Jump to content
Welcome, Guest
Existing user? Sign In

Sign In



Sign Up
The MatriX
  • Welcome To Ghbsys
  • CS GO Streaming Version is released. Have fun streaming while cheating!
  • Have a Payment Issue? Send us a Support ticket.
  • Make a thread if you need support or join our discord for live support.
  • Have Suggestions? Make a thread and you'll earn Ghbsys Points for implemented suggestions.
  • Join our discord to stay well connected! Don't forget to integrate your discord to the site
  • Welcome to [GHB] - GAmEhAcKbAsTaRdS Forum

    Welcome to [GHB] - GAmEhAcKbAsTaRdS Forum, like most online communities you must register to view or post in our community, but don't worry this is a simple free process that requires minimal information for you to signup. Be apart of [GHB] - GAmEhAcKbAsTaRdS Forum by signing in or creating an account.
    • Start new topics and reply to others
    • Subscribe to topics and forums to get email updates
    • Get your own profile page and make new friends
    • Send personal messages to other members.

    Another PHP tutorial (logging in)


    House
     Share

    Recommended Posts

    Hi folks^^

     

    My tutorial about logging in.

     

    First a little bit in the front.

     

    For logging in, you can use Cookies or Session.

    I will show you Session today.

    These variables are available on EVERY page where on top of the HTML document stands:

     

    <?php
    session_start();
    ?>
    <html>
    </html>

     

    After a person validated himself through a security-check, which will be explained later,

    you can put username and for example, the admin status in the session.

    The $_SESSION variable is a big array where everything can be put in.

    For example:

    $_SESSION['username'] = $_POST['username'];

    :-)

     

    So, now to the coding:

     

    Create a file, called: login.php

     

    Put this in the file:

     

    <?php
    session_start();
    ?>
    <html>
    <head>
    <title>Log in menu</title>
    </head>
    <body>
    
    <form method="POST" action="login.php">
    Username:
    <input type="text" name="username" /><br>
    Password:
    <input type="password" name="password" /><br>
    <input type="submit" name="submit" value="log in!" />
    </form>
    
    <?php
    //Here you declare the variables by putting an "=" between things:
    $username = $_POST['username'];
    $password = $_POST['password'];
    
    //Here the script lets connect itself to a mysql server.
    $connection = mysql_connect("my_server","my_usernameontheserver","my_passwordontheserver");
    
    //The script checks now, if the connection is established, if NOT (! before the variable,
    //Then he prints out the mysql_error with a declaration :-)
    if(!$connection)
    {
    echo "Failure!".mysql_error();
    }
    
    //Now he says, if it IS actually connected, do:
    else
    {
    //Select the database.
    mysql_select_db("my_databasename");
    //now we are connected! Do the dew!
    
    //Create the mysql query so it can be used.
    $query = "SELECT * FROM `my_userdata_table` WHERE `username` = '$password' AND `password`= '$password'";
    //Query the server.
    $information = mysql_query($query);
    
    //Again, errorcheck. Check if server is queried. You can echo out things by separating them with "." without the 
    //Quotation marks. For example: "hello ".$_POST['username']." is gay"; understand? :-)
    if(!$information)
    {
    echo "FAIL".mysql_error();
    }
    else
    {
    //Now you are logged in! The username and password match the information from the database :-)
    //Now, we turn the $_SESSION variables on!
    $_SESSION['username'] = $username;
    $_SESSION['password'] = $password;
    $_SESSION['loggedin'] = 1
    
    //You can put even more in there! For example, adminstatus. I show you how to retrieve the adminstate. (retrieve=get or check if true)
    //Don't forget! You NEED to have a field in PHPmyadmin with info: status, otherwise you will get errors.
    //Remember this at the registering script! example: INSERT INTO `userdb` VALUES '$username', '$password', ''";
    //I put ' ' there, so he enters an empty value in the database.
    $adminstatusquery = "SELECT * FROM `my_userdata_table` WHERE `status` = '1'";
    $adminstatus = mysql_query($adminstatusquery);
    if(mysql_num_rows($adminstatus) > 1)
    {
    //Now the person is admin
    $_SESSION['status'] = 1;
    }
    else
    {
    //Now the person is not an admin :)
    $_SESSION['status'] = 0;
    }
    }
    
    }
    
    
    
    
    ?>
    
    </body>
    </html>

    Edited by Joachim Pfuetz
    Link to comment
    Share on other sites

    yeah thnx man works fine!

     

    Lol didn't even finish the tutorial code but if this helps too, than good xD

    Link to comment
    Share on other sites

    you see,

    many user dont look what you wrote xD

    they just spam.

     

    but i think you could declare every function because i am a really Biene Maja in php and when you give me just a source code i dont understand what im doing now :S

    Link to comment
    Share on other sites

    • 7 months later...

    if i were you i wouldn't create a Admin Session..

    1. Its Easy to hack.

    2. Once someone hacks, and u de-admin him, hes still an admin, because of the session.

     

    Also i would like md5 or SHA the password ><

     

    Now u can like get them out of the WHERE clause. And also Sql Inject in the POST clause.

    Edited by Sayuta
    Link to comment
    Share on other sites

    • 4 months later...
    Guest
    This topic is now closed to further replies.
     Share

    • Recently Browsing   0 members

      • No registered users viewing this page.
    ×
    ×
    • Create New...