• Howdy! Welcome to our community of more than 130.000 members devoted to web hosting. This is a great place to get special offers from web hosts and post your own requests or ads. To start posting sign up here. Cheers! /Peo, FreeWebSpace.net
managed wordpress hosting

A Beginner to Coding?

Code:
CREATE TABLE IF NOT EXISTS `storage` (
  `username` int(30) NOT NULL default '',
  `password` int(30) NOT NULL default '',
  `ID` int(10) unsigned NOT NULL default '0',
  PRIMARY KEY  (`ID`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;

I can't remember it correctly right now but I think that's it.
 
allright:)

make sure you have a blank table, no rows, cols or anything.

then:
Picture 1.png

now make it look like this:
Picture 2.png

ok great! you've made your table structure.

Now go to insert. leave id blank, type in a username and a password and you're done!
 
Thanks Dynash and JohnN, I think that's it, Well mine quite doesn't look like the one it has there...it doesn't show the username or password like the one I wanted it to like does. I don't know if I did something wrong...or its a different version...I don't know.

Also, when I tried to put the script on my index.php page, I get an error looking like this:
Parse error: syntax error, unexpected T_STRING in /home/digitial/public_html/index.php on line 22

This is line 22, is there something wrong?:
Code:
$get=mysql_query("SELECT count(id) FROM login WHERE user='$user' and pass='$pass");

Also, I'm not really good at FTP...so is it bad to use the file manager on the cPanel? If not, where do I go to upload an image on the main index page?

Thanks.
 
Last edited:
Code:
$get=mysql_query("SELECT count(id) FROM `login` WHERE user=`{$user}` and pass=`{$pass}`");

Is the correct way I believe. What's with id though? It's not a mySQL loop var--oh wait, nevermind.
 
Last edited:
here is a simple login script that i hope helps you advance your knowledge. i have commented it a lot, so, i hope it helps you understand what was done.

first, you will need to create a database with a table named "login", no quotes. That table will need a couple values entered in. there is only 2 columns really needed. "user" and "pass"

make sure the password value is entered in the database as an md5 encrypted password. you can use this site for a converter.

now, create a script to allow you to connect to your database.
PHP:
<?php

$DATABASEname = "DATABASE"; // Database name
$DATABASEuser = "USER"; // User with rights to the database
$USERpassword = "PASSWORD"; // Users password
$MYSQLhost = "HOST"; // Mysql host, typically localhost

// Make the connection.
mysql_connect($MYSQLhost, $DATABASEuser, $USERpassword) OR die ('Could cont connect to MySQL: '.mysql_error());
mysql_select_db($DATABASEname) OR die ('Could not select the database: '.mysql_error() );

?>

ok, time for the fun stuff, create an index page for the login form. create a new file named "index.php"
PHP:
<?php # index.php

/*******************************************************************************
* iBright Login is a product of::
* © Method Computer Technologies ® All Rights Reserved 2006 - 2008
* 
* Author: Justin St. Germain
* 
* Method Computer Technologies
* 00+1+(480)233-5006
*
*******************************************************************************/

include ('connect.php'); // Connect to the database.

// Send NOTHING to the Web browser prior to the session_start() line!

// Check if the form has been submitted
if (isset($_POST['submitted'])) {

	$errors = array(); // Initialize error array.
	
	//Check for a username
	if (empty($_POST['username'])) { // if the username wasnt entered
		$errors[] = 'You need to enter a username.';
	} else { // find the user name
		$n = mysql_real_escape_string($_POST['username']);
	}
	
	//Check for a password
	if (empty($_POST['password'])) { // If the password was not entered
		$errors[] = 'You need to enter a password.';
	} else { // run the password that was entered through md5 encryption check
		$p =  mysql_real_escape_string(md5($_POST['password']));
	}
	
	if (empty($errors)) { //If everything's OK.
	
		/* Retrieve the user and pass
		for username and password combination */
		$query = "SELECT user, pass FROM login WHERE user='$n' AND pass='$p'";
		$result = @mysql_query ($query); // Run the query
		$row = mysql_fetch_array ($result, MYSQL_NUM); // Return a record, if applicable.
		
		if ($row) { // A record was pulled from the database.
		
			// Set the session data & redirect.
			session_name ('uID');
			session_start();
			$_SESSION['user'] = $row[0];
			$_SESSION['pass'] = $row[1];
			$_SESSION['agent'] = md5($_SERVER['HTTP_USER_AGENT']);
			
			// Redirect the user to the admin.php (SUCCESSFUL LOGIN) page.
			// Start defining the URL.
			$url = $strAdminURL;
			// Check for a trailing slash
			if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
				$url = substr ($url, 0, -1); // Chop off the slash.
			}
			// Add the page.
			$url .= '/admin.php';

			header("Location: $url");
			exit(); // Quit the script.

		} else { // No record matched the query.
			$errors[] = 'The username and password you entered do not match those on file.';  // Public Message.
		}
		
	} // End of if (empty($errors)) IF
	
	mysql_close(); // Closes the database connection.
	
} else { // Form has not been submitted.

	$errors = NULL;
	
}

//Begin the page login area now.
$page_title = 'Login';

?>

<html>
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1250">
<title><?=$pT?></title>
</head>
<body> 

Welcome to the admin panel.  Please login to start editing the site to your specifications.
<br><br>


<?

if (!empty($errors)) { // Print any error messages.
	echo '<strong>Error!</strong><br/>
		The following error(s) occured:<br/>';
	foreach ($errors as $msg) { // Print each error.
		echo " - $msg<br/>\n";
	}
	echo '<br/>Please try again.';
}

// Error message if someone trys to bypass the login.
if (isset($_GET['error'])) {
	echo 'Error!<br/>
		The following error(s) occured:<br/>';
	echo ' - Please enter a username and password to access the admin panel.';
}

// Create the form.
?>


<b>Login</b>
<form action="index.php" method="post">
	<p>Username:<br>
	<input class="textArea" type="text" name="username" size="20" maxlength="40" /><br/>
	Password:<br>
	<input class="textArea" type="password" name="password" size="20" maxlength="20" /></p>
	<p><input type="submit" name="submit" value="Login" /></p>
	<input type="hidden" name="submitted" value="TRUE" />
</form>


</body>
</html>

now, you need create a file that will check to see if someone has tried to bypass your login or not, and if they do try to, it will kick them back to the login page and display an error. name this file "process.php"
PHP:
<?php # process.php
# User is checked here after login.

session_name ('uID');
session_start(); // Start the session
		
// If no session value is present, redirect the user
if (!isset($_SESSION['agent']) OR ($_SESSION['agent'] != md5($_SERVER['HTTP_USER_AGENT'])) ) {

	// Start defining the URL
	$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
	// Check for a trailing slash
	if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
		$url = substr ($url, 0, -1); // Chop off the slash.
	}
	$url .= '/index.php?error=1'; // Add the page.
	header("Location: $url");
	exit(); // Quit the script.
	
}

?>

now that the bypass checking is done, we need to create a page to go to if you have successfully logged in. name this page "admin.php"
PHP:
<?php 

require_once ('process.php'); // Make sure that the login was not bypassed.

// If the user logged in successfully, display the following message.
echo "Welcome to the admin panel. You have built a successful login script.<br/>\n";
echo "Every login scripts needs a way to log out, so, <a href=\"logout.php\">click here</a> to end the session.\n";

?>

now we need to be able to log out. create "logout.php"
PHP:
<?php

session_name ('uID'); // define the session to logout of.
session_start(); // declare that we are using sessions
unset($_SESSION['user'], $_SESSION['pass'], $_SESSION['agent']); // unset our sessions
session_destroy(); // now destory them and remove them from the users browser

// Start defining the URL
$url = 'http://' . $_SERVER['HTTP_HOST'];

// Check for a trailing slash
if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
	$url = substr ($url, 0, -1); // Chop off the slash.
}

$url .= '/index.php'; // Add the page.

header("Location: $url"); // forward you to a page of your choice

exit(); // exit

?>

there you have it. i hope that helps you.
 
This is line 22, is there something wrong?:
Code:
$get=mysql_query("SELECT count(id) FROM login WHERE user='$user' and pass='$pass");

just put...

PHP:
$get=mysql_query("SELECT * FROM login WHERE user='$user' and pass='$pass");
 
I actually found that out a little while ago, but even when I fixed it, it still gave me the same error, I was using mysitename.com/index.php but I had to use mysitename.com/index.html

Why is it when I use the HTML extension it works, but not when I use the PHP one?
 
You missed then ending single quote on $pass. It's fixed in the below code.

Code:
$get=mysql_query("SELECT COUNT(id) FROM login WHERE user='$user' and pass='$pass'");
haha, totally passed that over. ;)
I actually found that out a little while ago, but even when I fixed it, it still gave me the same error, I was using mysitename.com/index.php but I had to use mysitename.com/index.html

Why is it when I use the HTML extension it works, but not when I use the PHP one?

explain a little more. not making much sense. :S
 
Using .htaccess :p

Code:
AddType application/x-httpd-php .html
AddType application/x-httpd-php .htm

Also using tpl files, in the smarty template engine.
 
Using .htaccess :p

Some hosts don't allow that file (Exa: T35.com) and FTP will spit out the following message:

Forbidden Filename: .htaccess

Using the workaround to get a PHP file to write an .htaccess produces an empty .htaccess file.
 
Back
Top