Bibling
28-04-2007, 10:32 PM
Hello There Guys, For Legal Reasons i must say, You can use the tutorial, but not post it onto any other sites. The current sites that i have posted this Tutorial on is: Habbox.com - THATS IT!
You know it takes alot of time to get it done, so DON'T DO IT!
ok, now that is out of the way, lets get down to buisness!
Making a PHP Login Form
One of the most popular uses of PHP is to secure acess to various portions of a website based on a user's login name and password. This is a failry simple thing to do and in this tutorial I will show you how to construct a PHP login form.
The FIRST step to building a simple user authentication system is to create the table in your database that stores the login information. In this script we use one mysql table called"'logins", and the login name and password fields are stored in a hashed (md5) and encrypted state for security reasons. The function that issues the SQL command to create this table looks like this:
function MakeTableLogins($database, $host, $db_user, $db_pass) {//create the logins table
$linkID = mysql_connect($host, $db_user, $db_pass);
mysql_select_db($database, $linkID);
mysql_query("create table logins (user char(32), pasword char(32))", $linkID);
}
This should be called by passing the name of the database, database server host and the username password for that database server.
We only use one way encryption because our script never needs to know the actual plaintext of the username or password, its only must decide if the supplied information matches the information from the table. This is done by performing the same hash/encrypt routine on the inputted data and then comparing those values to the database. The function this script uses to return the encrypted data looks like this:
function Encrypt($string) {//hash then encrypt a string
$crypted = crypt(md5($string), md5($string));
return $crypted;
}
The NEXT thing our script will have to be able to do is to add the requried users records to the table. We cannot do this by hand because the data is encrypted so there is a function that handles this also:
function AddUser($database, $host, $db_user, $db_pass, $username, $password) { //add user to table logins
$linkID = mysql_connect($host, $db_user, $db_pass);
mysql_select_db($database, $linkID);
$password = encrypt($password);
$username = encrypt($username);
mysql_query("insert into logins values ('$username', '$password')", $linkID);
}
The NEXT and FINAL piece to our script is the actual login function. This function is passed arguments of the database login information, and the username and password the user supplied. The function returns true if the user information matches the data in the table exactly and false if they do no match.
function Login($database, $host, $db_user, $db_pass, $user, $password) { //attempt to login false if invalid true if correct
$auth = false;
$user = Encrypt($user);
$linkID = mysql_connect($host, $db_user, $db_pass);
mysql_select_db("$database", $linkID);
$result = mysql_query("select password from logins where user = '$user'", $linkID);
$pass = mysql_fetch_row($result);
mysql_close($linkID);
if ($pass[0] === (Encrypt($password))) {
$auth = true;
}
return $auth;
}
I hope i have helped you guys that need a 'User-system installed onto your site, For further Info, please Contact me!
You know it takes alot of time to get it done, so DON'T DO IT!
ok, now that is out of the way, lets get down to buisness!
Making a PHP Login Form
One of the most popular uses of PHP is to secure acess to various portions of a website based on a user's login name and password. This is a failry simple thing to do and in this tutorial I will show you how to construct a PHP login form.
The FIRST step to building a simple user authentication system is to create the table in your database that stores the login information. In this script we use one mysql table called"'logins", and the login name and password fields are stored in a hashed (md5) and encrypted state for security reasons. The function that issues the SQL command to create this table looks like this:
function MakeTableLogins($database, $host, $db_user, $db_pass) {//create the logins table
$linkID = mysql_connect($host, $db_user, $db_pass);
mysql_select_db($database, $linkID);
mysql_query("create table logins (user char(32), pasword char(32))", $linkID);
}
This should be called by passing the name of the database, database server host and the username password for that database server.
We only use one way encryption because our script never needs to know the actual plaintext of the username or password, its only must decide if the supplied information matches the information from the table. This is done by performing the same hash/encrypt routine on the inputted data and then comparing those values to the database. The function this script uses to return the encrypted data looks like this:
function Encrypt($string) {//hash then encrypt a string
$crypted = crypt(md5($string), md5($string));
return $crypted;
}
The NEXT thing our script will have to be able to do is to add the requried users records to the table. We cannot do this by hand because the data is encrypted so there is a function that handles this also:
function AddUser($database, $host, $db_user, $db_pass, $username, $password) { //add user to table logins
$linkID = mysql_connect($host, $db_user, $db_pass);
mysql_select_db($database, $linkID);
$password = encrypt($password);
$username = encrypt($username);
mysql_query("insert into logins values ('$username', '$password')", $linkID);
}
The NEXT and FINAL piece to our script is the actual login function. This function is passed arguments of the database login information, and the username and password the user supplied. The function returns true if the user information matches the data in the table exactly and false if they do no match.
function Login($database, $host, $db_user, $db_pass, $user, $password) { //attempt to login false if invalid true if correct
$auth = false;
$user = Encrypt($user);
$linkID = mysql_connect($host, $db_user, $db_pass);
mysql_select_db("$database", $linkID);
$result = mysql_query("select password from logins where user = '$user'", $linkID);
$pass = mysql_fetch_row($result);
mysql_close($linkID);
if ($pass[0] === (Encrypt($password))) {
$auth = true;
}
return $auth;
}
I hope i have helped you guys that need a 'User-system installed onto your site, For further Info, please Contact me!