Basic form in PHP

Proxybypass

Member
Joined
Mar 19, 2011
Posts
89
Reacts
0
Reputation
0
Credits
0
All of this work was done by me.

Ok so I've been creating a website from scratch, here is what I've gotten so far. Includes PHP/Mysql. Hosted on my Wamp server, using PHPmyadmin.
Please don't flame btw, its not really any advance code.
Feel free to use any/edit/give me pointers.

Index.php

Code: 
<html>

  <Form action='login.php' method='POST'>
    Username: <input type='text' name='username'><br>
    Password: <input type='password' name-'password'><br>
    <input type='submit' value='Log in'>

    </form>   <p>

    a href='register.php'>Register here.</a>
  </html>

Login.php
Code: 
<?Php

session_start();

$username = $_POST['username'];
$password = $_POST['password'];

if ($username&&$password)
{

$connect = mysql_connect("localhost","root",""); or die("Could not connect!");
mysql_select_db(phplogin); or die ("Could not find DB!");

$query = mysql_query("SELECT * FROM users WHERE username'=$username'");

$numrows = mysql_num_rows($query);

if ($numrows!=0)
{

while ($row = mysql_fetch_assoc($query))

    $dbusername = $row['username'];
    $dbpassword = $row['password']
}

   if ($username==$dbusername&&md5($password)==$dbpassword)
    {

    echo "Password accepted! Click <a href='member.php'>here</a> to enter the members page.";
  $_SESSION ['username']=$username;
    }
  else
  echo "Incorrect password!";

else
  die("That user doesn't exist!");

echo $numrows;

}
 else
  die("Please enter your Username and Password.");

?>]

Logout.php
Code: 
<?php

session_start();

session_destroy();

echo"You've been logged out. <a href='index'.php>Click here</a> to return."

?>

Member.php
Code: 
<?php

session_start()

if ($_SESSION['username'])
echo "Welcome, ".$_SESSION['username']."!;<br><a href='logout.php'></a>";
  else
  die("You must be logged in!");

?>

Register.php
Code: 
<?php
 Echo "<h1>Register</h1>";

 $submit =$_POST['submit'];
   //form data
 $fullname = strip_tags($_POST['fullname']);
 $username = strip_tags($_POST['username']);
 $password = strip_tags($_POST['password']));
 $repeatpassword = strip_tags($_POST['repeatpassword']));
 $date = date("Y-m-d");

 if ($submit)

 {

 if($fullname&&$username&&$password&&$repeatpassword);
  {

  if ($password==$repeatpassword)  {
   {

    if (strlen($username)>25||strlen($fullname)>25)
    {

    echo "Username or name is to long (25 char. limit)";
    }
    else
    {
  if (strlen($password)>25||strlen($password)<6)
  {
  echo "Password must be between 6-25 Chars.";
  }
  else
  {

  $password = md5 ($password);
  $repeatpassword = md5 ($repeatpassword);

  $connect = mysql_connect("localhost","root","");
  mysql_sql_db("phplogin");

  $queryreg= mysql_query("

  INSERT INTO users VALUES ('','$name','$username','$password','$date')

  ");

 die("You have been registered! <a href='index.php'>Return to the login page</a>

  }
  else
  echo "Your passwords do not match";

 }

  }
 else
  echo "Please fill in <b>all</b>fileds!<p>";
?>

<html>
   <p>
<form action='register.php' method='POST'>
  <table>
     <tr>
     <td>
     Your full name:
     </td>
     <td>
     <input type='text' name='fullname' value='<?php Echo $fullname; ?>'>
     </td>
     </tr>
     <tr>
     <td>
     Choose a Username:
     </td>
     <td>
     <input type='text' name='username' value='<?php echo $fullname; ?>'>
     </td>
     </tr>
    <tr>
     <td>
     Choose a password:
     </td>
     <td>
     <input type='password' name='password'
     </td>
     </tr>
    <tr>
     <td>
     Repeat your password:
     </td>
     <td>
     <input type='password' name='repeatpassword'
     </td>
     </tr>
     </table>
    <p>
    <input type='submit' name='submit' value='Register'>

     </form>

     </html>
 
RE: Basic forum in PHP

I cannot comprehend this currently but I wish you the best of luck for this project.
 
RE: Basic forum in PHP

Isn't it best to do

PHP: 
<?php

session_start()

if ($_SESSION['username'])
echo "Welcome, ".$_SESSION['username']."!;<br><a href='logout.php'></a>";
  else
  die("You must be logged in!");

?>

AS

PHP: 
<?php

session_start()

if (isset($_SESSION['username']))
echo "Welcome, ".$_SESSION['username']."!;<br><a href='logout.php'></a>";
  else
  die("You must be logged in!");

?>
 
RE: Basic forum in PHP

isset, is basically do the same function, just.. checking it.
 
RE: Basic forum in PHP

It's a basic test forum I did a while back to teach my self PHP.
That's all.
 
RE: Basic forum in PHP

More of a login system than a forum. Seems good though, just skimmed the code.
 
RE: Basic forum in PHP

Yes, flaming I coded it all my self.
Thank you every one.
 
RE: Basic forum in PHP

It's basically a log in system. All I do was make the user ids/passwords hashed. Didn't really add security
 
I edited the thread title for you, forum->form.

I wanted to add on to your code so...

For the record I would have done this pretty different but I am just fixing your code. It would never work.


Index.php

PHP: 
<html>
		<body>
  		<Form action='login.php' method='POST'>
    		Username: <input type='text' name='username'><br>
    		Password: <input type='password' name-'password'><br>
    		<input type='submit' name = "sub" value='Log in'>

    		</form>   

    	<center><a href='register.php'>Register here</a></center>
    
  </html>

Login.php

PHP: 
<?php
ob_start(); // headers
session_start(); // allow sessions
if(isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == "yes"){
echo "<center>You are already logged in! /n/n Click <a href='member.php'>here</a> to enter the members page.</center>";	
	
}else{
if(isset($_POST['sub'])){
	if(!empty($_POST['username']) && (!empty($_POST['password']))){



$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);



$connect = mysql_connect("localhost","root","") or die("Could not connect!");
mysql_select_db(phplogin) or die ("Could not find DB!");

$query = mysql_query("SELECT * FROM `users` WHERE `username`= '$username'");

$numrows = mysql_num_rows($query);

if ($numrows!=0)
{

while ($row = mysql_fetch_assoc($query)){

    $dbusername = $row['username'];
    $dbpassword = $row['password'];
}
}

   if ($username==$dbusername&&md5($password)==$dbpassword)
    {

    echo "Password accepted! Click <a href='member.php'>here</a> to enter the members page.";
  	$_SESSION ['username']=$username;
	$_SESSION ['loggedin'] = "yes";
  
    }
  else
  echo "Incorrect password!";




	}else{
		die("You did not fill in all the fields!");
}
}else{
	header("Location:index.php");	
}
}
?>

Logout.php

PHP: 
<?php

session_start();
unset($_SESSION['loggedin']);
session_destroy();

echo "You've been logged out. <a href='index'.php>Click here</a> to return."

?>


Member.php

PHP: 
<?php

session_start();

if(isset($_SESSION['username']) && ($_SESSION['loggedin'] == "yes")){
echo "Welcome, ".$_SESSION['username']."!;<br><a href='logout.php'></a>";
}
  else
  die("You must be logged in!");

?>


Register.php

PHP: 
<html>
<h1>Register</h1>  
<form action='' method='POST'>
  <table>
     	<tr>
     		<td>Your full name:</td> <td><input type='text' name='fullname' value='<?php echo $fullname ?>'></td>
     	</tr>
     	<tr>
     		<td>Choose a Username:</td> <td> <input type='text' name='username' value='<?php echo $username ?>'></td>
     	</tr>
    	<tr>
     	    <td>Choose a password:</td> <td><input type='password' name='password'></td>
     	</tr>
    	<tr>
     		<td>Repeat your password: </td><td><input type='password' name='repeatpassword'></td>
     	</tr>
 </table>
    
    <input type='submit' name='submit' value='Register'>

 </form>

</html>
     
<?php

if(isset($_POST['submit'])){
   
//form data
$fullname = mysql_real_escape_string($_POST['fullname']);
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$repeatpassword = mysql_real_escape_string($_POST['repeatpassword']);
$date = date("Y-m-d");



if($fullname&&$username&&$password&&$repeatpassword)
  {

  if ($password==$repeatpassword)  {
  		die("Your passowrds do not match");
  }

    if (strlen($username)>25||strlen($fullname)>25)
    {

    echo "Username and fullname is to long (25 char. limit)";
    }
    else
    {
  if (strlen($password)>25||strlen($password)<6)
  {
  echo "Password must be between 6-25 Chars.";
  }
  else
  {

  $password = md5($password);

  $connect = mysql_connect("localhost","root","") or die(mysql_error());
  mysql_sql_db("phplogin") or die(mysql_error());

  $queryreg= mysql_query("

  INSERT INTO users VALUES ('','$name','$username','$password','$date')

  ");

echo"You have been registered! <a href='index.php'>Return to the login page</a>";

  }
  
}

  }
else
  echo "Please fill in <b>all</b>fileds!<p>";
  }
?>

So much of this code was... just so messed up. You need to read over your script before posting.

I didn't test this but it should work.
 
You must log in or register to reply here.
Menu
Log in
Register
Cookies are required to use this site. You must accept them to continue using the site. Learn more…