#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2013
    Posts
    5
    Rep Power
    0

    Help with Login scripts


    Hey everyone, I am completley new with PHP and not really sure what I am doing. I wanted to make a login with ASP but can't really figure out how to make that happen. I looked all over the place for help with this and every solution I have tried there would be an error. My main question is, I am using IIS 7 and I installed MySQL and it comes up asking what the password for SA is and I never had to create one, so I can't install Phpbb or whatever it is called. I run this script for logging in and nothing works. I run it and it just comes up as the code. I need some real help! My other question is, is there anything more I could do with this login to make it better? My overall goal is to have a login page, a register page, a user CP, logout page, etc. Below is the code and any help would be appreciated.


    Login.php
    Code:
    <?PHP
    
    $uname = "";
    $pword = "";
    $errorMessage = "";
    
    function quote_smart($value, $handle) {
    
    if (get_magic_quotes_gpc()){
        $value = stripslashes($value);
    }
    
    if (!is_numeric($value)) {
        $value = "'" . mysql_real_espace_string($value,   $handle) . "'";
    }
    return $value;
    }
    if ($_SERVER[$_SERVER['REQUEST_METHOD'] =='POST'){
           $uname = $_POST['username'];
           $pword = $_POST['password'];
    
           $uname = htmlspecialchars($uname);
           $pword = htmlspecialchars($pword);
    
    
    //Connect to Local Database
    
    $user_name = "root"
    $pass_word = "";
    $datebase = "login";
    $server = "127.0.0.1;
    
    $db_handle = mysql_connect($server, $user_name, $pass_word);
    $db_found = mysql_select_db($database, $db_handle);
    
    if ($db_found) {
     
           $uname = quote_smart($uname, $db_handle);
           $pword = quote_smart($pword, $db_handle);
    
    
            $SQL = "SELECT * FROM login WHERE L1 = $uname AND L2 = md5 ($pword)";
    
            $result = mysql_query($SQL);
            $num_rows = mysql_num_rows($result);
    
    if ($result) {
              if ($num_rows > 0) {
                      session_start();
                      $_SESSION['login'] = "1";
                      header ("Location: page1.php");
    }
    else {
                     session_start();
                     $_SESSION['login'] = "";
                     header ("Location: signup.php");
            }
    }
    else {
                  $errorMessage = "Error logging on";
    }
    
    mysql_close($db_handle);
    }
    else {
                  $errorMessage = "Error logging on"; 
            }
    }
    
    ?>
    
    <html>
    <head>
    <title>Login Script</title>
    </head>
    <body>
    
    <form name="form1" method="post" action="login.php">
    
    Username: <input type="text" name="username" value="<?PHP print $uname;?>" maxlength="20">
    Password: <input type="text" name="password" value="<?PHP print $pword;?>" maxlength="20">
    
    <p align= center> // This always gives me an error saying align can't be there.
    <input type="submit" name="submit1" value="login">
    </p>
    </form>
    <p><?PHP print $errorMessage;?>
    </body>
    </html>
    signup.php
    Code:
    <?PHP
    //session_start();
    //if (!(isset($_SESSION['login']) && $_SESSION['login'] != '')) {
    //header ("Location:Login.php");
    //}
    
    $uname= "";
    $pword= "";
    $errorMessage = "";
    num_rows = 0;
    
    function quote_smart($value, $handle) {
        if (get_magic_quotes_gpc()) {
             $value = stripslashes($value);
        }
    
        if (!is_numeric($value)) {
             $value = "'" . mysql_real_escape_string($value, $handle) . "'";
         }
         return $value;
          }
    
    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    
    $uname = $_POST['username'];
    $pword = $_POST['password'];
    
    $uname = htmlspecialchars($uname);
    $pword = htmlspecialchars($pword);
    
    $uLength = strlen($uname);
    $pLength = strlen($pword);
    
    if ($uLength >= 10 && $uLength <= 20) {
           $errorMesage = "";
    }
    else {
                $errorMessage = $errorMessage . "Username must be between 10 and 20 characters" . "<bR>";
    }
    if ($pLength >= 8 && $pLength <= 20 {
                 $errorMessage = "";
    }
    else {
               $errorMessage = $errorMessage . "Password must be between 8 and 20 characters long" . "<BR>";
    }
    
    if ($errorMessage == "") {
    
    $user_name = "root";
    $pass_word = "";
    $database = "login";
    $server = "127.0.0.1";
    
    $db_handle = mysql_connector($server, $user_name, $pass_word);
    $db_found = mysql_select_db($database, $db_handle);
    
    if ($db_found) {
                 $uname = quote_smart($unate, $db_handle);
                 $pword = quote_smart($pword, $db_handle);
    
    $SQL = "SELECT * FROM login where L1 = $uname"; 
    $result = mysql_query($SQL);
    $num_rows = mysql_num_rows($result);
    
    if ($num_rows > 0) {
                  $errorMessage = "Username already taken";
    }
    else {
               $SQL = "INSERT INTO login (L1, L2) VALUES ($uname, md5 ($pword))";
    
    $result = mysql_query($SQL);
    mysql_close($db_handle);
    
    session_start();
    $_SESSION['login'] = "1";
    
    header ("location: page1.php");
    }
    }
    else {
    $errorMessage = "Database Not Found";
    }
    }
    }
    ?>
    
    <html>
    <head>
    <title>Basic Login Script</title>
    
    </head>
    <body>
    
    <FORM NAME = "form1" Method="POST" Action="signup.php">
    
    Username: <INPUT TYPE= "TEXT" Name='username' value="<?PHP print $uname;?>" maxlength="20">
    Password: <INPUT TYPE = "TEXT" Name="Password" value="<? PHP print $pword;?>" maxlength="16">
    
    <p>
    <INPUT TYPE = "SUBMIT" NAME= 'Submit1' Value="register">
    </FORM>
    <p>
    <?PHP print $errorMessage;?>
    </body>
    </html>
    Page1.php
    Code:
    <?PHP
    session_start();
    if (!(isset($_SESSION['login']) && $_SESSION['login'] != '')) {
                   header ("Location: login3.php");
    }
    
    ?>
    
    <html>
    <head>
    <title>Basic Login</title>
    </head>
    <body>
    
    User Logged in
    <p>
    <a href=page2.php>log out</a>
    </body>
    </html>
    Page2.php

    Code:
    <?PHP
           session_start();
           session_destroy();
    ?>
    
    <html>
    <head>
    <title>LoginLoutoutScript</title>
    
    </head>
    <body>
    User Logged Out
    </body>
    </html>
    In the database I have the actual database called users and the table called users. The table has two columns, one being 'uname' and the other being 'pword'. Remember I will have more than just these two columns, this is just making sure everything is working before hand.

    Any help will be appreciated. If you need any information let me know!
  2. #2
  3. No Profile Picture
    Lost in code
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2004
    Posts
    8,316
    Rep Power
    7171
    Did you install PHP on the server?

    What does the address in your browser look like when you're visiting the page?
    PHP FAQ

    Originally Posted by Spad
    Ah USB, the only rectangular connector where you have to make 3 attempts before you get it the right way around
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2013
    Posts
    5
    Rep Power
    0

    Login Script


    Thank you for answering back. I actually am going to try the sticky you had for the secure login and see if that works.

    Like I said I am using IIS 7 and I am using MySQL, but whenever I try to install certain things like phpBB it asks for a username for /.MySQL SA and I never set a password for that so I don't know how to fix it. I found at one point before a command prompt command I could execute to fix this problem, because I have had this problem before, but I can't find it anymore.

    You asked if I installed PHP, and this is the list of everything that has PHP in its name on the IIS server using the Web Platform Installer 4.5:

    • PHP 5.4.9 for IIS Express
    • Windows Cache Extension 1.3 for PHP 5.4
    • Windows Cache Extension 1.3 for PHP 5.3 in IISExpress
    • PHP 5.3.19 For IIS Express
    • Microsoft Drivers 3.0 for PHP v5.3 for SQL Server in IIS Express
    • Microsoft Drivers 3.0 for PHP v5.4 for SQL Server in IIS Express
    • PHP Manager for IIS
    • IISNode for IIS(IIS exists)


    And like I said I tried install phpBB but i can't bypass the password for SA. But I would think PHP is installed seeing how the PHP 5.4.9 for IIS Express is installe as well as PHP 5.3.19 for IIS Express.

    Any help with this would be really appreciated. Thank you again
  6. #4
  7. No Profile Picture
    Lost in code
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2004
    Posts
    8,316
    Rep Power
    7171
    I don't know anything about IIS and I don't know what SA stands for.

    If you're just trying to learn PHP, download XAMPP and use Apache instead of IIS.

    If you are seeing PHP code in the browser when you visit the page, it either means your web server is not configured to serve PHP files, or it means you are accessing the file directly in your browser rather than visiting it through the web server.
    PHP FAQ

    Originally Posted by Spad
    Ah USB, the only rectangular connector where you have to make 3 attempts before you get it the right way around
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2009
    Posts
    721
    Rep Power
    7
    As E-Oreo mentioned, I would go with Apache. Windows servers have quite a bit to them, so unless your rather knowledged in the server world, stick with the simple/popular items for the best help.

    There are all-in-one items like the XAMPP, WAMP, and a couple others. If you're truely looking to learn, I maybe recommend also setting the servers up on your own, and not an all-in-one. This would help understand permissions and such in reference to directories and address redirects. The main the items you would need are Apache, PHP, and MySQL.

IMN logo majestic logo threadwatch logo seochat tools logo