Zubrag.com
August 20, 2019, 01:47:26 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
 
   Home   Help Search Login Register  
Pages: [1]
  Print  
Author Topic: User Name and Password on my web page  (Read 6410 times)
jalexduran
Newbie
*
Posts: 6


« on: December 15, 2011, 09:19:50 PM »

I like to add the user name and password on the index1.html page but is not working
I upload all script files to http://compumiami.net/protect/
and the regular html page to login is on:

http://compumiami.net/index1.html

what's the line codes to make it work ?


Thank you
J Alex

Logged
Caffeine_Cadet
Newbie
*
Posts: 13


« Reply #1 on: April 03, 2012, 01:34:05 PM »

//first you'll need to create the mysql database

//make a file called dblogin
//your dblogin.php file should look like this:
<?php
define('MYSQL_HOST','localhost');
define('MYSQL_USER','root');
define('MYSQL_PASSWORD','');
define('MYSQL_DB','database');
?>
//change the parameters to match your mysql authentication parameters.

//the following will make your mysql database.
<?php
session_start();
//dblogin contains the mySQL login parameters.
require 'dblogin.php';
//variable to pass to functions for authentication with mysql
$db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD) or
    die ('Unable to connect. Check your connection parameters.');

require 'dblogin.php';

$query = 'CREATE DATABASE IF NOT EXISTS database';

mysql_query($query, $db) or die(mysql_error($db));

mysql_select_db(MYSQL_DB, $db) or die(mysql_error($db));


//creating the usergroups table
$query = 'CREATE TABLE IF NOT EXISTS permission_levels
   (
   permission_level      TINYINT      UNSIGNED   NOT NULL,
   access_name      VARCHAR(50)   NOT NULL,
   
   PRIMARY KEY (permission_level)
   )
   ENGINE = MyISAM';
   
mysql_query($query, $db) or die(mysql_error($db));


//defining the usergroups
$query = 'INSERT IGNORE INTO permission_levels
      (permission_level, access_name)
   VALUES
      (1, "Administrator"),
      (2, "User")';
      
mysql_query($query, $db) or die(mysql_error($db));


//create the user table
$query = 'CREATE TABLE IF NOT EXISTS clients
   (
   id                   INTEGER   UNSIGNED   NOT NULL   AUTO_INCREMENT      UNIQUE,
   email               VARCHAR(100)      NOT NULL   UNIQUE,
   username            VARCHAR(50)         NOT NULL   UNIQUE,
   password            CHAR(41)         NOT NULL,
   name               VARCHAR(100)      NOT NULL,
   permission_level      TINYINT UNSIGNED   NOT NULL   DEFAULT 2,
   date_joined            DATETIME         NOT NULL,
   last_login            DATETIME,
   
   PRIMARY KEY (id)
   )
   ENGINE = MyISAM';
   
mysql_query($query, $db) or die(mysql_error($db));


//populate it with an admin
$query = 'INSERT IGNORE INTO clients
      (id, name, email, username, password, permission_level, date_joined, last_login)
   VALUES
      (1, "admin", "email@email.email", "admin_name", PASSWORD("password"), 1, "' . date('Y-m-d H:i:s') . '", NULL)';

mysql_query($query, $db) or die(mysql_error($db));
?>

<html>
<head>
   <title>DATABASE CREATED</title>
</head>
<body>
<h1>Administrator Alert</h1>
<p>The database has been created and the following tables have been populated: </p>
<ul>
   <li>permission_levels</li>
   <li>clients</li>
</ul>
<p><a href="index.php">Go home?</a></p>
</body>
</html>
Logged
Caffeine_Cadet
Newbie
*
Posts: 13


« Reply #2 on: April 03, 2012, 01:35:12 PM »

//once your table is ready, heres the meat and potatoes of your login box:

//get the mysql authentication information and select the table
require

<?php
session_start();
require 'dblogin.php';
$db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD) or
    die ('Unable to connect. Check your connection parameters.');

mysql_select_db(MYSQL_DB, $db) or die(mysql_error($db));

//strip everything down. spaces, etc.  make sure that any scripts contained in the field are passified so that users dont try to mess with your script.
$username = (isset($_POST['username'])) ? $_POST['username'] : '';
$password = (isset($_POST['password'])) ? $_POST['password'] : '';

$username = stripslashes($username);
$password = stripslashes($password);

$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);

//incase you want to repopulate your username textbox with the username if someone logs out.
$tmpname = (isset($_SESSION['tmpname'])) ? $_SESSION['tmpname'] : '';
$tracker = 0;

//if the submit button is pushed, begin the following.  this is long.
if (isset($_POST['submit']))
   {
   $tracker = 1;
   $tmpname = $username;
   $query = 'SELECT
               id, permission_level, name, last_login
            FROM
               clients
            WHERE
               username = "' . $username . '" AND
               password = PASSWORD("' . $password . '")';
   
   $result = mysql_query($query, $db) or die(mysql_error($db));
   if($row = mysql_fetch_array($result))
      {
      $_SESSION['user_id'] = $row['id'];
      $_SESSION['permission_level'] = $row['permission_level'];
      $_SESSION['name'] = $row['name'];
      $_SESSION['last_login'] = $row['last_login'];   
         $query =
            'UPDATE clients SET
               last_login = "' . date('Y-m-d H:i:s') . '"
            WHERE
               id = ' . $row['id'];      
               
      mysql_query($query, $db) or die (mysql_error($db));
      }
   }


   if (isset($_SESSION['name']))
      {
      echo '<div id = "userset"><table cellspacing = "20px"><tr>';
      echo '<td>Welcome, ' . $_SESSION['name'] ;
      echo '</td><td>';
      echo '<a href = "logout.php">';
      echo "Log out " . $_SESSION['name'] . "</a>";
      if($_SESSION['permission_level'] == 1)
         {
         echo ' | <a href = "admin.php">Admin</a>';
         }
      echo ' | <a href = "profile.php">Profile</a>';
      echo '</td>';
   ?>
   
   
   <form action = "search.php" method = "get">
         <td><input type = "text" id = "search" name = "keywords"  /></td>
         <td><input type = "submit" value = "search" /></td></tr>
      </form>

   
   <?php
      date_default_timezone_set ('America/Chicago');
      echo '<tr>';
      echo '<td></td><td>';
      echo date('F j');
      echo ', ';
      echo date('Y');
      echo '&nbsp;&nbsp;';
      echo date ('H:i');
      echo '</td></tr></table></div>';
      
      }else{    
      ?>
   
    <form action = "homepage.php" method = "post">
    <table id = "loginbox" cellspacing = "20px">
      <tr>
      <th style = "color: #8af;">Please Log In</th>
      
      <th>Username:&nbsp;
      <input type = "text" id = "user" name = "username" maxlength = "20" size = "20" value = "<?php echo $tmpname; ?>" /></th>
            
      <th>Password:&nbsp;
      <input type = "password" id = "pass" name = "password" maxlength = "20" size = "20" /></th>
      
      <th><input type="submit" name = "submit" value = "" /></th>
      <th style = "color: #8af;">Or &nbsp;<a href = "register.php" title = "register">Register</a></th>
      </tr>
      
      <tr>
      <td colspan = "7" ><a href="forgot_password.php">Forgot your password?</a></td>
      </tr>
      
      <tr><td colspan = "7">
      <?php
         if ($tracker == 1)
            {
            echo 'You have enterened an invalid username and password combination.';
            }
         echo '</td></tr><tr><td colspan = "7">';
         if ($tracker == 1)
            {
            echo 'Please try again.';
            }
         echo '</td></tr>';
      ?>
   </table>
   </form>

<?php } ?>


//now for the sake of clearity, this file is suppose to be named "Homepage.php".  the input tables are designed to submit this information to this exact same page with updated parameters.
Logged
Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC