[kollyshow]

Hello everyone,
I just design a website with MSFrontPage with an intention of having a registration and login form on it. After editing all I need to edit on the PHP script that I have, I still have a great challenge in embeding the form on the already designed web page. I want to know if it is possible to have pointer on the

<form name="form1" method="post" action="login.php">

that will execute the script straight or how do I embed the form into my webpage?
I have attached the scripts here.

[CTphpnwb]

If by "execute the script straight" you mean post data to a new page generated by the script, then what you have can work. If you want to login without changing the entire page, then you need to read up on ajax.

[EnvXOwner]

kollyshow, on 05 June 2010 - 12:06 PM, said:

Hello everyone,
I just design a website with MSFrontPage with an intention of having a registration and login form on it. After editing all I need to edit on the PHP script that I have, I still have a great challenge in embeding the form on the already designed web page. I want to know if it is possible to have pointer on the

<form name="form1" method="post" action="login.php">

that will execute the script straight or how do I embed the form into my webpage?
I have attached the scripts here.

You really didn't give enough information but try this.

<?php

session_start();

$username = $_POST['username'];
$password = $_POST['password'];

include_once("connect.php");

if($username && $username)
{
        
        $queryget = mysql_query("SELECT * FROM table_name WHERE username='$username' AND password='$password'")or die(mysql_error())
;
        $numrows = mysql_num_rows($queryget);
        if ($numrows != 0)
        {
        $_SESSION['username'] = $username;
echo "You are now logged in.";

        }
        else
        echo "Your username was not found.";
}
else
{
        echo "You are either not a registered member or did not fill out you information correctly.";
}


?>
<html>
<head></head>
<body>
<table>
<tr>
<td>Username:</td>
<td><input type="text" name="username"</td>
</tr>
<tr>
<td>Password:</td>
<td><input type="text" name="password"</td>
</tr>
<tr>
<td><input type="submit" name="submit" value="Login"></td>
</tr>
</table>
</body>
</html>

This post has been edited by VB.Terry: 07 June 2010 - 12:20 PM

[CTphpnwb]

That's not valid html. You're outputting information before the html tags. That's not going to pass a validation test.

[mahcuz]

Not to mention it's lacking a doctype and a <title> element, and it's using tables for layouts. What is this, 1995?

[kollyshow]

Thanks Terry.
Here is what I have in the script.
I have login.php logout.php and password.php
For the login.php here is the code that I have;

<? 
session_start();
if(isset($_GET['reg'])){
$reg=$_GET['reg'];
}else{
$reg="";
}
if($reg==1){
$msg1="<font color=\"#FF0000\"><b>Your details have been added, please login</b></font>";
}elseif($reg==2){
$msg1="<font color=\"#FF0000\"><b>You have been successfully logged out.</b></font>";
}

if(isset($_POST['submit'])){
if( empty($_POST['uname']) && (empty($_POST['upass']))){
header( "Location:Messages.php?msg=1" ); 
exit();
}
//transfer to shorter var
$n=$_POST['uname'];
$p=$_POST['upass'];

//connect to db
include('config.php');
$query="select * from user where uname='$n'  and pw='$p' ";
$result=mysql_query($query);
	
$num=mysql_num_rows($result);
if($num>0 ){

//put in session vars

$mytime=time();
$mytime=date("H:i:s A",$mytime);
$_SESSION['time'] = $mytime;
$_SESSION['status'] = 'logged';
$_SESSION['username'] = $n;
//goto next page
header("location:welcome.php");
exit;
}else{
$_SESSION['status'] = 'not logged';

header( "Location:Messages.php?msg=2" ); 
exit();

}
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/Auth.dwt.php" codeOutsideHTMLIsLocked="false" -->
<head>
<!-- InstanceBeginEditable name="doctitle" -->
<title>Login</title>
<!-- InstanceEndEditable -->
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<!-- InstanceBeginEditable name="head" -->
<!-- InstanceEndEditable -->
<link href="styleLog.css" rel="stylesheet" type="text/css">
</head>

<body>
<table width="100%"  border="0" cellspacing="7" cellpadding="0">
  <tr class="temptitle">
    <td><!-- InstanceBeginEditable name="EditRegion4" -->Login<!-- InstanceEndEditable --></td>
  </tr>
  <tr>
    <td><!-- InstanceBeginEditable name="EditRegion3" -->
      <form name="form1" method="post" action="login.php">
        <table width="81%"  border="0" align="center" cellpadding="0" cellspacing="3">
          <tr class="listtop">
            <td colspan="3">Login Status:<? if(isset($msg1)){
			echo "$msg1";
			}?></td>
          </tr>
          <tr>
            <td width="9%">Username</td>
            <td width="41%"><input name="uname" type="text" id="uname" size="50"></td>
           
          </tr>
          <tr>
            <td>Password</td>
            <td><input name="upass" type="text" id="upass" size="50"></td>
           
          </tr>
          <tr>
            <td colspan="2"><div align="center"><a href="password.php">Forgotten your password?</a>|<a href="register.php">Register</a> </div></td>
         
          </tr>
          <tr>
            <td>&nbsp;</td>
            <td><input type="submit" name="submit" value="Login"></td>
           
          </tr>
        </table>
      </form>
    <!-- InstanceEndEditable --></td>
  </tr>
  <tr>
    <td><div align="center">Copyright 2005 </div></td>
  </tr>
</table>
</body>
<!-- InstanceEnd --></html>

This is for logout.php

<?
session_start();

if($_SESSION["status"]="logged") {
session_unset(); 
session_destroy();
header( "Location:login.php?reg=2" ); 
exit();
} 
else{ 
if ($_SESSION["status"]="not logged") {
//the session variable isn't registered, the user shouldn't even be on this page 
header( "Location:login.php" ); 
exit();
}
}
?>

And here is the password.php code

<?
include("fns.php");
include "config.php";
if(isset($_POST['Submit'])){
//1. Check if form fields are filled in
if(!filledin($_POST)){
header( "Location:Messages.php?msg=7" ); 
exit();
}
$name=$_POST['name'];
$em=$_POST['mail'];

//2. Check if entered name exist

$query="Select pw from user where uname='$name'" or die(mysql_error());
$result= mysql_query($query); 

if(mysql_num_rows($result)>0){
for ($i=0; $i<mysql_num_rows($result); $i++) {
$row = mysql_fetch_assoc($result);

$pass=$row['pw'];
$to="$em\r\n";
$from="From: Admin@jacquesnoah.co.uk\r\n";
$msg="Password:$pass\r\n";
$msg .="Username:$name\r\n";
$msg .="Please change your password as soon as you logon\r\n";
$subject="From Admin re:Your Login Password\r\n";
}
}else{
header( "Location:Messages.php?msg=8" ); 
exit();
}

//4. Send password to user
if(mail($to,$subject,$msg,$from)){
header( "Location:Messages.php?msg=9&email=<?php echo $em; ?>" ); 
exit();
//echo "Please click here to log";
}else{
header( "Location:Messages.php?msg=10"); 
exit();
}
}

?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/Auth.dwt.php" codeOutsideHTMLIsLocked="false" -->
<head>
<!-- InstanceBeginEditable name="doctitle" -->
<title>Recover Password</title>
<!-- InstanceEndEditable -->
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<!-- InstanceBeginEditable name="head" -->
<!-- InstanceEndEditable -->
<link href="styleLog.css" rel="stylesheet" type="text/css">
</head>

<body>
<table width="100%"  border="0" cellspacing="7" cellpadding="0">
  <tr class="temptitle">
    <td><!-- InstanceBeginEditable name="EditRegion4" -->Password Recovery <!-- InstanceEndEditable --></td>
  </tr>
  <tr>
    <td><!-- InstanceBeginEditable name="EditRegion3" --><form name="form1" method="post" action="password.php">
   Please fill in the following:
   <br>
 <table width="445" border="0">
  <tr>
    <td width="187"><div align="left">Username</div></td>
    <td width="242"><input name="name" type="text" size="40"></td>
  </tr>
  <tr>
    <td><div align="left">Email <font color="#FF0000" size="2">(password will be sent here)</font> </div>      </td>
    <td><input name="mail" type="text" size="40"></td>
  </tr>
  <tr>
    <td> <input name="Submit" type="submit">      </td>
    <td></td>
  </tr>
</table>

</form> <!-- InstanceEndEditable --></td>
  </tr>
  <tr>
    <td><div align="center">Copyright 2005 </div></td>
  </tr>
</table>
</body>
<!-- InstanceEnd --></html>

And ultimately the regitration code

<?php 
if(isset($_POST['Submit'])){
//NEED TO CHECK IF FIELDS ARE FILLED IN
if( empty($_POST['name']) && (empty($_POST['email']))){
header("Location:Messages.php?msg=3"); 
exit();
}
if( empty($_POST['pw1']) && (empty($_POST['pw2']))){
header( "Location:Messages.php?msg=4" ); 
exit();
}
$name=$_POST['name'];
$email=$_POST['email'];

$pw1=$_POST['pw1'];
$pw2=$_POST['pw2'];

if("$pw1" !== "$pw2"  ){
header( "Location:Messages.php?msg=5" ); 
exit();
}
$ip = $_SERVER['REMOTE_ADDR'];

//connect to the db server , check if uname exist
include('config.php');
$query=("Select * from user where uname='$name'");
$result= mysql_query($query); 
$num=mysql_num_rows($result);
if ($num > 0) {//Username already exist
header( "Location:Messages.php?msg=6" ); 
exit();
}else{
//if username does not exist insert user details
$query=( "INSERT INTO user (uname, pw,email,date_joined,ip,level) VALUES ('$name',password('$pw1'),'$email',NOW(),'$ip','Normal')");
if (@mysql_query ($query)) {
header("location:login.php?reg=1");
exit;
}
}
mysql_close();
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/Auth.dwt.php" codeOutsideHTMLIsLocked="false" -->
<head>
<!-- InstanceBeginEditable name="doctitle" -->
<title>Registration</title>
<!-- InstanceEndEditable -->
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<!-- InstanceBeginEditable name="head" -->
<!-- InstanceEndEditable -->
<link href="styleLog.css" rel="stylesheet" type="text/css">
</head>

<body>
<table width="100%"  border="0" cellspacing="7" cellpadding="0">
  <tr class="temptitle">
    <td><!-- InstanceBeginEditable name="EditRegion4" -->New User Registration <!-- InstanceEndEditable --></td>
  </tr>
  <tr>
    <td><!-- InstanceBeginEditable name="EditRegion3" -->
	<form name="form1" action="register.php" method="post">
	<table width="657" border="0">
  <tr>
    <td width="122"><div align="left">Name</div></td>
    <td width="525"><input name="name" type="text" size="40"></td>
  </tr>
  <tr>
    <td><div align="left">Email</div></td>
    <td><input name="email" type="text" size="40"></td>
  </tr>
  <tr>
    <td><div align="left">Password</div></td>
    <td><input name="pw1" type="password" size="40"></td>
  </tr>
  <tr>
    <td ><div align="left">Confirm Password </div></td>
    <td><input name="pw2" type="password" size="40"></td>
  </tr>
  <tr>
    <td></td>
    <td> <input name="Submit" type="submit"></td>
  </tr>
</table>
  </form>
  <!-- InstanceEndEditable --></td>
  </tr>
  <tr>
    <td><div align="center">Copyright 2005 </div></td>
  </tr>
</table>
</body>
<!-- InstanceEnd --></html>

I don't have problem editing the config.php file of this script but pointing my pre-built form to activate all these code is my headache.
Like I asked before that is it possible to have a pointer on my prebuilt form to activate this scripts?

Thanks to everyone who comes to my aid.

[CTphpnwb]

You're having problems because you're doing procedural code, and that is very difficult to keep organized. You really need to learn some OOP.

...and another thing. This is worse than useless:

$name=$_POST['name'];
$email=$_POST['email'];

because it encourages a security problem whereby you do this:

$query=("Select * from user where uname='$name'");

which puts user entered data directly into the query, opening you up to sql injection attacks.

[kollyshow]

CTphpnwb, on 05 June 2010 - 11:06 AM, said:

You're having problems because you're doing procedural code, and that is very difficult to keep organized. You really need to learn some OOP.

...and another thing. This is worse than useless:

$name=$_POST['name'];
$email=$_POST['email'];

because it encourages a security problem whereby you do this:

$query=("Select * from user where uname='$name'");

which puts user entered data directly into the query, opening you up to sql injection attacks.

Thanks so much.
But what do u mean by OOP?

[CTphpnwb]

http://www.dreaminco...nd-inheritance/

http://www.dreaminco...-encapsulation/

http://www.slideshar...ed-presentation

http://www.dreaminco...od-overloading/

http://www.dreaminco...ysql-using-oop/

[webpeater]

You sure do use header(location : ...) a lot. You should always try to use this as less as you can.

You save in $_SESSION['status'] = "logged" or "not logged"
Why not just $_SESSION['login_status'] = true or false ?

You use mysql_num_rows to get a number of rows, you better use as
$result = mysql_query("SELECT COUNT(*) AS nbRows ...")
$row = mysql_fetch_array($result);
echo 'I have '. $row['nbRows'] ' found with ..';


Looking to OOP programming is a good idea. But you should not move to fast.
You better first learn some basic HTML, since using Frontpage is not the way to go ..

This post has been edited by webpeater: 05 June 2010 - 12:58 PM

[kollyshow]

Webpeater thanks so much.
I know about HTML but not PHP. I am only trying to use the knowledge of HTML to work out the PHP stuff. So combining it and converting it is what the challenge is all about. But can anyone suggest the best tutorial I can lay my hands on for PHP?

[webpeater]

kollyshow, on 07 June 2010 - 10:33 AM, said:

Webpeater thanks so much.
I know about HTML but not PHP. I am only trying to use the knowledge of HTML to work out the PHP stuff. So combining it and converting it is what the challenge is all about. But can anyone suggest the best tutorial I can lay my hands on for PHP?

Easy start guide

[EnvXOwner]

CTphpnwb, on 05 June 2010 - 12:37 PM, said:

That's not valid html. You're outputting information before the html tags. That's not going to pass a validation test.

It's not an HTML document. It's a PHP document. You can do it like that.

[webpeater]

VB.Terry, on 07 June 2010 - 07:21 PM, said:

CTphpnwb, on 05 June 2010 - 12:37 PM, said:

That's not valid html. You're outputting information before the html tags. That's not going to pass a validation test.

It's not an HTML document. It's a PHP document. You can do it like that.

What do you mean ?
PHP outputs (most of the time) HTML, this HTML can be valid or unvalid, doesn't it ?

[CTphpnwb]

VB.Terry, on 07 June 2010 - 02:21 PM, said:

CTphpnwb, on 05 June 2010 - 12:37 PM, said:

That's not valid html. You're outputting information before the html tags. That's not going to pass a validation test.

It's not an HTML document. It's a PHP document. You can do it like that.

PHP produces HTML, and the HTML that your PHP produces is invalid. I gave you the link to test it. If you do and it doesn't show errors, let us know.