Web Login

Login script?

  • (2 Pages)
  • +
  • 1
  • 2

16 Replies - 3315 Views - Last Post: 19 December 2007 - 01:18 PM Rate Topic: -----

#1 matthewhaigh  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 19
  • Joined: 20-September 07

Web Login

Post icon  Posted 12 November 2007 - 02:39 PM

Right i was wanting to know how i could built a login script that

1. validates a username and pass with a database
2. if correct directs to the relevant page for that username, (each username would have its own page)

any help would be appriciated, im new to this....

thanks mat
Is This A Good Question/Topic? 0
  • +

Replies To: Web Login

#2 girasquid  Icon User is offline

  • Barbarbar
  • member icon

Reputation: 108
  • View blog
  • Posts: 1,825
  • Joined: 03-October 06

Re: Web Login

Posted 12 November 2007 - 02:43 PM

If you're going to build a script like that, you'll need to learn some sort of server-side language - like Perl, PHP, ASP.Net, or others.

You'll need to figure out how to store the information for a users username and password. The two most common options are flat files and databases; both have advantages and disadvantages, although databases are much more commonly used.
Was This Post Helpful? 0
  • +
  • -

#3 matthewhaigh  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 19
  • Joined: 20-September 07

Re: Web Login

Posted 12 November 2007 - 02:46 PM

View Postgirasquid, on 12 Nov, 2007 - 02:43 PM, said:

If you're going to build a script like that, you'll need to learn some sort of server-side language - like Perl, PHP, ASP.Net, or others.

You'll need to figure out how to store the information for a users username and password. The two most common options are flat files and databases; both have advantages and disadvantages, although databases are much more commonly used.

which SSL wolud you recomend?
Was This Post Helpful? 0
  • +
  • -

#4 PsychoCoder  Icon User is offline

  • Google.Sucks.Init(true);
  • member icon

Reputation: 1642
  • View blog
  • Posts: 19,853
  • Joined: 26-July 07

Re: Web Login

Posted 12 November 2007 - 02:52 PM

Verisign is pretty much the industry defacto when it comes to SSL, but they're also the most expensive. You can go here to find more possibilities :)
Was This Post Helpful? 0
  • +
  • -

#5 matthewhaigh  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 19
  • Joined: 20-September 07

Re: Web Login

Posted 12 November 2007 - 02:55 PM

View PostPsychoCoder, on 12 Nov, 2007 - 02:52 PM, said:

Verisign is pretty much the industry defacto when it comes to SSL, but they're also the most expensive. You can go here to find more possibilities :)

cheers

allthough it doesnt need to be super secure its just a project for one of my websites, im just lookin how it could possibly be achived, ive heard a lot about php
Was This Post Helpful? 0
  • +
  • -

#6 PsychoCoder  Icon User is offline

  • Google.Sucks.Init(true);
  • member icon

Reputation: 1642
  • View blog
  • Posts: 19,853
  • Joined: 26-July 07

Re: Web Login

Posted 12 November 2007 - 02:57 PM

Well PHP is a language to programming what you're looking for, SSL is Secure Socket Layer, which is a secure certificate (URL's that start with https:// rather than http://), so they are 2 completely different beasts.
Was This Post Helpful? 0
  • +
  • -

#7 matthewhaigh  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 19
  • Joined: 20-September 07

Re: Web Login

Posted 12 November 2007 - 03:05 PM

View PostPsychoCoder, on 12 Nov, 2007 - 02:57 PM, said:

Well PHP is a language to programming what you're looking for, SSL is Secure Socket Layer, which is a secure certificate (URL's that start with https:// rather than http://), so they are 2 completely different beasts.

oh sorry i just relised by ssl i was referring to server sided languages, cheers ill give php a go then , just one question can you use access databases with it?
Was This Post Helpful? 0
  • +
  • -

#8 axel  Icon User is offline

  • Bug Juice Doesn't Come in a Jar
  • member icon

Reputation: 2
  • View blog
  • Posts: 1,944
  • Joined: 31-December 06

Re: Web Login

Posted 13 November 2007 - 07:18 AM

PHP is probably the more popular choice.
Was This Post Helpful? 0
  • +
  • -

#9 matthewhaigh  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 19
  • Joined: 20-September 07

Re: Web Login

Posted 13 November 2007 - 01:46 PM

View Postaxel, on 13 Nov, 2007 - 07:18 AM, said:

PHP is probably the more popular choice.

yera, so do you have amy ideas for the code?
Was This Post Helpful? 0
  • +
  • -

#10 Thorian  Icon User is offline

  • Pirate Medic
  • member icon

Reputation: 22
  • View blog
  • Posts: 5,904
  • Joined: 06-June 02

Re: Web Login

Posted 14 November 2007 - 11:43 AM

Tell ya what I am going to move this over to the PHP section, Someone may be able to better able to assist. you there
Was This Post Helpful? 0
  • +
  • -

#11 PsychoCoder  Icon User is offline

  • Google.Sucks.Init(true);
  • member icon

Reputation: 1642
  • View blog
  • Posts: 19,853
  • Joined: 26-July 07

Re: Web Login

Posted 14 November 2007 - 11:48 AM

Heres a snippet I write on logging in in PHP and implementing sessions. The part about logging in just might be enough to get you started :)
Was This Post Helpful? 0
  • +
  • -

#12 matthewhaigh  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 19
  • Joined: 20-September 07

Re: Web Login

Posted 16 November 2007 - 06:11 AM

View PostPsychoCoder, on 14 Nov, 2007 - 11:48 AM, said:

Heres a snippet I write on logging in in PHP and implementing sessions. The part about logging in just might be enough to get you started :)


Thanks,

ill take a look
Was This Post Helpful? 0
  • +
  • -

#13 blux  Icon User is offline

  • New D.I.C Head

Reputation: 1
  • View blog
  • Posts: 22
  • Joined: 07-August 07

Re: Web Login

Posted 20 November 2007 - 10:56 AM

Quote

oh sorry i just relised by ssl i was referring to server sided languages, cheers ill give php a go then , just one question can you use access databases with it?


I'm sorry but you are mistaken, SSL means Secure Socket Layer
Was This Post Helpful? 0
  • +
  • -

#14 c0mrade  Icon User is offline

  • D.I.C Regular

Reputation: 20
  • View blog
  • Posts: 412
  • Joined: 16-November 07

Re: Web Login

Posted 18 December 2007 - 08:25 PM

View PostPsychoCoder, on 14 Nov, 2007 - 11:48 AM, said:

Heres a snippet I write on logging in in PHP and implementing sessions. The part about logging in just might be enough to get you started :)


thanks, ive been looking for a login solution too, this code looks nice. Im going through it at the moment, hope i can build the rest...

i found this script on codango (www.codango.com), there was no description saying how to use it, but it appears to be complete, and its some pretty coding :)

<? 
class db { 
	 
	var $db_type; 
	var $db_server; 
	var $db_name; 
	var $db_user; 
	var $db_pass; 
	var $db_persistent; 
	var $dbh; 
	 
	function db() { 
		 
	 
		$this->db_type = 1; 
		$this->db_server = 'localhost'; 
		$this->db_name = 'db'; 
		$this->db_user = 'user'; 
		$this->db_pass = 'pass'; 
		$this->db_persistent = 0; 
				$this->db_connect(); 
		 
	} //end constructor 
	 
	function db_connect () { 
		 
		// mySQL  
		if($this->db_type == 1) { 
			if ($this->db_persistent) 
				$this->dbh = @mysql_pconnect($this->db_server, $this->db_user, $this->db_pass); 
			else 
				$this->dbh = @mysql_connect($this->db_server, $this->db_user, $this->db_pass); 

			if (!$this->dbh) { 
				printf("Error: Connection to MySQL server '%s' failed.<BR>\n", $this->db_server); 
				return; 
			} 

			if (!@mysql_select_db($this->db_name, $this->dbh)) { 
				printf("Error: Connection to MySQL database '%s' failed.<BR>\n>%s: %s<BR>\n", $this->db_name, @mysql_errno($this->dbh), @mysql_error($this->dbh)); 
				return; 
			} 
		} 
		//end mySQL 
	} //end db_connect() 
	 
	function db_query ($query) { 
		 
		// mySQL  
		if($this->db_type == 1) { 
			$result = mysql_query($query, $this->dbh) 
				or die ("Error: A problem was encountered while executing this query."); 
			 
			return $result; 
		} 
		//end mySQL 
	} //end db_query() 
	 
	function db_numrows ($result) { 
		 
		switch($this->db_type) { 
			case 1: //mySQL 
				return mysql_num_rows($result); 
		 
		} //end switch 
	} // end db_numrows() 
	 
	function db_fetch_array (&$result) { 
		 
		switch($this->db_type) { 
			case 1: //mySQL 
				return mysql_fetch_array($result); 
		} //end switch 
	} //end db_fetch_array() 
	 
			 
} //end class db 

class authenticate { 
	 
	var $db; 
	var $salt; 
	 
	function authenticate() { 
		 
		 
		$this->db = new db; 
		$this->salt = 'a552avf1ss'; 
		 
		 
	} //end constructor 

	 
	function login($uname, $pword) { 
		 
		$query = "SELECT username FROM users WHERE username = '" . $uname . "' AND password = '" . crypt($pword, $this->salt) . "'"; 
		$result = $this->db->db_query($query); 
		if($this->db->db_numrows($result) > 0) { 
			$secret = crypt($uname,$this->salt); 
			setcookie("mysite", "$uname:$secret");			 
			return 1; 
		} else { 
			return 0; 
		} 
	} //end login() 
	 
	function createUser($uname,$pword,$email) { 
		srand(make_seed()); 
		$randval = rand(); 
		$query = "INSERT authorize(username,password,accesslevel,email,id) VALUES ('" . $uname . "','" . crypt($pword,$this->salt) . "',0,'" . $email ."','" . $randval . "')"; 
		$result = $this->db->db_query($query); 
		$message = "This message has been sent to you because you requested a login for mysite.com.\n\n"; 
		$message .= "Please use the following URL to verify your email address and be added to the userlist.\n\n"; 
		$message .= "http://mysite.com/newuser.php?email=" . $email . "&id=" . $randval . "\n\n"; 
		$message .= "Please note that if you have recieved this message in error, or you do not want to sign up, you do not need to do anything.\nYou will not be added to the listing unless you use the proceeding URL.\n\n"; 
		$message .= "Thanks for visiting our site!\n"; 
		mail($email, "mysite.com - account confirmation", $message, "From: register@mysite.com"); 
		 
	} 
	 
	function checkUsername($uname) { 
		$query = "SELECT * FROM users where username='" . $uname ."'"; 
		$result = $this->db->db_query($query); 
		if($this->db->db_numrows($result) > 0) {			 
			return 0; 
		} else { 
			return 1; 
		} 
	} 
	 
	function validateUser($email,$id) { 
		$query = "SELECT * FROM authorize WHERE email='" . $email . "' AND id='" . $id ."'"; 
		$result = $this->db->db_query($query); 
		if($this->db->db_numrows($result) > 0) { 
			$row = $this->db->db_fetch_array($result); 
			$query = "INSERT users(user_id,username,password,accesslevel,email) VALUES ('','" . $row['username'] . "','" . $row['password'] . "',1,'" . $row['email'] ."')"; 
			$result = $this->db->db_query($query); 
			$query = "SELECT user_id FROM users WHERE username='" . $row['username'] ."'"; 
			$result = $this->db->db_query($query); 
			$row = $this->db->db_fetch_array($result); 
			$query = "DELETE FROM authorize WHERE id='" . $id ."'"; 
			$result = $this->db->db_query($query); 
			return 1; 
		} else { 
			return 0; 
		} 
	} 
	 
	function logout() { 
		 
		setcookie("mysite"); 
	} //end logout() 
	 
	function checkLogin() { 
		global $HTTP_COOKIE_VARS; 

		$array = explode(":", $HTTP_COOKIE_VARS['mysite']); 
		if(crypt($array[0], $this->salt) == $array[1]) { 
			return 1; 
		} else { 
			return 0; 
		} 
	} //end checkLogin() 
	 
	function getName() { 
		global $HTTP_COOKIE_VARS; 
		$array = explode(":", $HTTP_COOKIE_VARS['mysite']); 
		return $array[0]; 
	} 
	 
	function getLevel() { 
		$logged = $this->checkLogin(); 
		if($logged) { 
			$username = $this->getName(); 
			$query = "SELECT accesslevel FROM users WHERE username='" . $username . "'"; 
			$result = $this->db->db_query($query); 
			$row = $this->db->db_fetch_array($result); 
			return $row['accesslevel']; 
		} else { 
			return 0; 
		} 
	} 
	 
	function getID() { 
		$logged = $this->checkLogin(); 
		if($logged) { 
			$username = $this->getName(); 
			$query = "SELECT user_id FROM users WHERE username='" . $username . "'"; 
			$result = $this->db->db_query($query); 
			$row = $this->db->db_fetch_array($result); 
			return $row['user_id']; 
		} else { 
			return 0; 
		} 
	} 
	 
		 
} //end class authenticate 
?> 
####table structures 
CREATE TABLE authorize ( 
  username varchar(15) NOT NULL default '', 
  password varchar(20) NOT NULL default '', 
  accesslevel tinyint(4) NOT NULL default '0', 
  email varchar(30) NOT NULL default '', 
  id varchar(30) NOT NULL default '', 
  PRIMARY KEY  (username) 
) TYPE=MyISAM; 
CREATE TABLE users ( 
  user_id int(10) unsigned NOT NULL auto_increment, 
  username varchar(15) NOT NULL default '', 
  password varchar(20) NOT NULL default '', 
  accesslevel tinyint(4) NOT NULL default '0', 
  email varchar(30) NOT NULL default '', 
  PRIMARY KEY  (username), 
  KEY user_id (user_id) 
) TYPE=MyISAM; 



if someone could explain that id really appreciate it
Was This Post Helpful? 0
  • +
  • -

#15 Jody LeCompte  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 57
  • Joined: 22-September 07

Re: Web Login

Posted 18 December 2007 - 11:27 PM

The first class(db) is simply an organized collection of database related classes. It's the same as using the mysql_* functions included in PHP but most people these days tend to write an external class to save time in handling database interaction there own way. For instance, I'm real big about completely controlling error output and debug information so I use a database class rather than just the PHP functions.

Your involvement with the database class ends with simply changing the configuration to match your server.
		$this->db_type = 1; // Leave as 1
		$this->db_server = 'localhost'; // MySQL server almost always localhost
		$this->db_name = 'db'; //Your database name
		$this->db_user = 'user'; //Your database username
		$this->db_pass = 'pass'; //Your database password
		$this->db_persistent = 0; //Persistent connections are suposedly faster if your server has them turned on
 


The authentication class is where your attention should be focused, each function has it's own paritcular purpose but you you should notice(assuming your new to programming) is that it's not a stand alone membership application, just a library. You still have to code your HTML pages and handle information.

CREATE TABLE authorize (
  username varchar(15) NOT NULL default '',
  password varchar(20) NOT NULL default '',
  accesslevel tinyint(4) NOT NULL default '0',
  email varchar(30) NOT NULL default '',
  id varchar(30) NOT NULL default '',
  PRIMARY KEY  (username)
) TYPE=MyISAM;
CREATE TABLE users (
  user_id int(10) unsigned NOT NULL auto_increment,
  username varchar(15) NOT NULL default '',
  password varchar(20) NOT NULL default '',
  accesslevel tinyint(4) NOT NULL default '0',
  email varchar(30) NOT NULL default '',
  PRIMARY KEY  (username),
  KEY user_id (user_id)
) TYPE=MyISAM; 

This is the SQL dump for the database, you would simply enter that into your MySQL interface, most php developers favor phpMyadmin.

createUser() is the function you want to use to create your members obviously, login() and logout() are also just as self explanatory. You really just have to create a few forms and then pluck the functions into use.

validateUser() is the function that validates the user account once they have checked their email and clicked the link sent by the createUser function.

getLevel(), getId(), and getName() are all functions that retrieve user information post-login which is where you want to look after logging in and going along the way to create your user specific pages.

Finally, checkLogin is just a function to check if the user is logged in, Im assuming intended to be used at the begining of any "members only" page.

That said, I wouldn't use this script for more than learning purposes. Just by glancing at it, I as well as many other people around DIC, will be able to tell you it has many poor coding practices, and poor security. Not to mention the use of $HTTP_* globals inplies it was actually written on a very old version of PHP.

Even still, you never did actually mention your ability with PHP, if you are new to the language I would actually consider finding another membership script to play around with as Object Oriented programming is actually a more advanced feature of PHP and will probably only to serve to throw you off in your development as a PHP programmer.

I recommend finding something over at hotscripts.com:
http://www.hotscript...tion/index.html
Was This Post Helpful? 0
  • +
  • -

  • (2 Pages)
  • +
  • 1
  • 2