2006-08-10, 07:42 PM
On a website I'm experimenting with (because this is my first time using PHP and also MySQL scripts), and probably I'll release it if this works...
I'm making a user authentication system on certain website, but I want to use the users and password stored on the forum's db, so if anyone wants to make a new account, they have to access the forum and create one.
I was reading some tutorials, scripts and books, I downloaded these scripts and edited with the correct settings... i think.... help?
Connect.php
Login.php
I'm making a user authentication system on certain website, but I want to use the users and password stored on the forum's db, so if anyone wants to make a new account, they have to access the forum and create one.
I was reading some tutorials, scripts and books, I downloaded these scripts and edited with the correct settings... i think.... help?
Connect.php
<?php
$server = 'localhost';
$username = 'root';
$password = 'password';
$database_name = 'forum';
mysql_connect($server, $username, $password);
mysql_select_db($database_name);
?>
Login.php
<?php
session_start();
require_once('connect.php');
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Log In</title>
<style type="text/css">
.container {
text-align: center;
border: 1px solid #000000;
width: 300px;
}
td {
text-align: left;
}
</style>
</head>
<body>
<?php
if(isset($_POST['login'])) {
$error = '';
$username = $_POST['username'];
$password = $_POST['password'];
if(!isset($username) || !isset($password)) {
$error .= 'A required field was left blank.<br />';
}
$password = md5($password);
if(get_magic_quotes_gpc()) {
$username = $username;
}else{
$username = addslashes($username);
}
$result = mysql_query('SELECT * FROM `mybb_users` WHERE `username`="'.$username.'" AND `password`="'.$password.'"');
$valid_login = mysql_num_rows($result);
if($valid_login == 0) {
$error .= 'The supplied username and/or password was incorrect.<br />';
}
if($error == '') {
$data = mysql_fetch_array($result);
$_SESSION['username'] = $data['username'];
mysql_query('UPDATE `users` SET `last_seen`="'.time().'" WHERE `username`="'.$username.'"');
echo '<meta http-equiv="Refresh" Content="0; URL=index.php">';
die();
}else{
echo 'The following errors were returned:<br />'.$error.'<br />';
}
}
?>
<form action="login.php" method="post">
<table class="container" align="center" cellspacing="0" cellpadding="0">
<tr>
<td colspan="2" style="text-align:center;"><h1>Log In</h1></td>
</tr>
<tr>
<td>Username:</td>
<td><input type="text" name="username" maxlength="20" /></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td colspan="2" style="text-align:center;"><input name="login" type="submit" value="Log In" /></td>
</tr>
<tr>
<td colspan="2" style="text-align:center;"><a href="register.php">Register</a> | <a href="index.php">Index</a></td>
</tr>
</table>
</form>
</body>
</html>