Show DevBest [PHP] Membership system.

Alam

shietttt
Jul 3, 2011
433
166
Hello,
Here is a basic & simple PHP script wrote from scratch on my own.

The system includes :
  • Login page
  • Config page
  • Registration page
  • Md5 encryption
  • Members page
  • Logout page
  • account page (change username & password)
  • Simple database structure.
--
Config page :

PHP:
<?php
 
$dbhost = "localhost";
$dbuser = "root";
$dbpass = "";
$dbname = "php";
 
 
mysql_connect($dbhost,$dbuser,$dbpass);
mysql_select_db($dbname);
 
 
 
 
 
 
 
?>

Index/Login page :

PHP:
<?php
session_start();
 
include 'config.php';
 
$username = mysql_real_escape_string($_POST['username']);
$password = $_POST['password'];
 
if(isset($_POST['submit']))
{
if(!empty($username)&&!empty($password))
{
    $query = mysql_query("SELECT * FROM users WHERE username='$username'");
    $id1 = mysql_query("SELECT id FROM users WHERE username='$username'");
    $numrows = mysql_num_rows($query);
 
    while ($row = mysql_fetch_array($id1))
    {
        $id = $row['id'];
    }
 
 
    if($numrows!=0)
    {
      while ($row = mysql_fetch_assoc($query))
      {
          $user = $row['username'];
          $pass = $row['password'];
      }
 
      if($username==$user&&md5($password)==$pass)
      {
          $_SESSION['user']=$username;
          $_SESSION['user_id']=$id;
          header("location: me.php");
 
      }
      else
        echo "Your password is incorrect, please try again.";
 
    }
    else
      echo "The user $username does not exist";
 
}
else
  echo "Please enter your username and password.";
 
}
 
if($_SESSION['user'])
{
  header("location: me.php");
}
else
{
echo "<html>
    <head>
        <title>Login page</title>
    </head>
 
    <body>
        <form action='index.php' method='POST'>
          Username : <input type='text' name='username'>
          Password : <input type='password' name='password'>
          <input type='submit' name='submit' value='Login'>
        </form>
 
    </body>
</html>";
 
?>

Registration Page :
PHP:
<?php
include 'config.php';
 
$username = strip_tags($_POST['username']);
$email = strip_tags($_POST['email']);
$password = strip_tags($_POST['password']);
$repeatpassword = strip_tags($_POST['repeatpassword']);
 
 
if (isset($_POST['submit'])) {
 
 
    if ($username && $email && $password && $repeatpassword) {
        if ($password == $repeatpassword) {
            if (strlen($username) > 30) {
                echo "Your username can't be longer than 30 characters.";
            } else {
                if (strlen($email) < 6) {
                    echo "This email is invalid.";
                } else {
                    if (strlen($password) > 35 || strlen($password) < 6) {
                        echo "Your password must be between 6 and 35 characters.";
                    } else {
                        $ch = mysql_query("SELECT username FROM users WHERE username='$username'");
                        $check = mysql_num_rows($ch);
 
                        if ($check != 0) {
                            echo "The username $username already exists.";
                        } else {
 
                            $hashpassword = md5($password);
                            $insert = "INSERT INTO users (username,email,password) VALUES ('$username','$email','$hashpassword')";
                            mysql_query($insert);
                            $_SESSION['user']=$username;
                            $_SESSION['user_id']=$id;
                            header("location: me.php");
                        }
                    }
                }
            }
        }
        else
            echo "Password does not match";
    }
    else
        echo "Please fill in all the fields";
 
    }
 
 
?>
 
 
 
 
 
<html>
    <head>
        <title>Register page</title>
    </head>
 
    <body>
        <form action="register.php" method="POST">
            Username
            <br />
            <input type="text" name="username">
            <br />
            Email
            <br />
            <input type="text" name="email">
            <br />
            Password
            <br />
            <input type="password" name="password">
            <br />
            Repeat password
            <br />
            <input type="password" name="repeatpassword">
            <br />
            <input type="submit" name="submit" value="Create account">
 
 
        </form>
 
    </body>
 
 
</html>

Me.php page :
PHP:
<?php
session_start();
 
if($_SESSION['user'])
{
  echo "<a href='me.php'>". $_SESSION['user'] ."</a> |";
  echo " <a href='account.php'>My account </a> |<a href='logout.php'>Logout</a>";
}
else
  echo "You must be logged in to view this page.";
 
?>

Logout page :
PHP:
<?php
 
session_start();
 
session_destroy();
 
header("location: index.php");
 
?>

Account page :
PHP:
<?php
 
session_start();
 
    $username = strip_tags($_POST['username']);
    $cpassword = $_POST['cpassword'];
    $npassword = $_POST['npassword'];
    mysql_connect("localhost", "root", "");
    mysql_select_db("php");
    $update = "UPDATE users SET username = '$username' WHERE id = '". $_SESSION['user_id'] ."'";
    $check = mysql_query("SELECT username FROM users WHERE username='$username'");
    $pwcheck = mysql_query("SELECT password FROM users WHERE username='$username'");
    $numrows = mysql_num_rows($check);
 
if (isset($_POST['eu'])) {
 
 
 
    if ($username) {
 
        if ($numrows!=0)
 
    {
        echo "This username already exists!";
    }
    else
    {
          mysql_query($update);
          session_start();
 
          session_destroy();
 
          header("location: logout.php");
    }
 
    }
    else
        echo "Please enter a username";
 
}
else
{
    if(isset($_POST['ue']))
 
    {
 
        if ($cpassword&&$npassword)
        {
 
while($row = mysql_fetch_assoc($pwcheck))
{
    $dbpass = $row['password'];
}
 
$hcpassword = md5($cpassword);
$hnpassword = md5($npassword);
 
if ($hcpassword==$dbpass)
{
    if (strlen($npassword)>35 || strlen($npassword)<6)
    {
        echo "Your password must be between 6 and 25 characters.";
    }
    else
    {
        $updatepass = "UPDATE users SET password = '$hnpassword' WHERE id='". $_SESSION['user_id'] ."'";
        mysql_query($updatepass);
        echo "Your password has been changed.";
    }
}
else
{
  echo "This is not your current password.";
}
        }
        else
          echo "Please field in both fields.";
 
    }
}
 
if (!$_SESSION['user_id']) {
    echo "you must be logged in to view this page";
} else {
    echo "<head>
      <title>My account</title>
    </head>
 
    <body>
 
        <form action='account.php' method='POST'>
            <h1>Username</h1> <a href='me.php'>Go back</a>
          Edit username <br /> <input type='text' name='username'>  <input type='submit' name='eu' value='Update account'></form>
          </form>
          <form action='account.php' method='POST'><br />
          <h1>Change password</h1>
          <input type=\"hidden\" name=\"username\" value=\"". $_SESSION['user'] ."\" />
            Current password <br/> <input type='password' name='cpassword'>
          <br />
          New password
          <br />
          <input type='password' name='npassword'> <input type='submit' name='ue' value='Submit'>
        </form>
 
 
 
    </body>
    ";
}

Here is the database structure :



--
Hope you like it :)
Any question about this script , please contact me.

Added the config.php page for easier database configuration.
 

Kaz

BooYah
Staff member
Nov 16, 2010
3,064
1,025
I noticed in your account page you have:
PHP:
mysql_connect("localhost", "root", "");
    mysql_select_db("php");
Would it not be simpler to just include the config file?
 

Alam

shietttt
Jul 3, 2011
433
166
I noticed in your account page you have:
PHP:
mysql_connect("localhost", "root", "");
    mysql_select_db("php");
Would it not be simpler to just include the config file?
Whoops , didn't saw that. Fixed now :)

Update :
  • Implemented Session on index (if the user is logged in and tries to go to index.php it will redirect them back to me.php)
 

Dobby

Member
Nov 8, 2010
156
5
I cant get it to work :(

Login/index.php gives
Code:
Parse error: syntax error, unexpected end of file in C:\xampp\htdocs\login.php on line 71

register.php gives
Code:
Notice: Undefined index: username in C:\xampp\htdocs\register.php on line 4
 
Notice: Undefined index: email in C:\xampp\htdocs\register.php on line 5
 
Notice: Undefined index: password in C:\xampp\htdocs\register.php on line 6
 
Notice: Undefined index: repeatpassword in C:\xampp\htdocs\register.php on line 7

me.php gives
Code:
Notice: Undefined index: user in C:\xampp\htdocs\me.php on line 4

account.php gives
Code:
Notice: Undefined index: username in C:\xampp\htdocs\account.php on line 5
 
Notice: Undefined index: cpassword in C:\xampp\htdocs\account.php on line 6
 
Notice: Undefined index: npassword in C:\xampp\htdocs\account.php on line 7
 
Warning: mysql_connect(): Access denied for user 'root'@'localhost' (using password: NO) in C:\xampp\htdocs\account.php on line 8
 
Notice: Undefined index: user_id in C:\xampp\htdocs\account.php on line 10
 
Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\account.php on line 13
 
Notice: Undefined index: user_id in C:\xampp\htdocs\account.php on line 82

Note: I have not changed anything except the config...
 

DaLightz

See ya'll in the afterlife.
May 19, 2012
1,136
262
I cant get it to work :(

Login/index.php gives
Code:
Parse error: syntax error, unexpected end of file in C:\xampp\htdocs\login.php on line 71

register.php gives
Code:
Notice: Undefined index: username in C:\xampp\htdocs\register.php on line 4
 
Notice: Undefined index: email in C:\xampp\htdocs\register.php on line 5
 
Notice: Undefined index: password in C:\xampp\htdocs\register.php on line 6
 
Notice: Undefined index: repeatpassword in C:\xampp\htdocs\register.php on line 7

me.php gives
Code:
Notice: Undefined index: user in C:\xampp\htdocs\me.php on line 4

account.php gives
Code:
Notice: Undefined index: username in C:\xampp\htdocs\account.php on line 5
 
Notice: Undefined index: cpassword in C:\xampp\htdocs\account.php on line 6
 
Notice: Undefined index: npassword in C:\xampp\htdocs\account.php on line 7
 
Warning: mysql_connect(): Access denied for user 'root'@'localhost' (using password: NO) in C:\xampp\htdocs\account.php on line 8
 
Notice: Undefined index: user_id in C:\xampp\htdocs\account.php on line 10
 
Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\account.php on line 13
 
Notice: Undefined index: user_id in C:\xampp\htdocs\account.php on line 82

Note: I have not changed anything except the config...
Apache or IIS?
 

TesoMayn

Boredom, it vexes me.
Oct 30, 2011
1,482
1,482
Or you can change your index/login page to this:

PHP:
<?php
session_start();
 
include 'config.php';
 
$username = $_POST['username'];
$password = $_POST['password'];
if(isset($_POST['submit']))
{
if($username&&$password)
{
    $query = mysql_query("SELECT * FROM users WHERE username='$username'");
    $id1 = mysql_query("SELECT id FROM users WHERE username='$username'");
    $numrows = mysql_num_rows($query);
 
    while ($row = mysql_fetch_array($id1))
    {
        $id = $row['id'];
    }
 
 
    if($numrows!=0)
    {
      while ($row = mysql_fetch_assoc($query))
      {
          $user = $row['username'];
          $pass = $row['password'];
      }
 
      if($username==$user&&md5($password)==$pass)
      {
          $_SESSION['user']=$username;
          $_SESSION['user_id']=$id;
          header("location: me.php");
 
      }
      else
        echo "Your password is incorrect, please try again.";
 
    }
    else
      echo "The user $username does not exist";
 
}
else
  echo "Please enter your username and password.";
 
}
 
if($_SESSION['user'])
{
  header("location: me.php");
}
else
{
?>
<html>
    <head>
        <title>Login page</title>
    </head>
 
    <body>
        <form action='index.php' method='POST'>
          Username : <input type='text' name='username'>
          Password : <input type='password' name='password'>
          <input type='submit' name='submit' value='Login'>
        </form>
 
    </body>
</html>
<?php } ?>
 

Dobby

Member
Nov 8, 2010
156
5
nothing is working guys.... and changing the login/index page to that just gives me the errors


Notice: Undefined index: username in C:\xampp\htdocs\login.php on line 6

Notice: Undefined index: password in C:\xampp\htdocs\login.php on line 7

Notice: Undefined index: user in C:\xampp\htdocs\login.php on line 50
 

Users who are viewing this thread

Top