Login Script using php

Dev Shed Forums Sponsor:

Stop making mediocre tutorials.The best tutorials are video! Camtasia Studio makes it easy to create engaging, buzz-building screen videos at any size, in any popular format. Download the free trial!

May 25th, 2004, 11:57 PM

Beckwith

Contributing User

Join Date: Dec 2003

Location: CA

Posts: 85

Time spent in forums: 1 h 45 m 42 sec
Reputation Power: 5

Login Script using php

I have developed a script for logging someone into my site and it's almost done, now all I need to do is allow the user to be "remembered", in other words, set cookies and retrieve them and set as a session. Here is the script, I'm simply looking for someone to just put in a few codes to it so it'll do just that:

PHP Code:


		
			
<?php 

include("header.php");

include("db.php"); 

if (isset($_GET['logout'])) {

echo('Logged out Successfully');

include("footer.php");

exit();

}

if (isset($_GET['changepass'])) {

$username = $_SESSION['username'];

echo('<form action="' . $_SERVER['PHP_SELF'] . '" method="get"><center><b>Change password for <b>' . $username . '</b>:<p><font color="red">Note: Do not hit enter or it will not work, please click the button</font><p>New Password:<br><input type="password" name="password" class="in1"><p><input type="submit" name="changedpass" value="Submit" class="in1"><input type="hidden" name="username" value="' . $username . '"></form></center>');

include("footer.php");

exit();

}

if (isset($_GET['changedpass'])) {

$username = $_GET['username'];

$password = md5($_GET['password']);

$sql = mysql_query("UPDATE users SET

        password = '$password'

        WHERE username = '$username'");

if ($sql) {

echo('Changed Successfully!<p>Please log in again with the new password');

} else {

echo('Error changing password');

}

unset($_SESSION['username']);

unset($_SESSION['level']);

unset($_SESSION['email']);

include("footer.php");

exit();

}

if ( !isset($_POST['login']) ) {

    echo('<font color="red">You need to use the login form to access this page</font>');

    } else { 

    $username = $_POST['username']; 

    $password = md5($_POST['password']); 

    $remember = $_POST['remember']; 

     

    $result = @mysql_query("SELECT id,username,password,level,email FROM users WHERE username='$username'"); 

}

if (!$result) {

    echo ('Username doesn\'t exist, try again'); 

    include("loginfield.php"); 

} else { 

        while( $row = mysql_fetch_array($result)){ 

            $user = $row['username']; 

            $pass = $row['password'];

            $level = $row['level']; 

            $email = $row['email'];

        } 

    }

if ($username == "" or $password == "") {

echo('<p><font color="red">You need to enter information in order to login!</font>');

}

if ($username == $user && $password == $pass && $username != "" && $password != "" && $user != "" && $pass != "") { 

    $_SESSION['username'] = $user; 

    $_SESSION['level'] = $level; 

    $_SESSION['email'] = $email;

    echo('Logged in successfully, please wait...'); 

$redirect = $_SERVER['HTTP_REFERER'];

$redirect = str_replace(array('?logout=1'),'',$redirect); 

echo('<META HTTP-EQUIV="refresh" content="1.5;URL='.$redirect.'">');

} else {

    echo('<p><font color="red">Login Failure, please try again</font>');

}

include("footer.php");

?>

May 26th, 2004, 05:34 PM

Beckwith

Contributing User

Join Date: Dec 2003

Location: CA

Posts: 85

Time spent in forums: 1 h 45 m 42 sec
Reputation Power: 5

Please reply...someone...I will offer an affiliate button on the site if someone does it

May 26th, 2004, 05:52 PM

RoundHost

Banned

Join Date: Mar 2004

Posts: 134

Time spent in forums: 57 sec
Reputation Power: 0

I personally would just start a session and use the id in the session, then just retreive the info relative to the id through mysql

Thread Tools	Search this Thread
Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode	Rate This Thread: