Login Register






SMTPMart - Buy Inbox SMTP | Leads | Shell | cPanel 100% Bonus on 1st deposit | Instant Refunds
ProxyByte $2/GB | Residential IPv4 - No Logs - 26M+ IPs - All unblocked
REFUNDING.GG | #1 REFUND SERVICE | SAME DAY REFUNDS | WORLDWIDE ORDERS | GET ITEMS 85% OFF
New Ownership - Policies and Changes Going Forward
Thread Rating:
  • 0 Vote(s) - 0 Average


MySQL and PHP simple login system filter_list
Author
Message
TheDarkNight Offline
Developer
Eleven Years of Service
Posts: 74
Threads: 5
Reputation: 0

Points: 0€
RE: MySQL and PHP simple login system 05-09-2013, 11:54 AM #11
No :facepalm: you should be using MySQLi functions as MySQL is deprecated but I guess it's good for beginners good work op.
Know PHP - HTML 5 - CSS3

Learning C

Hello there, [username] Need Help PM me now!


Please Visit my friends and I website : Creative Programming


[Image: LGqjaYA.gif]

Reply

TheDarkNight Offline
Developer
Eleven Years of Service
Posts: 74
Threads: 5
Reputation: 0

Points: 0€
RE: MySQL and PHP simple login system 05-09-2013, 11:54 AM #12
No :facepalm: you should be using MySQLi functions as MySQL is deprecated but I guess it's good for beginners good work op.
Know PHP - HTML 5 - CSS3

Learning C

Hello there, [username] Need Help PM me now!


Please Visit my friends and I website : Creative Programming


[Image: LGqjaYA.gif]

Reply

noize Offline
To create is to live twice.
Twelve Years of Service
Posts: 1,185
Threads: 62
Reputation: 0

Points: 0€
RE: MySQL and PHP simple login system 05-09-2013, 02:43 PM #13
(05-08-2013, 08:45 PM)Feurex Wrote: I have found some syntax errors, I have corrected them and here is the complete edited code.

Code:
<?php
require_once('connect.php'); // connects to the db
mysql_select_db($dbname);

if (isset($_POST['submit'])) { // this is executed when the user clicks on the submit button
        session_start();
        $username = $_POST['user'];
        $password = $_POST['pass'];        
        $conn = mysql_connect($dbhost,$dbuser,$dbpass) or die ('Error connecting to mysql');
        mysql_select_db($dbname);
        $query = sprintf("SELECT COUNT(id) FROM users WHERE UPPER(username) = UPPER('%s') AND password='%s'",
            mysql_real_escape_string($username),
            mysql_real_escape_string(($password)));
        $result = mysql_query($query);
        list($count) = mysql_fetch_row($result);
        if($count == 1) { // if we found the user/pass combination
            $_SESSION['authenticated'] = true;
            $_SESSION['username'] = $username;
                mysql_real_escape_string($username);
                mysql_real_escape_string(($password));
            mysql_query($query);
            $query = sprintf("SELECT is_admin FROM users WHERE UPPER(username) = UPPER('%s') AND password='%s'",mysql_real_escape_string($username),mysql_real_escape_string(($password)));
            $result = mysql_query($query);
            list($is_admin) = mysql_fetch_row($result);
            $query = sprintf("SELECT confirmed FROM users WHERE UPPER(username) = UPPER('%s') AND password='%s'",mysql_real_escape_string($username),mysql_real_escape_string(($password)));
            $result = mysql_query($query);
            list($confirmed) = mysql_fetch_row($result);
            if($is_admin == 0) {
                header('Location:user.php'); // is_admin = 0
            } else {
                header('Location:admin/index.php'); // is_admin = 1, or at least not 0
            }
        } else { // we didn't find the user/pass combination ?>

<span style='color:red'>
Error: username/password combination does not exist!<br>
Forgot your password? You can <font color="blue" style="text-decoration: underline; cursor: pointer;" title="Lol, just kidding, you're fucked!">get a new one</font></a>.
</span>
<?php
    }
}


$query = sprintf("SELECT id FROM users WHERE UPPER(username) = UPPER('%s')",
            mysql_real_escape_string($_SESSION['username']));
$result = mysql_query($query);
list($userID) = mysql_fetch_row($result);
$username = $_SESSION['username']; // this way we get user's username in case he is already logged in
if ($username != NULL) {
    echo 'You are logged in as ' , $username ,'.'; // if he's logged in we tell him
} else { // or else we let him log in
?>
<form method="post" action="">
<input type="text" name="user" />
<input type="password" name="pass" />
<input type="submit" value="Log in" />
<input type="hidden" name="submit" />
</form>
<?php
}
?>

You think you can remember the edits you apported and point them to me? I could actually find a redirect change to user.php only. Well, it wasn't an error in my code to redirect the user to index.php, but well it's no difference, I could actually use user.php too. The fact is I couldn't find the other changes.

(05-08-2013, 09:11 PM)1llusion Wrote: Nice tutorial Smile

However, the mysql_query extension is deprecated and will be removed eventually from PHP making your script incompatible with new versions of PHP.
I suggest anybody, who wants to keep their script up-to-date to use either MySQLi or PDO extension => http://www.php.net/manual/en/mysqlinfo.api.choosing.php

(05-09-2013, 11:54 AM)TheDarkNight Wrote: No :facepalm: you should be using MySQLi functions as MySQL is deprecated but I guess it's good for beginners good work op.

Thanks, I had heard of mysql_query's deprecation, but, actually I couldn't stop using it. :lol:

I'll surely have a look at what will take place over it soon, I swear.
My Bitcoin address: 1AtxVsSSG2Z8JfjNy9KNFDUN6haeKr7LiP
Give me money by visiting www.google.com here: http://coin-ads.com/6Ol83U

If you want a Bitcoin URL shortener/advertiser, please, use this referral: http://coin-ads.com/register.php?refid=noize

Reply

noize Offline
To create is to live twice.
Twelve Years of Service
Posts: 1,185
Threads: 62
Reputation: 0

Points: 0€
RE: MySQL and PHP simple login system 05-09-2013, 02:43 PM #14
(05-08-2013, 08:45 PM)Feurex Wrote: I have found some syntax errors, I have corrected them and here is the complete edited code.

Code:
<?php
require_once('connect.php'); // connects to the db
mysql_select_db($dbname);

if (isset($_POST['submit'])) { // this is executed when the user clicks on the submit button
        session_start();
        $username = $_POST['user'];
        $password = $_POST['pass'];        
        $conn = mysql_connect($dbhost,$dbuser,$dbpass) or die ('Error connecting to mysql');
        mysql_select_db($dbname);
        $query = sprintf("SELECT COUNT(id) FROM users WHERE UPPER(username) = UPPER('%s') AND password='%s'",
            mysql_real_escape_string($username),
            mysql_real_escape_string(($password)));
        $result = mysql_query($query);
        list($count) = mysql_fetch_row($result);
        if($count == 1) { // if we found the user/pass combination
            $_SESSION['authenticated'] = true;
            $_SESSION['username'] = $username;
                mysql_real_escape_string($username);
                mysql_real_escape_string(($password));
            mysql_query($query);
            $query = sprintf("SELECT is_admin FROM users WHERE UPPER(username) = UPPER('%s') AND password='%s'",mysql_real_escape_string($username),mysql_real_escape_string(($password)));
            $result = mysql_query($query);
            list($is_admin) = mysql_fetch_row($result);
            $query = sprintf("SELECT confirmed FROM users WHERE UPPER(username) = UPPER('%s') AND password='%s'",mysql_real_escape_string($username),mysql_real_escape_string(($password)));
            $result = mysql_query($query);
            list($confirmed) = mysql_fetch_row($result);
            if($is_admin == 0) {
                header('Location:user.php'); // is_admin = 0
            } else {
                header('Location:admin/index.php'); // is_admin = 1, or at least not 0
            }
        } else { // we didn't find the user/pass combination ?>

<span style='color:red'>
Error: username/password combination does not exist!<br>
Forgot your password? You can <font color="blue" style="text-decoration: underline; cursor: pointer;" title="Lol, just kidding, you're fucked!">get a new one</font></a>.
</span>
<?php
    }
}


$query = sprintf("SELECT id FROM users WHERE UPPER(username) = UPPER('%s')",
            mysql_real_escape_string($_SESSION['username']));
$result = mysql_query($query);
list($userID) = mysql_fetch_row($result);
$username = $_SESSION['username']; // this way we get user's username in case he is already logged in
if ($username != NULL) {
    echo 'You are logged in as ' , $username ,'.'; // if he's logged in we tell him
} else { // or else we let him log in
?>
<form method="post" action="">
<input type="text" name="user" />
<input type="password" name="pass" />
<input type="submit" value="Log in" />
<input type="hidden" name="submit" />
</form>
<?php
}
?>

You think you can remember the edits you apported and point them to me? I could actually find a redirect change to user.php only. Well, it wasn't an error in my code to redirect the user to index.php, but well it's no difference, I could actually use user.php too. The fact is I couldn't find the other changes.

(05-08-2013, 09:11 PM)1llusion Wrote: Nice tutorial Smile

However, the mysql_query extension is deprecated and will be removed eventually from PHP making your script incompatible with new versions of PHP.
I suggest anybody, who wants to keep their script up-to-date to use either MySQLi or PDO extension => http://www.php.net/manual/en/mysqlinfo.api.choosing.php

(05-09-2013, 11:54 AM)TheDarkNight Wrote: No :facepalm: you should be using MySQLi functions as MySQL is deprecated but I guess it's good for beginners good work op.

Thanks, I had heard of mysql_query's deprecation, but, actually I couldn't stop using it. :lol:

I'll surely have a look at what will take place over it soon, I swear.
My Bitcoin address: 1AtxVsSSG2Z8JfjNy9KNFDUN6haeKr7LiP
Give me money by visiting www.google.com here: http://coin-ads.com/6Ol83U

If you want a Bitcoin URL shortener/advertiser, please, use this referral: http://coin-ads.com/register.php?refid=noize

Reply

TheDarkNight Offline
Developer
Eleven Years of Service
Posts: 74
Threads: 5
Reputation: 0

Points: 0€
RE: MySQL and PHP simple login system 05-09-2013, 02:48 PM #15
(05-09-2013, 02:43 PM)noize Wrote:
(05-08-2013, 08:45 PM)Feurex Wrote: I have found some syntax errors, I have corrected them and here is the complete edited code.

Code:
<?php
require_once('connect.php'); // connects to the db
mysql_select_db($dbname);

if (isset($_POST['submit'])) { // this is executed when the user clicks on the submit button
        session_start();
        $username = $_POST['user'];
        $password = $_POST['pass'];        
        $conn = mysql_connect($dbhost,$dbuser,$dbpass) or die ('Error connecting to mysql');
        mysql_select_db($dbname);
        $query = sprintf("SELECT COUNT(id) FROM users WHERE UPPER(username) = UPPER('%s') AND password='%s'",
            mysql_real_escape_string($username),
            mysql_real_escape_string(($password)));
        $result = mysql_query($query);
        list($count) = mysql_fetch_row($result);
        if($count == 1) { // if we found the user/pass combination
            $_SESSION['authenticated'] = true;
            $_SESSION['username'] = $username;
                mysql_real_escape_string($username);
                mysql_real_escape_string(($password));
            mysql_query($query);
            $query = sprintf("SELECT is_admin FROM users WHERE UPPER(username) = UPPER('%s') AND password='%s'",mysql_real_escape_string($username),mysql_real_escape_string(($password)));
            $result = mysql_query($query);
            list($is_admin) = mysql_fetch_row($result);
            $query = sprintf("SELECT confirmed FROM users WHERE UPPER(username) = UPPER('%s') AND password='%s'",mysql_real_escape_string($username),mysql_real_escape_string(($password)));
            $result = mysql_query($query);
            list($confirmed) = mysql_fetch_row($result);
            if($is_admin == 0) {
                header('Location:user.php'); // is_admin = 0
            } else {
                header('Location:admin/index.php'); // is_admin = 1, or at least not 0
            }
        } else { // we didn't find the user/pass combination ?>

<span style='color:red'>
Error: username/password combination does not exist!<br>
Forgot your password? You can <font color="blue" style="text-decoration: underline; cursor: pointer;" title="Lol, just kidding, you're fucked!">get a new one</font></a>.
</span>
<?php
    }
}


$query = sprintf("SELECT id FROM users WHERE UPPER(username) = UPPER('%s')",
            mysql_real_escape_string($_SESSION['username']));
$result = mysql_query($query);
list($userID) = mysql_fetch_row($result);
$username = $_SESSION['username']; // this way we get user's username in case he is already logged in
if ($username != NULL) {
    echo 'You are logged in as ' , $username ,'.'; // if he's logged in we tell him
} else { // or else we let him log in
?>
<form method="post" action="">
<input type="text" name="user" />
<input type="password" name="pass" />
<input type="submit" value="Log in" />
<input type="hidden" name="submit" />
</form>
<?php
}
?>

You think you can remember the edits you apported and point them to me? I could actually find a redirect change to user.php only. Well, it wasn't an error in my code to redirect the user to index.php, but well it's no difference, I could actually use user.php too. The fact is I couldn't find the other changes.

(05-08-2013, 09:11 PM)1llusion Wrote: Nice tutorial Smile

However, the mysql_query extension is deprecated and will be removed eventually from PHP making your script incompatible with new versions of PHP.
I suggest anybody, who wants to keep their script up-to-date to use either MySQLi or PDO extension => http://www.php.net/manual/en/mysqlinfo.api.choosing.php

(05-09-2013, 11:54 AM)TheDarkNight Wrote: No :facepalm: you should be using MySQLi functions as MySQL is deprecated but I guess it's good for beginners good work op.

Thanks, I had heard of mysql_query's deprecation, but, actually I couldn't stop using it. :lol:

I'll surely have a look at what will take place over it soon, I swear.

This is the most explain tutorial that i learn't to use MySQLi idk if you will like it but it is http://www.phpknowhow.com/mysql/mysqli-p...functions/ Enjoy =D :thumbs:
Know PHP - HTML 5 - CSS3

Learning C

Hello there, [username] Need Help PM me now!


Please Visit my friends and I website : Creative Programming


[Image: LGqjaYA.gif]

Reply

TheDarkNight Offline
Developer
Eleven Years of Service
Posts: 74
Threads: 5
Reputation: 0

Points: 0€
RE: MySQL and PHP simple login system 05-09-2013, 02:48 PM #16
(05-09-2013, 02:43 PM)noize Wrote:
(05-08-2013, 08:45 PM)Feurex Wrote: I have found some syntax errors, I have corrected them and here is the complete edited code.

Code:
<?php
require_once('connect.php'); // connects to the db
mysql_select_db($dbname);

if (isset($_POST['submit'])) { // this is executed when the user clicks on the submit button
        session_start();
        $username = $_POST['user'];
        $password = $_POST['pass'];        
        $conn = mysql_connect($dbhost,$dbuser,$dbpass) or die ('Error connecting to mysql');
        mysql_select_db($dbname);
        $query = sprintf("SELECT COUNT(id) FROM users WHERE UPPER(username) = UPPER('%s') AND password='%s'",
            mysql_real_escape_string($username),
            mysql_real_escape_string(($password)));
        $result = mysql_query($query);
        list($count) = mysql_fetch_row($result);
        if($count == 1) { // if we found the user/pass combination
            $_SESSION['authenticated'] = true;
            $_SESSION['username'] = $username;
                mysql_real_escape_string($username);
                mysql_real_escape_string(($password));
            mysql_query($query);
            $query = sprintf("SELECT is_admin FROM users WHERE UPPER(username) = UPPER('%s') AND password='%s'",mysql_real_escape_string($username),mysql_real_escape_string(($password)));
            $result = mysql_query($query);
            list($is_admin) = mysql_fetch_row($result);
            $query = sprintf("SELECT confirmed FROM users WHERE UPPER(username) = UPPER('%s') AND password='%s'",mysql_real_escape_string($username),mysql_real_escape_string(($password)));
            $result = mysql_query($query);
            list($confirmed) = mysql_fetch_row($result);
            if($is_admin == 0) {
                header('Location:user.php'); // is_admin = 0
            } else {
                header('Location:admin/index.php'); // is_admin = 1, or at least not 0
            }
        } else { // we didn't find the user/pass combination ?>

<span style='color:red'>
Error: username/password combination does not exist!<br>
Forgot your password? You can <font color="blue" style="text-decoration: underline; cursor: pointer;" title="Lol, just kidding, you're fucked!">get a new one</font></a>.
</span>
<?php
    }
}


$query = sprintf("SELECT id FROM users WHERE UPPER(username) = UPPER('%s')",
            mysql_real_escape_string($_SESSION['username']));
$result = mysql_query($query);
list($userID) = mysql_fetch_row($result);
$username = $_SESSION['username']; // this way we get user's username in case he is already logged in
if ($username != NULL) {
    echo 'You are logged in as ' , $username ,'.'; // if he's logged in we tell him
} else { // or else we let him log in
?>
<form method="post" action="">
<input type="text" name="user" />
<input type="password" name="pass" />
<input type="submit" value="Log in" />
<input type="hidden" name="submit" />
</form>
<?php
}
?>

You think you can remember the edits you apported and point them to me? I could actually find a redirect change to user.php only. Well, it wasn't an error in my code to redirect the user to index.php, but well it's no difference, I could actually use user.php too. The fact is I couldn't find the other changes.

(05-08-2013, 09:11 PM)1llusion Wrote: Nice tutorial Smile

However, the mysql_query extension is deprecated and will be removed eventually from PHP making your script incompatible with new versions of PHP.
I suggest anybody, who wants to keep their script up-to-date to use either MySQLi or PDO extension => http://www.php.net/manual/en/mysqlinfo.api.choosing.php

(05-09-2013, 11:54 AM)TheDarkNight Wrote: No :facepalm: you should be using MySQLi functions as MySQL is deprecated but I guess it's good for beginners good work op.

Thanks, I had heard of mysql_query's deprecation, but, actually I couldn't stop using it. :lol:

I'll surely have a look at what will take place over it soon, I swear.

This is the most explain tutorial that i learn't to use MySQLi idk if you will like it but it is http://www.phpknowhow.com/mysql/mysqli-p...functions/ Enjoy =D :thumbs:
Know PHP - HTML 5 - CSS3

Learning C

Hello there, [username] Need Help PM me now!


Please Visit my friends and I website : Creative Programming


[Image: LGqjaYA.gif]

Reply

sitehost Offline
Junior Member
Eleven Years of Service
Posts: 10
Threads: 0
Reputation: 0

Points: 0€
RE: MySQL and PHP simple login system 08-06-2013, 02:09 PM #17
Thanks for the Script, The only thing I would change is Encoding the password and possibly the user name in SQL, with a private key.

Thanks!!!
Quote:This is the most explain tutorial that i learn't to use MySQLi idk if you will like it but it is http://www.phpknowhow.com/mysql/mysqli-p...functions/ Enjoy =D :thumbs:

I was reluctant to use mySQLi at first, and omg it has shorten my code so much and makes things so much more secure.!!!

Reply

xxterorxx Offline
Junior Member
Eleven Years of Service
Posts: 6
Threads: 0
Reputation: 0

Points: 0€
RE: MySQL and PHP simple login system 08-16-2013, 06:22 PM #18
Thanks a lot Smile

Reply

4th Dimension Offline
Junior Member
Twelve Years of Service
Posts: 8
Threads: 0
Reputation: 0

Points: 0€
RE: MySQL and PHP simple login system 08-19-2013, 02:49 AM #19
Great tutorial, really helps. Thanks for sharing!

Reply

matsoglo Offline
Junior Member
Eleven Years of Service
Posts: 6
Threads: 0
Reputation: 0

Points: 0€
RE: MySQL and PHP simple login system 08-21-2013, 04:32 PM #20
Thanks m8 for this tut!!!!!! Very Helpfull

Reply







Users browsing this thread: 2 Guest(s)