Member login area

  • (2 Pages)
  • +
  • 1
  • 2

16 Replies - 478 Views - Last Post: 04 December 2017 - 05:53 PM Rate Topic: -----

#1 dag72  Icon User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 205
  • Joined: 02-March 11

Member login area

Posted 02 December 2017 - 04:15 PM

Hi i'm creating a simple member login area for registered member only to view who can then update their account details. I have created a sign up and login script. But when member signed up and login they all login to the same area. Please see my member area code below and advise me on how i could improve this so when someone become a member they will only have their own and can only be viewed if they are login.

<?php
include_once('connect.php');
error_reporting(E_ALL ^ E_NOTICE);
session_start();
$username = $_SESSION['username'];
?>
<!DOCTYPE html>

<html>
<head>

<title>Tip Top Music</title>
<link rel="stylesheet" type="text/css" href="css/layout.css"/>
<link rel="stylesheet" type="text/css" href="css/menu.css"/>
</head>

<body>
<div id ="main"> <!--start of main div-->
<div id ="header"></div>

<div id ="nav_Bar">
	<nav>
		<ul>		
			<li><a href="index.html">Home</a></li>
			<li><a href="about.html">About Us</a></li>
			<li><a href="login.php">Members Login</a></li>
			<li><a href="registration.php">Sign Up</a></li>
			<li><a href="contact.php">Contact Us</a></li>
			<li><a href="logout.php">Logout</a></li>
	
		</ul>
	</nav>
		

</div>
<div id ="content">
<div id ="content-heading">
<h1>Members Only Area</h1>

</div>
<b><p>Welcome <code><?=$_SESSION['Username']?></code> you are logged in with:
<code><?=$_SESSION['email']?></code>.</p></b>

<div id ="content-left">
<input type="button" onclick="location.href='edit.php';" value="Edit Record" />
<p>This is your members area, we have selected a video and hope you will enjoy it. Please feel free to customise this area to suit your own taste - select videos and create playlist.</p>

<input type="button" onclick="location.href='sql.php';" value="Create Playlist" />
</div>
<div id = "content-right"><!--start of right content div-->
<iframe width="677" height="345" src="https://www.youtube.com/embed/XGSy3_Czz8k?autoplay=1">
</iframe>
</div> <!--end-->
</div>
<div id ="footer">
<p>&copy; 2017</a>
</div>
</div> <!--end of main div-->
</body>
</html>





Is This A Good Question/Topic? 0
  • +

Replies To: Member login area

#2 andrewsw  Icon User is offline

  • blow up my boots
  • member icon

Reputation: 6445
  • View blog
  • Posts: 26,066
  • Joined: 12-December 12

Re: Member login area

Posted 02 December 2017 - 05:05 PM

Quote

Please see my member area code below

Where? There is barely any PHP in that code.
Was This Post Helpful? 0
  • +
  • -

#3 dag72  Icon User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 205
  • Joined: 02-March 11

Re: Member login area

Posted 02 December 2017 - 05:47 PM

Thanks for the reply, perhaps this where i'm goin wrong, not sure how much more code to include or what for that matter, hence my post for some guidance.
Was This Post Helpful? 0
  • +
  • -

#4 andrewsw  Icon User is offline

  • blow up my boots
  • member icon

Reputation: 6445
  • View blog
  • Posts: 26,066
  • Joined: 12-December 12

Re: Member login area

Posted 03 December 2017 - 02:40 AM

With or without code, you need to provide a clear question. Once you provide this question it will be clearer what code would be relevant to show.

I don't understand what you are asking, but a vague response is that you would check the user's login status for relevant pages, before redirecting if they aren't logged in with appropriate membership. This can be combined with hiding non-accessible links.

More often, the login status is rechecked for every page, so that the appropriate login or logout button (and the username) can be shown throughout, along with relevant content. I'm sure you recognise this behaviour from sites that you frequent.
Was This Post Helpful? 0
  • +
  • -

#5 dag72  Icon User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 205
  • Joined: 02-March 11

Re: Member login area

Posted 03 December 2017 - 03:06 PM

Thanks again for the response and sorry if my question wasn't very clear. I guess what i'm trying to say is that i have created a member's area page that the user gets redirect to upon successfully login but every user will get login to this same page by default after signing up but the objective is for each user once sign up to create their own music playlist, write a review and view other users reviews, please see my login script. I'm very new to PHP and don't program in this language.

<?php
//session_start();
INCLUDE_ONCE('connect.php');
?>
<!DOCTYPE html>

<html>
<head>

<title>Tip Top Music</title>
<link rel="stylesheet" type="text/css" href="css/layout.css"/>
<link rel="stylesheet" type="text/css" href="css/menu.css"/>
</head>

<body>

<div id = "main">
<div id ="header">
<h1> Tip Top Music </h1>
</div>

<div id ="nav_Bar">
		<nav>
			<ul>		
				<li><a href="index.html">Home</a></li>
				<li><a href="about.html">About Us</a></li>
				<li><a href="#">Members Login</a></li>
				<li><a href="registration.php">Sign Up</a></li>
				<li><a href="contact.php">Contact Us</a></li>
				<li><a href="authenticate.php">Admin Login</a></li>
		
			</ul>
		</nav>
			

</div>
<div id ="content-heading">
<h1>Login Page</h1>

</div>
<?php

if(!empty($_SESSION['LoggIN'])&& !empty($_SESSION['Username']))
{
?>

<?php
}

elseif(!empty($_POST['username']) && !empty($_POST['password']))
{

	$username = mysqli_real_escape_string($connection,trim($_POST['username']));
	$password = sha1(mysqli_real_escape_string($connection,trim($_POST['password'])));
	//$password = hash('ripemd128',"$salt1$password$salt2");
	//setting up the select query
	$verifyingLogin = mysqli_query($connection,"SELECT * FROM members WHERE Username = '".$username."' AND Pass_word =
	'".$password."'");
	if(mysqli_num_rows($verifyingLogin) == 1)
	{	$row = mysqli_fetch_array($verifyingLogin);
		$email = $row['email'];
		
		//$_SESSION['MembersID'] = $MembersID;
		$_SESSION['Username'] = $username;
		$_SESSION['email'] = $email;
		$_SESSION['LoggIN'] = 1;
		
		echo "<h1>You are successful!</h1>";
		echo "<p>You are being rediected to your members area.</p>";
		echo "<meta http-equiv='refresh' content='=2;member.php' />";
	}
	else
	{
		echo "<h1>We have encountered an error</h1>";
		echo "<p>Sorry! We could not find your account. Please <a href=\"login.php\">Click here to try again</a>.</p>";
		}
	}
	else
	{
		?>
		
		<p>Welcome You can either logging below, or <a href="registration.php">Please click here to register</a>.</p>
		<form method="POST" action="login.php" name="loginform" id="loginform" autocomplete='on'>
		<table style="padding:50px">
			<tr>
				<td>Username:</td>
				<td> <input type="text" name="username" id="username" required='required'> </td>
			</tr>
			<tr>
			<td>Password:</td>
			<td><input type="password" name="password" id="password" required='required'></td> <br />
			</tr>
			<tr>
			<td><input type="submit" name="login" id="login" value="Login" /></td>
			</tr>
		</table>
		</form>
		<?php
		}
		
		?>
<br />
<div id ="footer">
<p>&copy; 2016<p>
<a class="links" a href="w16035629.html">Click here to read the assignment report |<a class="links" a href="features.php"> Click here for the features list</a>
</div>

</div>


</body>

</html>



Was This Post Helpful? 0
  • +
  • -

#6 modi123_1  Icon User is online

  • Suitor #2
  • member icon



Reputation: 13662
  • View blog
  • Posts: 54,535
  • Joined: 12-June 08

Re: Member login area

Posted 03 December 2017 - 03:10 PM

That's part of the whole design process. You'll want to approach this like a CMS (drupal, wordpress, etc).. Where you store a USER ID in the session variable on successful log in, and then use that to pull back data from the database to display. Be it some music list, ability to add reviews, etc. This means your database will need to use the user id as one of the key columns.
Was This Post Helpful? 0
  • +
  • -

#7 dag72  Icon User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 205
  • Joined: 02-March 11

Re: Member login area

Posted 03 December 2017 - 03:25 PM

Ok thank you, have you any code snipp example how i can approach this?
Was This Post Helpful? 0
  • +
  • -

#8 modi123_1  Icon User is online

  • Suitor #2
  • member icon



Reputation: 13662
  • View blog
  • Posts: 54,535
  • Joined: 12-June 08

Re: Member login area

Posted 03 December 2017 - 03:36 PM

Ahm.. no. This isn't really a 'snippet' thing.
Was This Post Helpful? 0
  • +
  • -

#9 ArtificialSoldier  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 1881
  • View blog
  • Posts: 5,839
  • Joined: 15-January 14

Re: Member login area

Posted 04 December 2017 - 09:38 AM

This is the core of your application design. If you want people to create video playlists or whatever, then you need to design the database to store the data that you want everyone to manage, and then you write your PHP code so that people can create, edit, delete etc their information in the database. This is just the general idea of designing your software to work the way you want it to work, this is what everyone does when building an interactive site like that.
Was This Post Helpful? 0
  • +
  • -

#10 dag72  Icon User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 205
  • Joined: 02-March 11

Re: Member login area

Posted 04 December 2017 - 12:54 PM

Thanks i have designed the database, this is no problem as this is my daily job just having some issues interacting php with sql.

Hi guys, I know this is relatng to another topic but can anyone suggest why login not working in IE and Crome but fine in firefox. For IE and Crome i get: 'you are successful' , 'you are being redirected to your members area', which is what i expected but its not redirecting to the members area but it does in firefox.

Thanks
Was This Post Helpful? 0
  • +
  • -

#11 andrewsw  Icon User is offline

  • blow up my boots
  • member icon

Reputation: 6445
  • View blog
  • Posts: 26,066
  • Joined: 12-December 12

Re: Member login area

Posted 04 December 2017 - 01:19 PM

How would we know based on such a vague description?

You are in the best position because you can debug your code and trace through it.

If you want help then provide relevant details and code.
Was This Post Helpful? 0
  • +
  • -

#12 dag72  Icon User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 205
  • Joined: 02-March 11

Re: Member login area

Posted 04 December 2017 - 02:09 PM

Am sorry guys, yes, i'm using the follow meta to redirect user to other pages, namely the member page but as i have understand this has since deprecated in php and doesn't work in all browser. See full code below. Do you know any alternative way to redirect? Thanks

echo "<meta http-equiv='refresh' content='=2;member.php' />";




<?php
//session_start();
INCLUDE_ONCE('connect.php');
?>
<!DOCTYPE html>

<html>
<head>

<title>Tip Top Music</title>
<link rel="stylesheet" type="text/css" href="css/layout.css"/>
<link rel="stylesheet" type="text/css" href="css/menu.css"/>
</head>

<body>

<div id = "main">
<div id ="header">
<h1> Tip Top Music </h1>
</div>

<div id ="nav_Bar">
		<nav>
			<ul>		
				<li><a href="index.html">Home</a></li>
				<li><a href="about.html">About Us</a></li>
				<li><a href="#">Members Login</a></li>
				<li><a href="registration.php">Sign Up</a></li>
				<li><a href="contact.php">Contact Us</a></li>
				<li><a href="authenticate.php">Admin Login</a></li>
		
			</ul>
		</nav>
			

</div>
<div id ="content-heading">
<h1>Login Page</h1>

</div>
<?php

if(!empty($_SESSION['LoggIN'])&& !empty($_SESSION['Username']))
{
?>

<?php
}

elseif(!empty($_POST['username']) && !empty($_POST['password']))
{

	$username = mysqli_real_escape_string($connection,trim($_POST['username']));
	$password = sha1(mysqli_real_escape_string($connection,trim($_POST['password'])));
	//$password = hash('ripemd128',"$salt1$password$salt2");
	//setting up the select query
	$verifyingLogin = mysqli_query($connection,"SELECT * FROM members WHERE Username = '".$username."' AND Pass_word =
	'".$password."'");
	if(mysqli_num_rows($verifyingLogin) == 1)
	{	$row = mysqli_fetch_array($verifyingLogin);
		$email = $row['email'];
		
		//$_SESSION['MembersID'] = $MembersID;
		$_SESSION['Username'] = $username;
		$_SESSION['email'] = $email;
		$_SESSION['LoggIN'] = 1;
		
		echo "<h1>You are successful!</h1>";
		echo "<p>You are being rediected to your members area.</p>";
		echo "<meta http-equiv='refresh' content='=2;member.php' />";
	}
	else
	{
		echo "<h1>We have encountered an error</h1>";
		echo "<p>Sorry! We could not find your account. Please <a href=\"login.php\">Click here to try again</a>.</p>";
		}
	}
	else
	{
		?>
		
		<p>Welcome You can either logging below, or <a href="registration.php">Please click here to register</a>.</p>
		<form method="POST" action="login.php" name="loginform" id="loginform" autocomplete='on'>
		<table style="padding:50px">
			<tr>
				<td>Username:</td>
				<td> <input type="text" name="username" id="username" required='required'> </td>
			</tr>
			<tr>
			<td>Password:</td>
			<td><input type="password" name="password" id="password" required='required'></td> <br />
			</tr>
			<tr>
			<td><input type="submit" name="login" id="login" value="Login" /></td>
			</tr>
		</table>
		</form>
		<?php
		}
		
		?>
<br />
<div id ="footer">
<p>&copy; 2016<p>
<a class="links" a href="w16035629.html">Click here to read the assignment report |<a class="links" a href="features.php"> Click here for the features list</a>
</div>

</div>


</body>

</html>


Was This Post Helpful? 0
  • +
  • -

#13 modi123_1  Icon User is online

  • Suitor #2
  • member icon



Reputation: 13662
  • View blog
  • Posts: 54,535
  • Joined: 12-June 08

Re: Member login area

Posted 04 December 2017 - 02:10 PM

There's always the PHP 'header' function.
Was This Post Helpful? 0
  • +
  • -

#14 dag72  Icon User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 205
  • Joined: 02-March 11

Re: Member login area

Posted 04 December 2017 - 02:38 PM

Thank you, yes, this works fine

header('location:member.php') 

This post has been edited by dag72: 04 December 2017 - 02:39 PM

Was This Post Helpful? 0
  • +
  • -

#15 benanamen  Icon User is online

  • D.I.C Head

Reputation: 19
  • View blog
  • Posts: 143
  • Joined: 28-March 15

Re: Member login area

Posted 04 December 2017 - 05:27 PM

You need to make sure to kill the script after the header redirect otherwise the code will keep running.

die(header('location:member.php')); 



There are several issues with the code you posted in #12.

All the Php processing should be at the top of the page and the HTML below it.

If you leave session_start commented you will have errors.

You are randomly using uppercase letters. Use all lowercase.

You exit and re-enter Php when all it is, is Php. You check for an !empty session and do nothing with it.

You are using SHA for passwords. You need to use password_hash and password_verify.

Do not SELECT *. Specify the column names you want.

You are creating variables for nothing.

You dont kill the script after the redirect.

If you used single quotes on the try again link you wouldn't have to mess with escaping.

It is a security risk to turn on autocomplete on a login form.

You dont check for a POST request before running Php code.

You are missing a closing paragraph tag for the copyright date.

Your link tags at the end are all jacked up.

You might want to think about using PDO.

Despite it being your "daily job", I would recommend you post your DB schema for us to review.

This post has been edited by benanamen: 04 December 2017 - 05:29 PM

Was This Post Helpful? 0
  • +
  • -

  • (2 Pages)
  • +
  • 1
  • 2