Complete advanced login member system - PHP tutorial | ineedtutorials.com

Home > PHP > Complete advanced login member system - PHP tutorial

Complete advanced login member system - PHP tutorial

January 11th, 2008 in PHP by Gertjan

Goto comments Leave a comment

In this advanced tutorial i will teach you the steps required to create a custom build login/member system with PHP.

The system itself ofcourse has alot of room for improvements, also, it’s very easily expandable, i’ve chosen to work in a modular way, so that if you change something you only have to change it in 1 file. I’ve done this by using functions, this script is a good example of the real power of PHP.

Features:

Registration
Lost password
Various checks on passwords and usernames
users can change their password
Passwords are stored in a database with a seed added to it and they have sha1 encryption
Easy to adjust & use

Requirements:

Mysql database
a php & mysql enabled host
php mail() enabled host
ftp access to your website

Overview

Steps:

Creating the mysql table
Creating a db_connect.inc.php file
Creating the header.php file
Creating the footer.php file
Creating the index.php file
Creating the login.php file
Creating the logout.php file
Creating a function.inc.php file
Creating the mail.functions.inc.php file
Creating the display.functions.inc.php file
Creating the login.functions.inc.php file
Creating the user.functions.inc.php file
Creating the validation.functions.inc.php file
Creating the lostpassword.php file
Creating the changepassword.php file
Creating the register.php file
Creating the activate.php file

Step 1: Creating the mysql table

For this tutorials i presume you already know how to add tables to your database.

Table login (SQL code):

^?View Code SQL

CREATE TABLE  `login` (
  `loginid` int(10) unsigned NOT NULL auto_increment,
  `username` varchar(30) NOT NULL,
  `password` varchar(50) NOT NULL,
  `email` varchar(255) NOT NULL,
  `actcode` varchar(45) NOT NULL,
  `disabled` tinyint(1) NOT NULL default '0',
  `activated` tinyint(1) NOT NULL default '0',
  PRIMARY KEY  (`loginid`)
);

Now let us add the administrator account:

username: admin
password: yourpasswordhere

** Change the text yourpassword here with the desired password.

** Change the text youremailhere with your email adress.

SQL query:

^?View Code SQL

1	insert into login (username,password,email,activated) value ('admin',sha1(concat('yourpasswordhere','0dAfghRqSTgx')),'youremailhere','1');

The table is now ready, and the administrator account has been added. let us move on to step 2.

Step 2: Creating a db_connect.inc.php file

This file will be used to manage the connection to the database.

File db_connect.inc.php:

^?View Code PHP

<?php
// Database settings
// database hostname or IP. default:localhost
// localhost will be correct for 99% of times
define("HOST", "localhost");
// Database user
define("DBUSER", "dbuser");
// Database password
define("PASS", "dbpass");
// Database name
define("DB", "dbname");
 
############## Make the mysql connection ###########
$conn = mysql_connect(HOST, DBUSER, PASS) or  die('Could not connect !<br />Please contact the site\'s administrator.');
 
$db = mysql_select_db(DB) or  die('Could not connect to database !<br />Please contact the site\'s administrator.');
 
?>

Let me explain:

HOST: this is the location for the database server it can be a hostname or an ip adress. it is usualy localhost.
DBUSER: this is the database user account used to access the database.
PASS: this is the password for the database user account.
DB: this is the name of the database used.

Step 3: Creating the header.php file

File header.php:

^?View Code PHP

<?php
error_reporting(0); // we don't want to see errors on screen
// Start a session
session_start();
require_once ('db_connect.inc.php'); // include the database connection
require_once ("functions.inc.php"); // include all the functions
$seed="0dAfghRqSTgx"; // the seed for the passwords
$domain =  "ineedtutorials.com"; // the domain name without http://www.
 
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Complete Member Login / System tutorial - <?php echo $domain; ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>

Step 4: Creating the footer.php file

The footer file is included at the bottom of every page, it looks like this:

^?View Code PHP

<hr>
<div id='footer'>Copyright 2007-2008 &copy; <?php echo $domain; ?></div>
</body>
</html>

Step 5: Creating the index.php file

In this step we will create the homepage of the website, we’ll keep it very basic, only the login will be displayed.

File index.php:

^?View Code PHP

<?php 
 
 require_once "header.php"; 
 //content
 include "login.php";
 // more content
 require_once "footer.php";
 
?>

Step 6: Creating the login.php file

In this step we will make the actual login page, because we want to keep it readable we create some custom build functions that will handle the actual login. So basicly all this page will do is call the functions checkLogin(), show_loginform() and isLoggedIn()

^?View Code PHP

<?php
if (!isLoggedIn())
{
    // user is not logged in.
    if (isset($_POST['cmdlogin']))
    {
        // retrieve the username and password sent from login form & check the login.
        if (checkLogin($_POST['username'], $_POST['password']))
        {
            show_userbox();
        } else
        {
            echo "Incorrect Login information !";
            show_loginform();
        }
    } else
    {
        // User is not logged in and has not pressed the login button
        // so we show him the loginform
        show_loginform();
    }
 
} else
{
    // The user is already loggedin, so we show the userbox.
    show_userbox();
}
?>

Step 7: Creating the logout.php file

The logout file will destroy the session and it’s stored information. Afterwards it will redirect the user to the homepage.

File logout.php:

^?View Code PHP

<?php 
session_start();
if( session_unregister('loginid') == true && session_unregister('username')==true ) {
    session_destroy();
	header('Location: index.php');
  } else {
   unset($_SESSION['loginid']);
   unset($_SESSION['username']);
   session_destroy();
   header('Location: index.php');
}
?>

Step 8: Creating the function.inc.php file

Now we will create a file that will store all our functions, by including this file all our functions will be accessable.
It will help keep track of your functions.

File functions.inc.php:

^?View Code PHP

<?php
 
require_once("mail.functions.inc.php");
require_once("user.functions.inc.php");
require_once("display.functions.inc.php");
require_once("login.functions.inc.php");
require_once("validation.functions.inc.php");
 
 
function generate_code($length = 10)
{
 
    if ($length <= 0)
    {
        return false;
    }
 
    $code = "";
    $chars = "abcdefghijklmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ123456789";
    srand((double)microtime() * 1000000);
    for ($i = 0; $i < $length; $i++)
    {
        $code = $code . substr($chars, rand() % strlen($chars), 1);
    }
    return $code;
 
}
 
?>

Step 9: Creating the mail.functions.inc.php file

This file will contain all functions that we use to send emails.

File mail.functions.inc.php:

^?View Code PHP

<?php
 
##### Mail functions #####
 
function sendLostPasswordEmail($username, $email, $newpassword)
{
 
    global $domain;
    $message = "
You have requested a new password on http://www.$domain/,
 
Your new password information:
 
username:  $username
password:  $newpassword
 
 
Regards
$domain Administration
";
 
    if (sendMail($email, "Your password has been reset.", $message, "no-reply@$domain"))
    {
        return true;
    } else
    {
        return false;
    }
 
 
}
 
function sendMail($to, $subject, $message, $from)
{
 
 
    $from_header = "From: $from";
 
    if (mail($to, $subject, $message, $from_header))
    {
        return true;
    } else
    {
        return false;
    }
    return false;
}
 
function sendActivationEmail($username, $password, $uid, $email, $actcode)
{
    global $domain;
    $link = "http://www.$domain/activate.php?uid=$uid&actcode=$actcode";
    $message = "
Thank you for registering on http://www.$domain/,
 
Your account information:
 
username:  $username
password:  $password
 
Please click the link below to activate your account.
 
$link
 
Regards
$domain Administration
";
 
    if (sendMail($email, "Please activate your account.", $message, "no-reply@$domain"))
    {
        return true;
    } else
    {
        return false;
    }
}
 
?>

Step 10: Creating the display.functions.inc.php file

This file will contain all functions that display a form or a userbox on the page.

For example: It contains the loginform, the HTML code for the userbox, the lostpassword form, …

file: display.functions.inc.php

^?View Code PHP

<?php
 
#### Display Functions ####
 
function show_userbox()
{
    // retrieve the session information
    $u = $_SESSION['username'];
    $uid = $_SESSION['loginid'];
    // display the user box
    echo "<div id='userbox'>
			Welcome $u
			<ul>
				<li><a href='./changepassword.php'>Change Password</a></li>
				<li><a href='./logout.php'>Logout</a></li>
			</ul>
		 </div>";
}
 
function show_changepassword_form(){
 
echo '<form action="./changepassword.php" method="post"> 
  <fieldset> 
  <legend>Change Password</legend> 
  <input type="hidden" value="'.$_SESSION['username'].'" name="username"> 
  <dl> 
    <dt> 
      <label for="oldpassword">Current Password:</label> 
    </dt> 
    <dd> 
      <input name="oldpassword" type="password" id="oldpassword" maxlength="15"> 
    </dd> 
  </dl> 
  <dl> 
    <dt> 
      <label for="password">New Password:</label> 
    </dt> 
    <dd> 
      <input name="password" type="password" id="password" maxlength="15"> 
    </dd> 
  </dl> 
  <dl> 
    <dt> 
      <label for="password2">Re-type new password:</label> 
    </dt> 
    <dd> 
      <input name="password2" type="password" id="password2" maxlength="15"> 
    </dd> 
  </dl> 
  <p> 
    <input name="reset" type="reset" value="Reset"> 
    <input name="change" type="submit" value="Reset Password"> 
  </p> 
  </fieldset> 
</form>
';
}
 
function show_loginform($disabled = false)
{
 
    echo '<form name="login-form" id="login-form" method="post" action="./index.php"> 
  <fieldset> 
  <legend>Please login</legend> 
  <dl> 
    <dt><label title="Username">Username: </label></dt> 
    <dd><input tabindex="1" accesskey="u" name="username" type="text" maxlength="30" id="username" /></dd> 
  </dl> 
  <dl> 
    <dt><label title="Password">Password: </label></dt> 
    <dd><input tabindex="2" accesskey="p" name="password" type="password" maxlength="15" id="password" /></dd> 
  </dl> 
  <ul> 
    <li><a href="./register.php" title="Register">Register</a></li> 
    <li><a href="./lostpassword.php" title="Lost Password">Lost password?</a></li> 
  </ul> 
  <p><input tabindex="3" accesskey="l" type="submit" name="cmdlogin" value="Login" ';
    if ($disabled == true)
    {
        echo 'disabled="disabled"';
    }
    echo ' /></p></fieldset></form>';
 
 
}
 
function show_lostpassword_form(){
 
	echo '<form action="./lostpassword.php" method="post"> 
	<fieldset><legend>Reset Password</legend>
  <dl> 
    <dt><label for="username">Username:</label></dt> 
    <dd><input name="username" type="text" id="username" maxlength="30">
    </dd> 
  </dl> 
   <dl> 
    <dt><label for="email">email:</label></dt> 
    <dd><input name="email" type="text" id="email" maxlength="255">
    </dd> 
  </dl> 
  <p> 
    <input name="reset" type="reset" value="Reset"> 
    <input name="lostpass" type="submit" value="Reset Password"> 
  </p> 
  </fieldset>
</form>';
 
}
 
function show_registration_form(){
 
	echo '<form action="./register.php" method="post"> 
	<fieldset><legend>Register</legend>
  <dl> 
    <dt><label for="username">Username:</label></dt> 
    <dd><input name="username" type="text" id="username" maxlength="30">
    </dd> 
  </dl> 
  <dl> 
    <dt><label for="password">Password:</label></dt> 
    <dd><input name="password" type="password" id="password" maxlength="15">
    </dd> 
  </dl> 
  <dl> 
    <dt><label for="password2">Re-type password:</label></dt> 
    <dd><input name="password2" type="password" id="password2" maxlength="15">
    </dd> 
  </dl> 
  <dl> 
    <dt><label for="email">email:</label></dt> 
    <dd><input name="email" type="text" id="email" maxlength="255">
    </dd> 
  </dl> 
  <p> 
    <input name="reset" type="reset" value="Reset"> 
    <input name="register" type="submit" value="Register"> 
  </p> 
  </fieldset>
</form>';
 
}
?>

Step 11: Creating the login.functions.inc.php file

This file will contain the login functions

file: login.functions.inc.php

^?View Code PHP

<?php
 
#### Login Functions #####
 
 
function isLoggedIn()
{
 
    if (session_is_registered('loginid') && session_is_registered('username'))
    {
        return true; // the user is loged in
    } else
    {
        return false; // not logged in
    }
 
    return false;
 
}
 
function checkLogin($u, $p)
{
global $seed; // global because $seed is declared in the header.php file
 
    if (!valid_username($u) || !valid_password($p) || !user_exists($u))
    {
        return false; // the name was not valid, or the password, or the username did not exist
    }
 
    //Now let us look for the user in the database.
    $query = sprintf("
		SELECT loginid 
		FROM login 
		WHERE 
		username = '%s' AND password = '%s' 
		AND disabled = 0 AND activated = 1 
		LIMIT 1;", mysql_real_escape_string($u), mysql_real_escape_string(sha1($p . $seed)));
    $result = mysql_query($query);
    // If the database returns a 0 as result we know the login information is incorrect.
    // If the database returns a 1 as result we know  the login was correct and we proceed.
    // If the database returns a result > 1 there are multple users
    // with the same username and password, so the login will fail.
    if (mysql_num_rows($result) != 1)
    {
        return false;
    } else
    {
        // Login was successfull
        $row = mysql_fetch_array($result);
        // Save the user ID for use later
        $_SESSION['loginid'] = $row['loginid'];
        // Save the username for use later
        $_SESSION['username'] = $u;
        // Now we show the userbox
        return true;
    }
    return false;
}
 
?>

Step 12: Creating the user.functions.inc.php file

This file will contain the user functions

file: user.functions.inc.php

^?View Code PHP

<?php
 
##### User Functions #####
 
function changePassword($username,$currentpassword,$newpassword,$newpassword2){
global $seed;	
	if (!valid_username($username) || !user_exists($username))
    {
        return false;
    }
    if (! valid_password($newpassword) || ($newpassword != $newpassword2)){
 
		return false;
	}
 
	// we get the current password from the database
    $query = sprintf("SELECT password FROM login WHERE username = '%s' LIMIT 1",
        mysql_real_escape_string($username));
 
    $result = mysql_query($query);
	$row= mysql_fetch_row($result);
 
	// compare it with the password the user entered, if they don't match, we return false, he needs to enter the correct password.
	if ($row[0] != sha1($currentpassword.$seed)){
 
		return false;	
	}
 
	// now we update the password in the database
    $query = sprintf("update login set password = '%s' where username = '%s'",
        mysql_real_escape_string(sha1($newpassword.$seed)), mysql_real_escape_string($username));
 
    if (mysql_query($query))
    {
		return true;
	}else {return false;}
	return false;
}
 
 
function user_exists($username)
{
    if (!valid_username($username))
    {
        return false;
    }
 
    $query = sprintf("SELECT loginid FROM login WHERE username = '%s' LIMIT 1",
        mysql_real_escape_string($username));
 
    $result = mysql_query($query);
 
    if (mysql_num_rows($result) > 0)
    {
        return true;
    } else
    {
        return false;
    }
 
    return false;
 
}
 
function activateUser($uid, $actcode)
{
 
    $query = sprintf("select activated from login where loginid = '%s' and actcode = '%s' and activated = 0  limit 1",
        mysql_real_escape_string($uid), mysql_real_escape_string($actcode));
 
    $result = mysql_query($query);
 
    if (mysql_num_rows($result) == 1)
    {
 
        $sql = sprintf("update login set activated = '1'  where loginid = '%s' and actcode = '%s'",
            mysql_real_escape_string($uid), mysql_real_escape_string($actcode));
 
        if (mysql_query($sql))
        {
            return true;
        } else
        {
            return false;
        }
 
    } else
    {
 
        return false;
 
    }
 
}
 
function registerNewUser($username, $password, $password2, $email)
{
 
    global $seed;
 
    if (!valid_username($username) || !valid_password($password) || 
        	!valid_email($email) || $password != $password2 || user_exists($username))
    {
        return false;
    }
 
 
    $code = generate_code(20);
    $sql = sprintf("insert into login (username,password,email,actcode) value ('%s','%s','%s','%s')",
        mysql_real_escape_string($username), mysql_real_escape_string(sha1($password . $seed))
		, mysql_real_escape_string($email), mysql_real_escape_string($code));
 
 
    if (mysql_query($sql))
    {
        $id = mysql_insert_id();
 
        if (sendActivationEmail($username, $password, $id, $email, $code))
        {
 
            return true;
        } else
        {
            return false;
        }
 
    } else
    {
        return false;
    }
    return false;
 
}
 
function lostPassword($username, $email)
{
 
	global $seed;
    if (!valid_username($username) || !user_exists($username) || !valid_email($email))
    {
 
        return false;
    }
 
    $query = sprintf("select loginid from login where username = '%s' and email = '%s' limit 1",
        $username, $email);
 
    $result = mysql_query($query);
 
    if (mysql_num_rows($result) != 1)
    {
 
        return false;
    }
 
 
    $newpass = generate_code(8);
 
    $query = sprintf("update login set password = '%s' where username = '%s'",
        mysql_real_escape_string(sha1($newpass.$seed)), mysql_real_escape_string($username));
 
    if (mysql_query($query))
    {
 
            if (sendLostPasswordEmail($username, $email, $newpass))
        {
            return true;
        } else
        {
            return false;
        }      
 
    } else
    {
        return false;
    }
 
    return false;
 
}
 
?>

Step 13: Creating the validation.functions.inc.php file

This file will contain the validation functions, these function will validate the user input to see if it’s valid and doesn’t contain any illegal characters.

file: validation.functions.inc.php

^?View Code PHP

<?php
 
#### Validation functions ####
 
function valid_email($email)
{
 
    // First, we check that there's one @ symbol, and that the lengths are right
    if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email))
    {
        // Email invalid because wrong number of characters in one section, or wrong number of @ symbols.
        return false;
    }
    // Split it into sections to make life easier
    $email_array = explode("@", $email);
    $local_array = explode(".", $email_array[0]);
    for ($i = 0; $i < sizeof($local_array); $i++)
    {
        if (!ereg("^(([A-Za-z0-9!#$%&#038;'*+/=?^_`{|}~-][A-Za-z0-9!#$%&#038;'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$",
            $local_array[$i]))
        {
            return false;
        }
    }
    if (!ereg("^\[?[0-9\.]+\]?$", $email_array[1]))
    { // Check if domain is IP. If not, it should be valid domain name
        $domain_array = explode(".", $email_array[1]);
        if (sizeof($domain_array) < 2)
        {
            return false; // Not enough parts to domain
        }
        for ($i = 0; $i < sizeof($domain_array); $i++)
        {
            if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$", $domain_array[$i]))
            {
                return false;
            }
        }
    }
    return true;
}
 
function valid_username($username, $minlength = 3, $maxlength = 30)
{
 
    $username = trim($username);
 
    if (empty($username))
    {
        return false; // it was empty
    }
    if (strlen($username) > $maxlength)
    {
        return false; // to long
    }
    if (strlen($username) < $minlength)
    {
 
        return false; //toshort
    }
 
    $result = ereg("^[A-Za-z0-9_\-]+$", $username); //only A-Z, a-z and 0-9 are allowed
 
    if ($result)
    {
        return true; // ok no invalid chars
    } else
    {
        return false; //invalid chars found
    }
 
    return false;
 
}
 
function valid_password($pass, $minlength = 6, $maxlength = 15)
{
    $pass = trim($pass);
 
    if (empty($pass))
    {
        return false;
    }
 
    if (strlen($pass) < $minlength)
    {
        return false;
    }
 
    if (strlen($pass) > $maxlength)
    {
        return false;
    }
 
    $result = ereg("^[A-Za-z0-9_\-]+$", $pass);
 
    if ($result)
    {
        return true;
    } else
    {
        return false;
    }
 
    return false;
 
}
 
?>

Step 14: Creating the lostpassword.php file

When the user lost his password he can request a new temporary password. He has to enter his username and his password, if they are correct his password will be reset to a radom generated password and an email will be sent containing this new password, the user can use this password to login and change its password.

file: lostpassword.php

^?View Code PHP

<?php
 
require_once "header.php"; 
 
if (isset($_POST['lostpass'])){
 
	if (lostPassword($_POST['username'], $_POST['email'])){
 
		echo "Your password has been reset, an email containing your new password has been sent to your inbox.<br />
		<a href='./index.php'>Click here to return to the homepage.</a>
		";
 
	}else {
 
		echo "Username or email was incorrect !";
		show_lostpassword_form();
 
	}
 
} else {
	//user has not pressed the button
	show_lostpassword_form();	
}
 
 require_once "footer.php";
?>

Step 15: Creating the changepassword.php file

On this page the user can change his password, ofcouse he has to be logged in first. He will also have to enter his old password.

file: changepassword.php

^?View Code PHP

<?php
 
require_once "header.php";
 
if (isLoggedIn() == true)
{
 
    if (isset($_POST['change']))
    {
 
        if (changePassword($_POST['username'], $_POST['oldpassword'], $_POST['password'],
            $_POST['password2']))
        {
            echo "Your password has been changed ! <br /> <a href='./index.php'>Return to homepage</a>";
 
        } else
        {
            echo "Password change failed! Please try again.";
            show_changepassword_form();
        }
 
    } else
    {
        show_changepassword_form();
    }
 
} else {
	// user is not loggedin
    show_loginform();
}
 
require_once "footer.php";
 
?>

Step 16: Creating the register.php file

On this page users can create an account.

file: register.php

^?View Code PHP

<?php
 
require_once "header.php"; 
 
if (isset($_POST['register'])){
 
	if (registerNewUser($_POST['username'], $_POST['password'], $_POST['password2'], $_POST['email'])){
 
		echo "Thank you for registering, an email has been sent to your inbox, Please activate your account.
		<a href='./index.php'>Click here to login.</a>
		";
 
	}else {
 
		echo "Registration failed! Please try again.";
		show_registration_form();
 
	}
 
} else {
// has not pressed the register button
	show_registration_form();	
}
 
 require_once "footer.php";
?>

Step 17: Creating the activate.php file

On this page users can activate their account.

file: activate.php

^?View Code PHP

<?php
 
require_once "header.php";
 
$uid = (int)htmlentities(strip_tags($_GET['uid']));
$actcode = htmlentities(strip_tags($_GET['actcode']));
 
if (activateUser($uid, $actcode) == true)
{
    echo "Thank you for activating your account, You can now login.
		<a href='./index.php'>Click here to login.</a>";
} else
{
    echo "Activation failed! Please try again.";
    echo "If problem presists please contact the webmaster.";
}
 
require_once "footer.php";
?>

Tags

advanced tutorials, content management, database, databases, functions, howto, login, members, mysql, PHP, php5, script, tutorial

Related Posts:

Comments (169) Trackbacks (3) Leave a comment Trackback

Heeeelp!!

May 7th, 2009 at 00:47 | #1

Reply | Quote

Nvm. But now I get
Fatal error: Call to undefined function isLoggedIn() in C:\Abyss Web Server\htdocs\login\login.php on line 3
This is on my login.php
MHz

May 7th, 2009 at 08:50 | #2

Reply | Quote

When I login and click the changepassword link, I get the login form because there is no sessions. Why? I’m using php tables, so I get a url like index.php?action=changepw
cheekylele

May 8th, 2009 at 01:35 | #3

Reply | Quote

hi firstly what an awesome tutorial thankies!
im implementing this into my content management system and the register/login process works fantastically - the only problem is that I’m testing locallly and the Activation email never gets sent …
however, the record does exist in the database and the login is functional once you register the details …
can you elaborate on Step 9 - Creating the mail.functions.inc.php file:
how can I get the Activation Email working?
Thanks!
cheekylele

May 8th, 2009 at 10:39 | #4

Reply | Quote

omfg …. after reading the four pages of comments and doing a bit of tinkering around I managed to fix my problem … haha
ignore my question as I fixed it myself … yay!
but to reiterate … your script was awesome and I learnt SHITLOADS!!!
muchos gracias amigo!
Kevin

May 8th, 2009 at 21:04 | #5

Reply | Quote

First of all thanks for this awesome tutorial!
I’ve learned tons by just checking the code

BUT, Everything works, email-system too except when you click the link in the email I get the following error:

Activation failed! Please try again.If problem presists please contact the webmaster.

They information is added to the table thought (with activation = 0)

Thanks in advance
Kevin

May 8th, 2009 at 21:31 | #6

Reply | Quote

Found it.

In the registerNewUser function the 2 ‘$id’s should be $uid.
MHz

May 9th, 2009 at 16:43 | #7

Reply | Quote

When I login and click the changepassword link, I get the login form because there is no sessions. Why? I’m using php tables, so I get a url like index.php?action=changepw
Matt

May 12th, 2009 at 11:18 | #8

Reply | Quote

This would be a much better script when it should be build on the zend framework.

mysql_ is not developed further anymore and mysqli and pdo are both in the Zend Framework.
Riz

May 13th, 2009 at 19:42 | #9

Reply | Quote

please tell me z there any error in….
if (!isLoggedIn())

bcoz it tels this as a error!!!!
Rysy

May 25th, 2009 at 03:11 | #10

Reply | Quote

Works fantastic, thank you very much!
Is there anyway to stop the activation emails ending up in the outlook junk email filter?
Andrew

May 31st, 2009 at 20:47 | #11

Reply | Quote

There is a major security bug in the change password form… you could just make your own HTML file and change the value of the user name and change anyones password…
Suzzy

June 7th, 2009 at 01:39 | #12

Reply | Quote

I’m getting that annoying “No input file specified.” message when I try to activate. I’ve done error checking and looked for mistakes in file names but I’m not finding anything. Anyone know what might be causing it?

I know that the message “No input file specified.” comes up sometimes because of the way PHP is set up on the server. I have no access to change anything like that so other suggestions would be VERY appreciated.
<?php
require_once “header.php”;
$uid = (int)htmlentities(strip_tags($_GET['uid']));
$actcode = htmlentities(strip_tags($_GET['actcode']));
if (activateUser($uid, $actcode) == true)
{
echo “Thank you for activating your account, You can now login.
Click here to login.“;
} else
{
echo “Activation failed! Please try again.”;
echo “If problem persists please contact the webmaster.”;
}
require_once “footer.php”;
?>

Thanks!
Gator

June 9th, 2009 at 18:20 | #13

Reply | Quote

Great tut, learned alot from it, I was getting white screen on index page to0, my solution was, recopy an paste, turn out to be a bad copy of User Functions script, now i see login script, thnx again for the tut.
Yutakai

June 15th, 2009 at 10:55 | #14

Reply | Quote

hey if you are getting the clank page error make sure you named the functions.inc.php as functions.inc.php and NOT function.inc.php.
Yutakai

June 15th, 2009 at 10:57 | #15

Reply | Quote

hey if you are getting the blank page error make sure you named the functions.inc.php as functions.inc.php and NOT function.inc.php. Also make sure all your other files are there and have the correct names. The only one that was messed up is the functions.inc.php.
Yutakai

June 15th, 2009 at 10:58 | #16

Reply | Quote

Also for those of you getting the login error make sure you are putting the correct case. It is case sensitive.
Denise

June 18th, 2009 at 22:21 | #17

Reply | Quote

Hi I know this may seem stupid but ive everything done but not sure what values to use for DB, HOST, DBUSER and PASS. I know my DB is the actual database name and HOST is localhost but do I use the admin name and password for the rest? Whenever I go onto index.php i get the error :

Could not connect!
Please contact the site’s administrator.

I have figured out that the problem is in this line of code in the db_connect.inc.php:
$conn = mysql_connect(HOST, DBUSER, PASS) or die(’Could not connect fdg!Please contact the site\’s administrator.’);
….if thats any help! I cant figure out how to actually get this working if someone could help me I would appreciate it so much!!!
Hayley

June 18th, 2009 at 23:06 | #18

Reply | Quote

How do I actually get this incorporated into my website? I have the website designed but do i just place the index.php code into the page??
James

June 23rd, 2009 at 07:34 | #19

Reply | Quote

How can I get it to redirect to another page instead of displaying the userbox? Can anyone help? Thanks in advance.

Comment pages

« Previous 1 2 3 4

January 17th, 2008 at 22:00 | #1

Sistema de Login de Usuarios en PHP | HNKweb
February 5th, 2008 at 16:16 | #2

Complete advanced login member system - PHP tutorial « PHP Net
June 30th, 2008 at 10:36 | #3

Over 50 of The Best Tutorials from 2008 (so far) « NI-Limits Blog

The Concept Behind CSS Sending emails with php - php tutorial