btn" value="Update" />
	  </label></td>
	</tr>
  </table>
<?php
}
else
{
?>
<table width="500" border="0" cellspacing="0" cellpadding="0">
  <tr>
	<td align="center">Sorry No User Found </td>
  </tr>
</table>
<?php
}
?> 
</form>


user_edit.php page send data to user_update.php
<?php
if(!isset($_SESSION)){
session_start();}
if(!include('myCon.php')){
require('myCon.php');}
if(isset($_POST['UserID'])) $UserID = $_POST['UserID'];
if(isset($_POST['Username'])) $Username = $_POST['Username'];
if(isset($_POST['Password'])) $Password = $_POST['Password'];
if(isset($_POST['Group'])) $Group = $_POST['Group'];
if(isset($_POST['Status'])) $Status = $_POST['Status'];

$Query = mysql_query("UPDATE users SET `Username`='$Username',`Password`='$Password', `Group`=$Group, `Status`=$Status WHERE UserID=$UserID") or die(mysql_error());
$_SESSION['Err']="User Update Successfully";
header("Location: control_panel.php?pid=2&uid=$UserID");

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>User Update</title>
</head>

<body>
</body>
</html>

Attached File(s)

  • Attached File  Login.zip (8.93K)
    Number of downloads: 563

This post has been edited by andrewsw: 30 January 2015 - 12:40 PM


Is This A Good Question/Topic? 1
  • +

Replies To: A Simple PHP+ Mysql Connection

#2 no2pencil  Icon User is online

  • Professor Snuggly Pants
  • member icon

Reputation: 5861
  • View blog
  • Posts: 28,743
  • Joined: 10-May 07

Re: A Simple PHP+ Mysql Connection

Posted 05 May 2009 - 07:27 PM

I would suggest adding encryption (md5 or salts) to your password variable, rather than leaving it in plain text, as well as using strip_tags() while reading in post variables.
Was This Post Helpful? 0
  • +
  • -

#3 Wimpy  Icon User is offline

  • R.I.P. ( Really Intelligent Person, right? )
  • member icon

Reputation: 159
  • View blog
  • Posts: 1,038
  • Joined: 02-May 09

Re: A Simple PHP+ Mysql Connection

Posted 24 May 2009 - 06:42 AM

Is sha1() a salt? I thought a salt was something you added to the password along with the encryption, like:
<?php
$password = "Fiskpudding01";
$salt = "torsk";
$salted_password = md5($salt.$password);
?>


View Postno2pencil, on 6 May, 2009 - 04:27 AM, said:

I would suggest adding encryption (md5 or salts) to your password variable, rather than leaving it in plain text, as well as using strip_tags() while reading in post variables.

Was This Post Helpful? 0
  • +
  • -

#4 William_Wilson  Icon User is offline

  • lost in compilation
  • member icon

Reputation: 206
  • View blog
  • Posts: 4,809
  • Joined: 23-December 05

Re: A Simple PHP+ Mysql Connection

Posted 24 May 2009 - 07:05 AM

@wimpy: you are correct, No2's link should say sha1, since md5 and sha1 are both encryption and a salt is something added before the encryption. I'm sure it was just a type-o.

For installations of PHP5.0+ (which you're using: 5.2.9-2) using mysqli would probably be a better option, but most calls are exactly the same, eg: mysql_connect becomes mysqli_connect, it is better optimized than the mysql calls.
The i stands for "improved".
Was This Post Helpful? 0
  • +
  • -

#5 anavrin  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 1
  • Joined: 16-November 09

Re: A Simple PHP+ Mysql Connection

Posted 19 November 2009 - 07:10 PM

:^: thanks bro for this tutorial
thanks to dream in code too
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1