MySQL Database Login/Registration

Webmonkey

Here HandWS LTD suggested to use data.

Then you reply. In this it says 1 record added meaning the insert worked.

I'm incredibly confused. I'm trying my best to understand things here but I'm failing.

gahim

Hi there,
I know I am so confused myself

I added a user by logging into PHP my admin and doing it manually...

The username web and password web has been created...

I try to login using http://beta.gahim.com/start/login.php but failed...

I try signup for a new account with http://beta.gahim.com/start/index.php but again failed :mad:

HandWS LTD

The code is a bit messy.

I did a quick one from one of the tutorials i recommended to you via a different thread. Add a new DB and new pages and try this:

CREATE TABLE users (ID MEDIUMINT NOT NULL AUTO_INCREMENT PRIMARY KEY, username VARCHAR(60), password VARCHAR(60)........);

/start/index.php Page (try a new page similar to this):

<?php
// Connects to your Database
mysql_connect("localhost", "username", "password") or die(mysql_error());
mysql_select_db("Database_Name") or die(mysql_error());

//This code runs if the form has been submitted
if (isset($_POST['submit'])) {

//This makes sure they did not leave any fields blank
if (!$_POST['name'] | !$_POST['email'] | !$_POST['pass'] | !$_POST['pass2'] | !$_POST['username'] | !$_POST['title'] ) {
die('You did not complete all of the required fields');
}

// checks if the username is in use
if (!get_magic_quotes_gpc()) {
$_POST['username'] = addslashes($_POST['username']);
}
$usercheck = $_POST['username'];
$check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'")
or die(mysql_error());
$check2 = mysql_num_rows($check);

//if the name exists it gives an error
if ($check2 != 0) {
die('Sorry, the username '.$_POST['username'].' is already in use.');
}

// this makes sure both passwords entered match
if ($_POST['pass'] != $_POST['pass2']) {
die('Your passwords did not match. ');
}

// here we encrypt the password and add slashes if needed
$_POST['pass'] = md5($_POST['pass']);
if (!get_magic_quotes_gpc()) {
$_POST['name'] = addslashes($_POST['name']);
$_POST['email'] = addslashes($_POST['email']);
$_POST['pass'] = addslashes($_POST['pass']);
$_POST['username'] = addslashes($_POST['username']);
$_POST['title'] = addslashes($_POST['title']);
}

// now we insert it into the database
$insert = "INSERT INTO users (username, password, email, title, name)
VALUES ('".$_POST['username']."', '".$_POST['pass']."', '".$_POST['email']."', '".$_POST['title']."', '".$_POST['name']."')";
$add_member = mysql_query($insert);
?>


<h1>Registered</h1>
<p>Thank you, you have registered - you may now login</a>.</p>

<?php
}
else
{
?>


<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table border="0">
<tr><td>Full Name:</td><td>
<input type="text" name="name" maxlength="60">
</td></tr>
<tr><td>Email Address:</td><td>
<input type="text" name="email" maxlength="60">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="10">
</td></tr>
<tr><td>Confirm Password:</td><td>
<input type="password" name="pass2" maxlength="10">
</td></tr>
<tr><td>Site Address:</td><td>
<input type="text" name="username" maxlength="60">
</td></tr>
<tr><td>Title/Name:</td><td>
<input type="text" name="title" maxlength="60">
</td></tr>
<tr><th colspan=2><input type="submit" name="submit" value="Register"></th></tr> </table>
</form>

<?php
}
?>

Login Page:

<?php
// Connects to your Database
mysql_connect("localhost", "username", "password") or die(mysql_error());
mysql_select_db("Database_Name") or die(mysql_error());

//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))

//if there is, it logs you in and directes you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
}
else
{
header("Location: builder.php");

}
}
}

//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database

if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);

//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
else
{

// if login is ok then we add a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['username'], $hour);
setcookie(Key_my_site, $_POST['pass'], $hour);

//then redirect them to the builder area
header("Location: builder.php");
}
}
}
else
{

// if they are not logged in
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}

?>

builder Page:

<?php
// Connects to your Database
mysql_connect("localhost", "username", "password") or die(mysql_error());
mysql_select_db("Database_Name") or die(mysql_error());

//checks cookies to make sure they are logged in
if(isset($_COOKIE['ID_my_site']))
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{

//if the cookie has the wrong password, they are taken to the login page
if ($pass != $info['password'])
{ header("Location: login.php");
}

//otherwise they are shown the builder area
else
{
echo "Website Builder Area<p>";
echo "Your Content<p>";
echo "<a href=logout.php>Logout</a>";
}
}
}
else

//if the cookie does not exist, they are taken to the login screen
{
header("Location: login.php");
}
?>

Logout Page:

<?php
$past = time() - 100;
//this makes the time in the past to destroy the cookie
setcookie(ID_my_site, gone, $past);
setcookie(Key_my_site, gone, $past);
header("Location: login.php");
?>

gahim

SQL query:
CREATE TABLE id(ID MEDIUMINT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
username VARCHAR( 60 ) ,
PASSWORD VARCHAR( 60 ) . . . . . . . .
)
MySQL said: [IMG]http://****/3rdparty/phpMyAdmin/themes/original/img/b_help.png[/IMG]
#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '........)' at line 1

gahim

The table users has already been created so I decided to change it to the name ID, this is what came back

SQL query:
CREATE TABLE id(ID MEDIUMINT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
username VARCHAR( 60 ) ,
PASSWORD VARCHAR( 60 ) . . . . . . . .
)
MySQL said: [IMG]http://****/3rdparty/phpMyAdmin/themes/original/img/b_help.png[/IMG]
#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '........)' at line 1

HandWS LTD

gahim wrote: »

SQL query:
CREATE TABLE id(ID MEDIUMINT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
username VARCHAR( 60 ) ,
PASSWORD VARCHAR( 60 ) . . . . . . . .
)
MySQL said: [IMG]http://****/3rdparty/phpMyAdmin/themes/original/img/b_help.png[/IMG]
#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '........)' at line 1

I said add a new Database. New name, new username and password. Leave the old one alone. As you can see.......you are just cutting and pasting my code

The code will never work....i used the

.  .  .  .  .  .  . .

so you can fill in the rest of the fields into your new database and new table called 'users' inside that new database.

The other fields need to add are: email, name, and title

I hope you understand this.

Webmonkey

As soon as you see any code at all you go trying to execute it without reading it!

gahim

Just thinking, would my username be like gahimcom@localhost or gahimcom or is it limited to a certain amount of characters?

Thanks

HandWS LTD

gahim wrote: »

Just thinking, would my username be like gahimcom@localhost or gahimcom or is it limited to a certain amount of characters?

Thanks

Go to cPanel, -> Databases -> MySQL Databases

In there you can add a new username and password. Leave the old ones alone for now. Some hosting accounts are limited to one database. Hopefully your not.

gahim

Hi Thanks,
It says gahimcom_gahim so I should enter as my username gahim? or gahimcom_gahim, I have created a new database called members1...

I have set my databases to 90000000000 in the WHM

HandWS LTD

username = gahimcom_gahim

gahim

HandWS LTD wrote: »

I said add a new Database. New name, new username and password. Leave the old one alone. As you can see.......you are just cutting and pasting my code

The code will never work....i used the

.  .  .  .  .  .  . .

so you can fill in the rest of the fields into your new database and new table called 'users' inside that new database.

The other fields need to add are: email, name, and title

I hope you understand this.

CREATE TABLE id(ID MEDIUMINT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
username VARCHAR( 60 ) ,
password VARCHAR( 60 )
email VARCHAR( 60 )
title VARCHAR( 60 )
name VARCHAR( 60 )
)

gahim

gahim wrote: »

CREATE TABLE id(ID MEDIUMINT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
username VARCHAR( 60 ) ,
password VARCHAR( 60 )
email VARCHAR( 60 )
title VARCHAR( 60 )
name VARCHAR( 60 )
)

Error message

SQL query:
CREATE TABLE id(ID MEDIUMINT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
username VARCHAR( 60 ) ,
PASSWORD VARCHAR( 60 ) email VARCHAR( 60 ) title VARCHAR( 60 ) name VARCHAR( 60 )
)
MySQL said: [IMG]http://****************/3rdparty/phpMyAdmin/themes/original/img/b_help.png[/IMG]
#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'email VARCHAR( 60 )
title VARCHAR( 60 )
name VARCHAR( 60 )
)' at line 4

gahim

HandWS LTD wrote: »

The code is a bit messy.

I did a quick one from one of the tutorials i recommended to you via a different thread. Add a new DB and new pages and try this:

CREATE TABLE users (ID MEDIUMINT NOT NULL AUTO_INCREMENT PRIMARY KEY, username VARCHAR(60), password VARCHAR(60)........);

/start/index.php Page (try a new page similar to this):

<?php
// Connects to your Database
mysql_connect("localhost", "username", "password") or die(mysql_error());
mysql_select_db("Database_Name") or die(mysql_error());

//This code runs if the form has been submitted
if (isset($_POST['submit'])) {

//This makes sure they did not leave any fields blank
if (!$_POST['name'] | !$_POST['email'] | !$_POST['pass'] | !$_POST['pass2'] | !$_POST['username'] | !$_POST['title'] ) {
die('You did not complete all of the required fields');
}

// checks if the username is in use
if (!get_magic_quotes_gpc()) {
$_POST['username'] = addslashes($_POST['username']);
}
$usercheck = $_POST['username'];
$check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'")
or die(mysql_error());
$check2 = mysql_num_rows($check);

//if the name exists it gives an error
if ($check2 != 0) {
die('Sorry, the username '.$_POST['username'].' is already in use.');
}

// this makes sure both passwords entered match
if ($_POST['pass'] != $_POST['pass2']) {
die('Your passwords did not match. ');
}

// here we encrypt the password and add slashes if needed
$_POST['pass'] = md5($_POST['pass']);
if (!get_magic_quotes_gpc()) {
$_POST['name'] = addslashes($_POST['name']);
$_POST['email'] = addslashes($_POST['email']);
$_POST['pass'] = addslashes($_POST['pass']);
$_POST['username'] = addslashes($_POST['username']);
$_POST['title'] = addslashes($_POST['title']);
}

// now we insert it into the database
$insert = "INSERT INTO users (username, password, email, title, name)
VALUES ('".$_POST['username']."', '".$_POST['pass']."', '".$_POST['email']."', '".$_POST['title']."', '".$_POST['name']."')";
$add_member = mysql_query($insert);
?>


<h1>Registered</h1>
<p>Thank you, you have registered - you may now login</a>.</p>

<?php
}
else
{
?>


<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table border="0">
<tr><td>Full Name:</td><td>
<input type="text" name="name" maxlength="60">
</td></tr>
<tr><td>Email Address:</td><td>
<input type="text" name="email" maxlength="60">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="10">
</td></tr>
<tr><td>Confirm Password:</td><td>
<input type="password" name="pass2" maxlength="10">
</td></tr>
<tr><td>Site Address:</td><td>
<input type="text" name="username" maxlength="60">
</td></tr>
<tr><td>Title/Name:</td><td>
<input type="text" name="title" maxlength="60">
</td></tr>
<tr><th colspan=2><input type="submit" name="submit" value="Register"></th></tr> </table>
</form>

<?php
}
?>

Login Page:

<?php
// Connects to your Database
mysql_connect("localhost", "username", "password") or die(mysql_error());
mysql_select_db("Database_Name") or die(mysql_error());

//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))

//if there is, it logs you in and directes you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
}
else
{
header("Location: builder.php");

}
}
}

//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database

if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);

//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
else
{

// if login is ok then we add a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['username'], $hour);
setcookie(Key_my_site, $_POST['pass'], $hour);

//then redirect them to the builder area
header("Location: builder.php");
}
}
}
else
{

// if they are not logged in
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}

?>

builder Page:

<?php
// Connects to your Database
mysql_connect("localhost", "username", "password") or die(mysql_error());
mysql_select_db("Database_Name") or die(mysql_error());

//checks cookies to make sure they are logged in
if(isset($_COOKIE['ID_my_site']))
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{

//if the cookie has the wrong password, they are taken to the login page
if ($pass != $info['password'])
{ header("Location: login.php");
}

//otherwise they are shown the builder area
else
{
echo "Website Builder Area<p>";
echo "Your Content<p>";
echo "<a href=logout.php>Logout</a>";
}
}
}
else

//if the cookie does not exist, they are taken to the login screen
{
header("Location: login.php");
}
?>

Logout Page:

<?php
$past = time() - 100;
//this makes the time in the past to destroy the cookie
setcookie(ID_my_site, gone, $past);
setcookie(Key_my_site, gone, $past);
header("Location: login.php");
?>

Doesn't work

gahim

gahim wrote: »

Doesn't work

Can anyone help?

gahim

Hi Everyone,
As you may know I am experienced in PHP (not SQL, quite new), I coded the signup form and it's now working, the login form I am working on...

Thanks for everyones help!

ronkmonster

gahim wrote: »

Error message

SQL query:
CREATE TABLE id(ID MEDIUMINT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
username VARCHAR( 60 ) ,
PASSWORD VARCHAR( 60 ), email VARCHAR( 60 ), title VARCHAR( 60 ), name VARCHAR( 60 )
)
MySQL said: [IMG]http://****************/3rdparty/phpMyAdmin/themes/original/img/b_help.png[/IMG]
#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'email VARCHAR( 60 )
title VARCHAR( 60 )
name VARCHAR( 60 )
)' at line 4

you need comma after each field definition
i've put commas in bold in the quote to show you (not very noticeable)

gahim

Thanks for everyones help,

I have figured it out

Thanks

Evil Phil

Wow. Glad you got there Gahim.

HandWS LTD

yep, comma was required. Hopefully everything works smoothly now.

Webmonkey

Wow it's a miracle Well done gahim. Best of luck with the young scientist stuff