10 Replies - 3599 Views - Last Post: 15 February 2013 - 11:51 AM

#1 teamsilvamma  Icon User is offline

  • D.I.C Head

Reputation: -2
  • View blog
  • Posts: 153
  • Joined: 17-January 12

login in form

Posted 15 February 2013 - 06:17 AM

Not sure if I am in the right forum. But, I'm having trouble trying to set up a login and register form. I'm building an HTML/CSS site but I want to run a Login in form in it. I have the files made in php, but when I tried to call the login.php from the action button in the form it downloads it instead.

I have a few files and a lot of lines of code. And I know some of you are going to post things like check the cs3 site or something useless. So, if you want to really help me, I can IM them to you or send them through email.

Please only serious helpers respond, if you are not serious, simply ignore and move on. I've been messing around with this for almost a year and can't get it to work.

Thank you.

Is This A Good Question/Topic? 0
  • +

Replies To: login in form

#2 no2pencil  Icon User is offline

  • Toubabo Koomi
  • member icon

Reputation: 5234
  • View blog
  • Posts: 27,024
  • Joined: 10-May 07

Re: login in form

Posted 15 February 2013 - 06:25 AM

We are not going to help you over IM. Please post the relevant code, such as the php handle of the login. It is not a matter of us being serious or not. The purpose of Dream In Code is to provide help that allows others to research & understand. If we help you over IM, then that does not achieve our goal as a programming community.

We are more than happy to help, but if you truly understand your code you have spent a year writing, then there is no reason you could not post the few inputs from html, & the few lines of code in php that gather & validate those credentials.

** Moved to PHP **
Was This Post Helpful? 0
  • +
  • -

#3 andrewsw  Icon User is offline

  • Fire giant boob nipple gun!
  • member icon

Reputation: 3333
  • View blog
  • Posts: 11,296
  • Joined: 12-December 12

Re: login in form

Posted 15 February 2013 - 06:38 AM

Quote

but when I tried to call the login.php from the action button in the form it downloads it instead.

If it downloads the PHP script then it means that you are not running a web-server to serve the pages. Look into the Apache stack: XAMPP, or WAMP.

You cannot open a PHP page in the same way that you can a simple HTML page - any/all PHP tutorials will have told you this.
Was This Post Helpful? 0
  • +
  • -

#4 no2pencil  Icon User is offline

  • Toubabo Koomi
  • member icon

Reputation: 5234
  • View blog
  • Posts: 27,024
  • Joined: 10-May 07

Re: login in form

Posted 15 February 2013 - 06:40 AM

Nice catch andrewsw, somehow I missed that text.

** moving to webservers & hosting **
Was This Post Helpful? 0
  • +
  • -

#5 teamsilvamma  Icon User is offline

  • D.I.C Head

Reputation: -2
  • View blog
  • Posts: 153
  • Joined: 17-January 12

Re: login in form

Posted 15 February 2013 - 06:50 AM

That would make sense actually, I had someone test my files and said they worked fine, but I was confused because they don't when I try. ...so you are saying they will only work when the site is live?
Was This Post Helpful? -1
  • +
  • -

#6 no2pencil  Icon User is offline

  • Toubabo Koomi
  • member icon

Reputation: 5234
  • View blog
  • Posts: 27,024
  • Joined: 10-May 07

Re: login in form

Posted 15 February 2013 - 06:52 AM

View Postteamsilvamma, on 15 February 2013 - 08:50 AM, said:

...so you are saying they will only work when the site is live?

They can only be executed on a server running php.
Was This Post Helpful? 0
  • +
  • -

#7 teamsilvamma  Icon User is offline

  • D.I.C Head

Reputation: -2
  • View blog
  • Posts: 153
  • Joined: 17-January 12

Re: login in form

Posted 15 February 2013 - 06:54 AM

Here are the files anyway, if you want to take a crack at them.

Ok, here they are

<form action="index/login-form.php" method="post" id="login-form">
                <fieldset>
					<span class="text">
						<input type="text" value="Username" onfocus="if(this.value=='Username'){this.value=''}" onblur="if(this.value==''){this.value='Username'}"/>
					</span>
					<span class="text">
						<input type="password" value="Password" onfocus="if(this.value=='Password'){this.value=''}" onblur="if(this.value==''){this.value='Password'}"/>
					</span>
					<a href="login/login-form.php" class="login" onclick="document.getElementById('login-form').submit()"><span><span>Login</span></span></a>
					<span class="links"><a href="#">Forgot Password?</a><br/><a href="login/register-form.php">Register</a></span>
				</fieldset>
			</form>


Register success
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Registration Successful</title>
<link href="loginmodule.css" rel="stylesheet" type="text/css" />
</head>
<body>
<h1>Registration Successful</h1>
<p><a href="login-form.php">Click here</a> to login to your account.</p>
</body>
</html>



Register form
<?php
	session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login Form</title>
<link href="loginmodule.css" rel="stylesheet" type="text/css" />
</head>
<body>
<?php
	if( isset($_SESSION['ERRMSG_ARR']) && is_array($_SESSION['ERRMSG_ARR']) && count($_SESSION['ERRMSG_ARR']) >0 ) {
		echo '<ul class="err">';
		foreach($_SESSION['ERRMSG_ARR'] as $msg) {
			echo '<li>',$msg,'</li>'; 
		}
		echo '</ul>';
		unset($_SESSION['ERRMSG_ARR']);
	}
?>
<form id="loginForm" name="loginForm" method="post" action="register-exec.php">
  <table width="300" border="0" align="center" cellpadding="2" cellspacing="0">
    <tr>
      <th>First Name </th>
      <td><input name="fname" type="text" class="textfield" id="fname" /></td>
    </tr>
    <tr>
      <th>Last Name </th>
      <td><input name="lname" type="text" class="textfield" id="lname" /></td>
    </tr>
    <tr>
      <th width="124">Login</th>
      <td width="168"><input name="login" type="text" class="textfield" id="login" /></td>
    </tr>
    <tr>
      <th>Password</th>
      <td><input name="password" type="password" class="textfield" id="password" /></td>
    </tr>
    <tr>
      <th>Confirm Password </th>
      <td><input name="cpassword" type="password" class="textfield" id="cpassword" /></td>
    </tr>
    <tr>
      <td>&nbsp;</td>
      <td><input type="submit" name="Submit" value="Register" /></td>
    </tr>
  </table>
</form>
</body>
</html>



Register exec
<?php
	//Start session
	session_start();
	
	//Include database connection details
	require_once('config.php');
	
	//Array to store validation errors
	$errmsg_arr = array();
	
	//Validation error flag
	$errflag = false;
	
	//Connect to mysql server
	$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
	if(!$link) {
		die('Failed to connect to server: ' . mysql_error());
	}
	
	//Select database
	$db = mysql_select_db(DB_DATABASE);
	if(!$db) {
		die("Unable to select database");
	}
	
	//Function to sanitize values received from the form. Prevents SQL injection
	function clean($str) {
		$str = @trim($str);
		if(get_magic_quotes_gpc()) {
			$str = stripslashes($str);
		}
		return mysql_real_escape_string($str);
	}
	
	//Sanitize the POST values
	$fname = clean($_POST['fname']);
	$lname = clean($_POST['lname']);
	$login = clean($_POST['login']);
	$password = clean($_POST['password']);
	$cpassword = clean($_POST['cpassword']);
	
	//Input Validations
	if($fname == '') {
		$errmsg_arr[] = 'First name missing';
		$errflag = true;
	}
	if($lname == '') {
		$errmsg_arr[] = 'Last name missing';
		$errflag = true;
	}
	if($login == '') {
		$errmsg_arr[] = 'Login ID missing';
		$errflag = true;
	}
	if($password == '') {
		$errmsg_arr[] = 'Password missing';
		$errflag = true;
	}
	if($cpassword == '') {
		$errmsg_arr[] = 'Confirm password missing';
		$errflag = true;
	}
	if( strcmp($password, $cpassword) != 0 ) {
		$errmsg_arr[] = 'Passwords do not match';
		$errflag = true;
	}
	
	//Check for duplicate login ID
	if($login != '') {
		$qry = "SELECT * FROM members WHERE login='$login'";
		$result = mysql_query($qry);
		if($result) {
			if(mysql_num_rows($result) > 0) {
				$errmsg_arr[] = 'Login ID already in use';
				$errflag = true;
			}
			@mysql_free_result($result);
		}
		else {
			die("Query failed");
		}
	}
	
	//If there are input validations, redirect back to the registration form
	if($errflag) {
		$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
		session_write_close();
		header("location: register-form.php");
		exit();
	}

	//Create INSERT query
	$qry = "INSERT INTO members(firstname, lastname, login, passwd) VALUES('$fname','$lname','$login','".md5($_POST['password'])."')";
	$result = @mysql_query($qry);
	
	//Check whether the query was successful or not
	if($result) {
		header("location: register-success.php");
		exit();
	}else {
		die("Query failed");
	}
?>


sql file
#
# Table structure for table 'members'
#

CREATE TABLE `members` (
  `member_id` int(11) unsigned NOT NULL auto_increment,
  `firstname` varchar(100) default NULL,
  `lastname` varchar(100) default NULL,
  `login` varchar(100) NOT NULL default '',
  `passwd` varchar(32) NOT NULL default '',
  PRIMARY KEY  (`member_id`)
) TYPE=MyISAM;



#
# Dumping data for table 'members'
#

INSERT INTO `members` (`member_id`, `firstname`, `lastname`, `login`, `passwd`) VALUES("1", "Jatinder", "Thind", "phpsense", "ba018360fc26e0cc2e929b8e071f052d");



member profile
<?php
	require_once('auth.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>My Profile</title>
<link href="loginmodule.css" rel="stylesheet" type="text/css" />
</head>
<body>
<h1>My Profile </h1>
<a href="member-index.php">Home</a> | <a href="logout.php">Logout</a>
<p>This is another secure page. </p>
</body>
</html>



member index
<?php
	require_once('auth.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Member Index</title>
<link href="loginmodule.css" rel="stylesheet" type="text/css" />
</head>
<body>
<h1>Welcome <?php echo $_SESSION['SESS_FIRST_NAME'];?></h1>
<a href="member-profile.php">My Profile</a> | <a href="logout.php">Logout</a>
<p>This is a password protected area only accessible to members. </p>
</body>
</html>



logout
<?php
	//Start session
	session_start();
	
	//Unset the variables stored in session
	unset($_SESSION['SESS_MEMBER_ID']);
	unset($_SESSION['SESS_FIRST_NAME']);
	unset($_SESSION['SESS_LAST_NAME']);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Logged Out</title>
<link href="loginmodule.css" rel="stylesheet" type="text/css" />
</head>
<body>
<h1>Logout </h1>
<p align="center">&nbsp;</p>
<h4 align="center" class="err">You have been logged out.</h4>
<p align="center">Click here to <a href="login-form.php">Login</a></p>
</body>
</html>


login form
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login Form</title>
<link href="loginmodule.css" rel="stylesheet" type="text/css" />
</head>
<body>
<p>&nbsp;</p>
<form id="loginForm" name="loginForm" method="post" action="login-exec.php">
  <table width="300" border="0" align="center" cellpadding="2" cellspacing="0">
    <tr>
      <td width="112"><b>Login</b></td>
      <td width="188"><input name="login" type="text" class="textfield" id="login" /></td>
    </tr>
    <tr>
      <td><b>Password</b></td>
      <td><input name="password" type="password" class="textfield" id="password" /></td>
    </tr>
    <tr>
      <td>&nbsp;</td>
      <td><input type="submit" name="Submit" value="Login" /></td>
    </tr>
  </table>
</form>
</body>
</html>



login-failed
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login Failed</title>
<link href="loginmodule.css" rel="stylesheet" type="text/css" />
</head>
<body>
<h1>Login Failed </h1>
<p align="center">&nbsp;</p>
<h4 align="center" class="err">Login Failed!<br />
  Please check your username and password</h4>
</body>
</html>



login-exec
<?php
	//Start session
	session_start();
	
	//Include database connection details
	require_once('config.php');
	
	//Array to store validation errors
	$errmsg_arr = array();
	
	//Validation error flag
	$errflag = false;
	
	//Connect to mysql server
	$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
	if(!$link) {
		die('Failed to connect to server: ' . mysql_error());
	}
	
	//Select database
	$db = mysql_select_db(DB_DATABASE);
	if(!$db) {
		die("Unable to select database");
	}
	
	//Function to sanitize values received from the form. Prevents SQL injection
	function clean($str) {
		$str = @trim($str);
		if(get_magic_quotes_gpc()) {
			$str = stripslashes($str);
		}
		return mysql_real_escape_string($str);
	}
	
	//Sanitize the POST values
	$login = clean($_POST['login']);
	$password = clean($_POST['password']);
	
	//Input Validations
	if($login == '') {
		$errmsg_arr[] = 'Login ID missing';
		$errflag = true;
	}
	if($password == '') {
		$errmsg_arr[] = 'Password missing';
		$errflag = true;
	}
	
	//If there are input validations, redirect back to the login form
	if($errflag) {
		$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
		session_write_close();
		header("location: login-form.php");
		exit();
	}
	
	//Create query
	$qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'";
	$result=mysql_query($qry);
	
	//Check whether the query was successful or not
	if($result) {
		if(mysql_num_rows($result) == 1) {
			//Login Successful
			session_regenerate_id();
			$member = mysql_fetch_assoc($result);
			$_SESSION['SESS_MEMBER_ID'] = $member['member_id'];
			$_SESSION['SESS_FIRST_NAME'] = $member['firstname'];
			$_SESSION['SESS_LAST_NAME'] = $member['lastname'];
			session_write_close();
			header("location: member-index.php");
			exit();
		}else {
			//Login failed
			header("location: login-failed.php");
			exit();
		}
	}else {
		die("Query failed");
	}
?>


config
<?php
	define('DB_HOST', 'localhost');
    define('DB_USER', 'username');
    define('DB_PASSWORD', 'password');
    define('DB_DATABASE', 'members');
?>


authorization
<?php
	//Start session
	session_start();
	
	//Check whether the session variable SESS_MEMBER_ID is present or not
	if(!isset($_SESSION['SESS_MEMBER_ID']) || (trim($_SESSION['SESS_MEMBER_ID']) == '')) {
		header("location: access-denied.php");
		exit();
	}
?>


acess denied
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Access Denied</title>
<link href="loginmodule.css" rel="stylesheet" type="text/css" />
</head>
<body>
<h1>Access Denied </h1>
<p align="center">&nbsp;</p>
<h4 align="center" class="err">Access Denied!<br />
  You do not have access to this resource.</h4>
</body>
</html>



ooops, I made a typo calling the form. is not index/login.php....its..login/login.php

I just made that typo copying and pasting. That is not in my code
Was This Post Helpful? 0
  • +
  • -

#8 teamsilvamma  Icon User is offline

  • D.I.C Head

Reputation: -2
  • View blog
  • Posts: 153
  • Joined: 17-January 12

Re: login in form

Posted 15 February 2013 - 07:18 AM

Ok, I'm getting closer. I am getting this when I try to log in or set up an account

"Failed to connect to server: Access denied for user 'lotusadmin'@'localhost' (using password: YES)"

Is it because I have to define the host in the config file? If that is the case, how do I find that information? is it their url, proxy, dns address,...?
Was This Post Helpful? 0
  • +
  • -

#9 andrewsw  Icon User is offline

  • Fire giant boob nipple gun!
  • member icon

Reputation: 3333
  • View blog
  • Posts: 11,296
  • Joined: 12-December 12

Re: login in form

Posted 15 February 2013 - 11:37 AM

View Postteamsilvamma, on 15 February 2013 - 06:50 AM, said:

That would make sense actually, I had someone test my files and said they worked fine, but I was confused because they don't when I try. ...so you are saying they will only work when the site is live?

You can test your site locally if you install one of the XAMPP, WAMP or LAMP stacks, as I mentioned already; there are others as well. I haven't provided links as you can find them easily through Google or another search engine :)

I find it extremely hard to believe that you "spent a year messing around" and haven't come across these terms. If you picked up a book, or went through a short tutorial, you are bound to come across these terms.
Was This Post Helpful? 0
  • +
  • -

#10 teamsilvamma  Icon User is offline

  • D.I.C Head

Reputation: -2
  • View blog
  • Posts: 153
  • Joined: 17-January 12

Re: login in form

Posted 15 February 2013 - 11:47 AM

View Postandrewsw, on 15 February 2013 - 01:37 PM, said:

View Postteamsilvamma, on 15 February 2013 - 06:50 AM, said:

That would make sense actually, I had someone test my files and said they worked fine, but I was confused because they don't when I try. ...so you are saying they will only work when the site is live?

You can test your site locally if you install one of the XAMPP, WAMP or LAMP stacks, as I mentioned already; there are others as well. I haven't provided links as you can find them easily through Google or another search engine :)/>

I find it extremely hard to believe that you "spent a year messing around" and haven't come across these terms. If you picked up a book, or went through a short tutorial, you are bound to come across these terms.

A year on and off. I mean, having a members area is something I wanted, but not needed. Whenever I came across things I knew I didn't know right off the bat, I left it alone.

On a good note, I contacted the host and they examined my files and explained what happened. It was the connection settings in the config.php file

Thanks tho. I will look into this you're talking about
Was This Post Helpful? 0
  • +
  • -

#11 andrewsw  Icon User is offline

  • Fire giant boob nipple gun!
  • member icon

Reputation: 3333
  • View blog
  • Posts: 11,296
  • Joined: 12-December 12

Re: login in form

Posted 15 February 2013 - 11:51 AM

View Postteamsilvamma, on 15 February 2013 - 11:47 AM, said:

A year on and off. I mean, having a members area is something I wanted, but not needed. Whenever I came across things I knew I didn't know right off the bat, I left it alone.

That's more like it..

XAMPP
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1