Php Programming Code Examples

Php > User Management Code Examples

Authentication the Easy Way

Authentication the Easy Way //save this file as //index.php <?php //this uses sessions - see the php manual if you are confused on this part session_start(); //start session //see the php manual for the reasons on the SID part ?> <html> <head> </head> <body> <form method="POST" action="sendto.php?<?=SID?>"> <? //setting the error messages to match the type of error //this message is if no username/password pair is entered if ($error==1){ echo "<font color=\"#FF0000\" face=\"arial\" size=\"2\">"; echo "Invalid Login - Please try again"; echo "</font>"; echo "<br>"; session_destroy(); } //this message is if the wrong username/password pair is entered if ($error==2){ echo "<font color=\"#FF0000\" face=\"arial\" size=\"2\">"; echo "Unauthorized Access - Please Login"; echo "</font>"; echo "<br>"; session_destroy(); } //this message is if the cookie has expired if ($error==3){ echo "<font color=\"#FF0000\" face=\"arial\" size=\"2\">"; echo "Session has expired - Please Login"; echo "</font>"; echo "<br>"; session_destroy(); } //setting the form now for input ?> name:<br> <input type="text" name="username" size="20"> <br> password: <br> <input type="password" name="password" size="20"> <br> <input type="submit" value="Submit" name="B1"> <br> <input type="reset" value="Reset" name="B2"> </form> </body> </html> //end //**************************************** //save this file as //sendto.php <?php //this file is the gateway file. dont put anything to display here, because it is meant as a reroute session_start(); //start the session //i used an include file for all of my db stuff, makes it a LOT easier for creating new pages include("includedb.php"); //added this part because if someone hits submit with the username/password boxes empty, you could get in //so i set the string length to less than two, but you can use any number you wish - its dependent //on how long your usernames and passwords must be $loginstr="$username"."$password"; $loginstrlen=strlen($loginstr); if ($loginstrlen<2){ //confused on headers? see the manual //this means - go to index.php Header("Location: index.php"); $error = 1; session_register("error"); } //this part is from phpbuilder.com if (@$username && @$password) { $res = @mysql_query("SELECT username,password FROM $connectdb1 WHERE username='$username' AND password='$password'"); if(@mysql_num_rows($res) != 0) { Header("Location: pageone.php"); $verified_user = $username; $verified_userpw = $password; session_register("verified_user"); session_register("verified_userpw"); //setting a cookie to expire in 60 seconds (you can change it) //this will not let someone do something after a certain amount(60 seconds) of inactivity // //change the domain to match yours //or else you will have problems //dont forget to use two .'s setcookie("time",$PHPSESSID,time()+60,"/",".mydomain.com",0); } else { //if you are bad, you go back and reenter your password, mister! Header("Location: index.php"); $error = 1; session_register("error"); } } ?> //**************************************** //save this file as //header.php <? session_start(); //db stuff $connection = mysql_connect("localhost","mydb","mydb") or die ("Could not connect to the MySQL Server"); $db = mysql_select_db("mydb", $connection) or die ("Unable to select database."); $connectdb1="users"; $res = @mysql_query("SELECT username FROM $connectdb1 WHERE username='$verified_user' AND password='$verified_userpw'"); if(@mysql_num_rows($res) == 0) { Header("Location: index.php"); $error = 2; session_register("error"); } //using our good friend cookie here $time=$HTTP_COOKIE_VARS["time"]; $timesl=strlen($time); if($timesl<1) { Header("Location: index.php"); $error = 3; session_register("error"); } //if no problems, reset the cookie to expire 60 seconds from now //see the above file about the domain thing here setcookie("time",$PHPSESSID,time()+60,"/",".mydomain.com",0); ?> //**************************************** //save this file as //includedb.php <? //simple db connect //used for sendto.php //remove this next line if you are having problems - ssc955s 6/20/2001 session_start(); $connection = mysql_connect("localhost","mydb","mydb") or die ("Could not connect to the MySQL Server"); $db = mysql_select_db("mydb", $connection) or die ("Unable to select database."); $connectdb1="users"; ?> //**************************************** //save this file as //pageone.php <?php //add the db stuff include("header.php"); //for testing purposes, you can see what the username/password is, and i added the //this is page one part so you can reference the page //all of this part is unecessary echo "this is page one"; echo "<br>Your username is: "; echo $verified_user; echo "<br>Your password is: "; echo $verified_userpw; //add your database query here $sql1 = "SELECT color FROM $connectdb1 WHERE username=\"$verified_user\""; $sql_result1 = mysql_query($sql1,$connection) or die ("Cant do sql1"); while ($row = mysql_fetch_object($sql_result1)) { $color=$row->color; } //you can add whatever you like from this point on ?> <br> You did good. this is pageone.php. now go to <a href="pagetwo.php">pagetwo.php</a> <hr> <? //i added a variable to output echo $color; ?> <hr> <? //adds the logout button include ("logoutform.php"); ?> //**************************************** //save this file as //pagetwo.php <?php //add the db stuff include("header.php"); echo "i knew you could do it!"; echo "<br>"; //add your database query here $sql1 = "SELECT color FROM $connectdb1 WHERE username=\"$verified_user\""; $sql_result1 = mysql_query($sql1,$connection) or die ("Cant do sql1"); while ($row = mysql_fetch_object($sql_result1)) { $color=$row->color; } //you can add whatever you like from this point on ?> <br> You did good. this is pagetwo.php. now go to <a href="pageone.php">pageone.php</a> <hr> <? //i added a variable to output echo $color; ?> <hr> <? //adds the logout button include ("logoutform.php"); ?> //**************************************** //save this file as //logout.php <?php //pretty easy, you are done //and kill all the variables //aka hiding the evidence session_start(); //sending you to a custom 'buh-bye' page Header("Location: bye.php"); $verified_user = " "; $verified_userpw = " "; session_register("verified_user"); session_register("verified_userpw"); session_destroy(); ?> //**************************************** //save this file as //logoutform.php <?php echo " <form method=\"POST\" action=\"logout.php\"> <input type=\"submit\" value=\"Logout\"> </form> "; ?> //**************************************** //save this file as //bye.php <?php //custom 'buh-bye' page echo "thanks for visiting"; echo "<br>"; echo "<a href=\"index.php\">Login Again</a>"; echo "<hr>"; echo "bet you would like to try to get back into page one without logging in, huh?"; echo "<br>"; echo "go ahead and try, but don't say I didn't warn you!!"; echo "<br>"; echo "<a href=\"pageone.php\">pageone.php"; ?> //thats it. //not terribly sophisticated, but it does work //you can combine this with other things on this site //to develop a cool system

Dump DOM tree to file

Dynamic WHERE CLAUSE depending on number of FORM FIELDS

Adding dashes to credit card numbers

Getservbyport function returns the name of the service that uses a specified port

WebServerSpy checks which kind of Webserver is running, Apache, Netscape

Credit card Validation

Constantly refresh your PHP-HTML page data

PHP MIME Decoder. This class decodes Mime Encoded email message

Campaign Mailer - Allows sending emails to a mailing list with multiple classes

This is a function to display a table for Postgres results

Display all available background colours

This simple function will take a few arguments and easily set a associative