easy login script

[raversworld]

is there any free easy login scripts out there?

[stuffradio]

Try this:

login.php

PHP Code:

<?php
require_once('config.php'); // The file that connects to your database

if ($_POST['username'] == $user[username] && $_POST['password'] == $user['password']) {
session_register('username'); // registers the session
session_start(); // starts the session of the user
header("Location: file.php"); // redirects the user to the page you want them to
} else {
die('The username/password combination does not exist or you haven't registered yet.); // If the username/password is wrong the script dies
}

config.php

PHP Code:

<?php
session_start();

mysql_connect("localhost", "mysql_database", "mysql_password"); // connects to the server with username/password
mysql_select_db("database"); // selects database 

$check = mysql_query("SELECT * FROM `user_table` WHERE `username`='$_SESSION[username]' AND `password`='$_GET[password]'") OR DIE (mysql_error()); // The query for selecting data from your database where username = your_username and password = your_password

$user = mysql_fetch_array($check); // Fetches the information from your query and puts it in to an array
?>

login.html

HTML Code:

<html>
<head>
<title>Account Login</title>
</head>

<body>
<form action="login.php" method="post">
       <table width="500" border="1" bordercolor="black" cellpadding="0" cellspacing="0">
     <tr>
<td>Username:</td> <td><input type="text" name="username"></td>
           </tr>
     <tr>
<td>Password:</td> <td><input type="password" name="password"></td>
           </tr>
     <tr>
<td colspan="2"><center><input type="submit" value="Login"></td>
          </tr>
</table></form>
</body>
</html>

Note: I just coded this on the spot... hasn't been tested or anything, please edit to your preferences. Also let me know what you think of it.

[raversworld]

sorry haven't really check this thread in a while h/o

[blueonline]

check out this thread..
http://freewebspace.net/forums/showthread.php?t=2180343

[iBrightDev]

first things first, need to connect to the database befor eyou can check for a login name and password

make a folder called "includes", and a file called "phpconnect.php"

PHP Code:

<?php #phpconnect.php

//error_reporting(E_ALL);

// Set the database access information as constants.
DEFINE ('DB_USER', 'PUT DATABASE USERNAME HERE');
DEFINE ('DB_PASSWORD', 'PUT YOUR PASSWORD HERE');
DEFINE ('DB_HOST', 'localhost  NORMALLY IT IT localhost, BOT IF NOT, CHANGE');
DEFINE ('DB_NAME', 'PUT YOUR DATABASE NAME HERE');

// Make the connection.
$dbc = @mysql_connect (DB_HOST, DB_USER, DB_PASSWORD) OR die ('Could cont connect to MySQL: ' . mysql_error() );

// Select the database.
@mysql_select_db (DB_NAME) OR die ('Could not select the database: ' . mysql_error() );

?>

next you will eed a page to put the info in to try and log in to the admin area. make a file named "index.php" and put it in a folder named "admin" (put the includes folder in the admin file too.) this index file will be the login page.

PHP Code:

<?php # index.php

// Send NOTHING to the Web browser prior to the session_start() line!

// Check if the form has been submitted
if (isset($_POST['submitted'])) {

require_once('includes/phpconnect.php'); // Connect to the database.

    $errors = array(); // Initialize error array.
    
    //Check for a username
    if (empty($_POST['username'])) {
        $errors[] = 'You need to enter a username.';
    } else {
        $n = $_POST['username'];
    }
    
    //Check for a password
    if (empty($_POST['password'])) {
        $errors[] = 'You need to enter a password.';
    } else {
        $p = $_POST['password'];
    }
    
    if (empty($errors)) { //If everything's OK.
    
        /* Retrieve the user and pass
        for username and password combination */
        $query = "SELECT user, pass FROM login WHERE user='$n' AND pass='$p'";
        $result = @mysql_query ($query); // Run the query
        $row = mysql_fetch_array ($result, MYSQL_NUM); // Return a record, if applicable.
        
        if ($row) { // A record was pulled from the database.
        
            // Set the session data & redirect.
            session_name ('uID');
            session_start();
            $_SESSION['user'] = $row[0];
            $_SESSION['pass'] = $row[1];
            $_SESSION['agent'] = md5($_SERVER['HTTP_USER_AGENT']);
            
            // Redirect the user to the loggedin.php page.
            // Start defining the URL.
            $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
            // Check for a trailing slash
            if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
                $url = substr ($url, 0, -1); // Chop off the slash.
            }
            // Add the page.
            $url .= '/admin.php';
            
            header("Location: $url");
            exit(); // Quit the script.
            
        } else { // No record matched the query.
            $errors[] = 'The username and password you entered do not match those on file.';  // Public Message.
            $errors[] = mysql_error() . '<br/><br/>Query: ' . $query; // Debugging message.
        }
        
    } // End of if (empty($errors)) IF
    
    mysql_close(); // Closes the database connection.
    
} else { // Form has not been submitted.

    $errors = NULL;
    
}

//Begin the page login area now.
$page_title = 'Login';
include('includes/admin_header.php');

if (!empty($errors)) { // Print any error messages.
    echo '<b>Error!</b>
    <p>The following error(s) occured:<br/>';
    foreach ($errors as $msg) { // Print each error.
        echo " - $msg<br/>\n";
    }
    echo '</p><p>Please try again.</p>';
}

// Create the form.

// Error message if someone trys to bypass the login.
if (isset($_GET['error'])) {
    echo '<p>You must login before trying to access the admin panel.</p>';
}

?>

<b>Login</b>
<form action="index.php" method="post">
    <p>Username:<br>
    <input type="text" name="username" size="20" maxlength="40" /><br/>
    Password:<br>
    <input type="password" name="password" size="20" maxlength="20" /></p>
    <p><input type="submit" name="submit" value="Login" /></p>
    <input type="hidden" name="submitted" value="TRUE" />
</form>

next you will need a page to direct to once you are logged in, so, make a file names "admin.php" and put it in the admin folder

PHP Code:

<?php #admin.php

require_once ('process.php');
include ('includes/phpconnect.php'); 

                                if ( (isset($_SESSION['user'])) && (!strpos($_SERVER['PHP_SELF'], 'logout.php')) ) {
                                    echo'<a href="admin.php">Admin Home</a> | <a href="logout.php" title="Logout">Logout</a><br/><br/>';
                                } else {
                                    echo '';
                                }

echo 'Welcome to the Admin Panel.';

?>

you will notice that the scirpt will not work if you end here. at the top of the admin.php file, you should have noticed a call to the process.php file. Well, dont panic, I havnet posted that code yet. what the process.php file will do is check to see if you are logged in. if you arent, it will redirect you to the login page. so, make a file called "process.php" and put it in the admin folder.

PHP Code:

<?php # process.php
# User is checked here after login.

session_name ('uID');
session_start(); // Start the session

// If no session value is present, redirect the user
if (!isset($_SESSION['agent']) OR ($_SESSION['agent'] != md5($_SERVER['HTTP_USER_AGENT'])) ) {

    // Start defining the URL
    $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
    // Check for a trailing slash
    if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
        $url = substr ($url, 0, -1); // Chop off the slash.
    }
    $url .= '/index.php?error=1'; // Add the page.
    header("Location: $url");
    exit(); // Quit the script.
}


?>

now, last but not least, you will want a logout file too so that the logout link you created in the admin panel will work. so, create a file named "logout.php"

PHP Code:

<?php #logout.php

session_name ('uID'); // define the session to logout of.
session_start(); // declare that we are using sessions
unset($_SESSION['user'], $_SESSION['pass'], $_SESSION['agent']); // unset our sessions
session_destroy(); // now destory them and remove them from the users browser

// Start defining the URL
$url = 'http://' . $_SERVER['HTTP_HOST'];

// Check for a trailing slash
if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
    $url = substr ($url, 0, -1); // Chop off the slash.
}

$url .= '/index.php'; // Add the page.

header("Location: $url"); // forward you to a page of your choice

exit(); // exit

?>

[raversworld]

thanx all

[iBrightDev]

one thing i forgot to mention above is that you need to have a mysql database for the above code to work.

here is the setup for the table

just create a new table that is set up like this one

------------------------------

-- Table structure for table `login`
--

CREATE TABLE `login` (
`id` int(25) NOT NULL auto_increment,
`user` varchar(30) default NULL,
`pass` varchar(30) default NULL,
`email` varchar(100) default NULL,
`level` int(1) default NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;

--
-- Dumping data for table `login`
--

INSERT INTO `login` VALUES (1, 'NAME HERE', 'PASSWORD HERE - MD5 PASSWORD IF NEEDED', 'EMAIL ADDRESS HERE', ADMIN OR DEMO LEVEL ACCOUNT HERE - 1 FOR ADMIN 0 FOR DEMO);