11 replies to this topic

[jesseruu]

Hey everyone!

I am helping someone make a login system using MySQL databases and a PHP login form.

I have a fair bit of experiance in HTML and some javascript too. I have virtually no experiance in MySQL or PHP.


Anybody know of any good PHP login systems that allow you to creat a personalised page for each user and when they login the system transfers the user to their page. Another thing that the system MUST have is a way of stopping unwanted users entering someones page.

For example lets say I register and my UN is jesse123 and my personalised pages address is:
 www.mydomain.com/members/jesse123.php
Then I decide I want to view someone elses page....
www.mydomain.com/members/admin.php

I know you can make the users page names more complicated but if someone uses a search engine they could easily find out someone elses page address.



Does anyone know of a way to create a login form like this or know somewhere where you can download one?



kind regards,

Jesse R.

[shadowx]

Damn, if you have no PHP experience you will find this very tough,

There are two ways of doing this... One is to have the PHP page as you said and within that page have a login form and some IF statements.

The second option is to make use of sessions. If you do not use sessions everytime a user goes away from their page and comes back again they will have to login all over again. So you can have a central login page, which starts the sessions, then they are taken to a dynamic "user.php" page which connects to a database and takes out info that is filled in on their custom page.

I cant code you the page myself, im busy at the moment but i think you've jumped in at the deep end here!

[jesseruu]

shadowx, on Sep 3 2008, 08:43 PM, said:

Damn, if you have no PHP experience you will find this very tough,

There are two ways of doing this... One is to have the PHP page as you said and within that page have a login form and some IF statements.

The second option is to make use of sessions. If you do not use sessions everytime a user goes away from their page and comes back again they will have to login all over again. So you can have a central login page, which starts the sessions, then they are taken to a dynamic "user.php" page which connects to a database and takes out info that is filled in on their custom page.

I cant code you the page myself, im busy at the moment but i think you've jumped in at the deep end here!

Thanks for that mate!

I'll look into how to code sessions....


Jesse

[rpgsearcherz]

Heh, you're kind of in the same ballpark as me.

I know absolutely nothing about PHP but I am wanting to learn for a project I am working on as well(Login for an entire site, where some is visible when logged in, some is visible if you are signed up, and everything is visible if you are an actual verified member)

So far I haven't actually started yet, though, as I am currently working on other things.

[jesseruu]

rpgsearcherz, on Sep 4 2008, 03:54 PM, said:

Heh, you're kind of in the same ballpark as me.

I know absolutely nothing about PHP but I am wanting to learn for a project I am working on as well(Login for an entire site, where some is visible when logged in, some is visible if you are signed up, and everything is visible if you are an actual verified member)

So far I haven't actually started yet, though, as I am currently working on other things.

Yeah,

I'm reading throug on online tutorial... found here http://www.php-mysql-tutorial.com/

You can download redily made systems like this http://evolt.org/PHP...-Admin-Features that gives you admin features and more. The only problem with ready made systems is that anyone can view the source code of your login system if they find out where its from.

Jesse

[travstatesmen]

rpgsearcherz, on Sep 4 2008, 05:54 PM, said:

I know absolutely nothing about PHP but I am wanting to learn for a project I am working on as well(Login for an entire site, where some is visible when logged in, some is visible if you are signed up, and everything is visible if you are an actual verified member)

That sounds very much like the login system that I am using with Lanius CMS. Have you considered using a Content Management System, rather than starting to build your site from scratch? The CMS that I use, (and I'm sure that other CMS packages have similar functionality) allows for page permissions to be set for groups of users. By default there are the following groups in Lanius CMS...

• Public
  
• Registered
  
• Editor
  
• Publisher
  
• Manager
  
• Administrator
  
• Nobody

I can assign permissions, for instance, for registered users to be able to view certain areas of the site, or for Publishers to add content to the site, etc. The back-end uses a mySQL database, and it is all created in PHP. And what's more, I didn't need to write a single line of code to make it happen (which is a good thing, as I'm a hopeless programmer!) A good Content Management System should be as invisible as possible, so your users should not even know that you are using a Content Management System. I have a long way to go yet in customizing my site, and I might even decide against using Lanius as my CMS of choice. But either way, a CMS, any CMS, is easier than trying to write the code yourself. As they say, why reinvent the wheel?

Edited by travstatesmen, 04 September 2008 - 08:48 AM.

[shadowx]

using a CMS is a good idea.

I can give you a few tips if you want to learn php though. Firstly think logically, think in sequence. So if you need someone to login to see a page think of it like this

User sees login page> (assuming they are registered) User types info and hits submit > PHP code checks to make sure its not trying to inject code and hack > (assuming its clean) PHP asks the database for the password of the user called "USERNAME" > If it cant find that password the user doesnt exist (give error message) If it does find a password check it against the one entered > If it is wrong take them back to the login page. If its right Start a session > Session is loaded with the user's name and the password they entered (preferably in an MD5 hash) > Redirect them to the first protected page.

on the protected page you need to: Load up the sessions again (using an include probably) > check the data in the session variables against the data in the database > If the data doesnt match they get logged out by destroying the session. if it matches they stayed logged in > Use an IF statement to check if they are logged in > If the IF returns a FALSE result they arent logged in so take them back to the login page, if it returns TRUE, they are logged in, then show them the protect page contents

It looks fairly complicated, but once you know the basics, eg session variables, POST variables, IF statements, INCLUDE()s, Database functions and how to MD5 (real easy: md5("some text"); then you can easily do this.

dont give up! PHP is a great language to know!

[jlhaslip]

Here is a link to a Login script in the tutorial section.
http://www.trap17.com/forums/index.php?sho...78&hl=login

Have a look, or use the Search feature, for lots of good information in the Tutorial section here at the Trap17.

[Nabb]

If you want each user to have an individual page, it would probably work to create the page when they register. You could create the page separately and then paste it into the registration script as a heredoc (extremely useful these are, you should look into them if you don't know about them!), and have the script open username.php and just write to it.

If there's a better way, feel free to say.

[shadowx]

Personally i would have it dynamically created from a database. Store details in the DB like the URL to images, the title to use, background colour etc... and load that into a template, the same way they make profile pages eg profile.php?user=shadowx Its just a template loaded with info from a database.

But it depends on what you want the page to be like. This method also means you dont have hundreds of files laying around