Created
March 22, 2012 19:54
-
-
Save mark-d-holmberg/2162890 to your computer and use it in GitHub Desktop.
PHP Login Script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
session_start(); | |
/*see if we can echo stuff*/ | |
//if( (!isset( $_SESSION['logged_in'] )) || (!isset( $_SESSION['username' )) ) | |
$logged_in = $_SESSION['logged_in']; | |
$username = $_SESSION['username']; | |
// $timestamp = $_SESSION['timestamp']; | |
$session_id = $_SESSION['session_id']; | |
//------------------------- | |
//PHP 5.0 -- RESET ME LATER | |
//require_once("include/pf.class.php"); | |
//grab the timestamp from the database | |
//$zulu = new PFmysql( MYSQL_HOST, MYSQL_USER, MYSQL_PASS, MYSQL_DB ); | |
//$zulu->pf_connect(); | |
//$zulu->pf_db_select(); | |
//$zulu->pf_query("SELECT timestamp FROM mdh_com WHERE user ='$username' LIMIT 1"); | |
require_once("db_con.php"); | |
connect_to_db(); | |
$q = mysql_query("SELECT timestamp FROM mdh_com WHERE user='$username' LIMIT 1"); | |
//while( $foo = $zulu->pf_fetchRow() ) | |
while( $foo = mysql_fetch_row($q) ) | |
{ | |
$timestamp = $foo[0]; | |
} | |
if( !isset( $logged_in ) && !isset( $username ) && !isset( $session_id ) ) | |
{ | |
/*they are not logged in so show the log in boxes!*/ | |
//echo "BAD BAD WOLF! <br />"; | |
echo " | |
<form method=\"post\" action=\"login_process.php\"> | |
<table class=\"login\"> | |
<tr> | |
<td >user <input class=\"text\" type=\"text\" name=\"login\" size=\"12\" /></td> | |
<td >pass <input class=\"text\" type=\"password\" name=\"pass\" size=\"12\" /></td> | |
<td > <input class=\"button\" type=\"submit\" name=\"submit\" value=\"login\" /> </td> | |
</tr> | |
</table> | |
</form>"; | |
}else if( isset( $logged_in ) && isset( $username ) && isset( $session_id ) ) | |
{ | |
/*make sure they aren't blank*/ | |
if( ($logged_in != "" || $logged_in != NULL) && ($username !="" || $username != NULL) ) | |
{ | |
//echo "Your username is: " . $username . " and you are logged " . $logged_in . "<br />"; | |
//echo "<H1>Logout here!</H1>"; | |
//echo "session id says: " . $session_id; | |
//GIVE THEM A LOGOUT BUTTON | |
echo "<form method=\"post\" action=\"logout_process.php\"> | |
<table class=\"login\"> | |
<tr> | |
<td >Last log in: <i>$timestamp</i> </td> | |
<td > | |
<input type=\"submit\" class=\"button\" name=\"logout\" value=\"logout\" /> | |
</td> | |
</tr> | |
</table> | |
</form>"; | |
} | |
} | |
?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
session_start(); //start the session | |
/*login to our MySQL database and retrieve our User's login credentials*/ | |
//require_once("include/pf.class.php"); | |
//make sure they gave us something | |
if( empty( $_POST ) ) | |
{ | |
echo "No data was sent!"; | |
exit; | |
} | |
//------------------------- | |
//PHP 5.0 -- RESET ME LATER | |
//new connection | |
//$alpha = new PFmysql( MYSQL_HOST, MYSQL_USER, MYSQL_PASS, MYSQL_DB ); | |
//$alpha->pf_connect(); | |
//$alpha->pf_db_select(); | |
require_once("db_con.php"); | |
/*get the $_POST variables, and sanitize*/ | |
$username = strip_tags( $_POST['login'] ); | |
$password = strip_tags( $_POST['pass'] ); | |
//and hash | |
$md5 = md5($password); | |
//try a query | |
$string = "SELECT * FROM mdh_com WHERE mdh_com.user='$username' AND mdh_com.pass=\"$md5\" LIMIT 1"; | |
//$alpha->pf_query( $string ); | |
connect_to_db(); | |
$q = mysql_query( $string ); | |
// if( $alpha->pf_numRows() < 1 ) | |
// { | |
// echo "User not found. Do you wish to <a href=\"register.php\">register</a>?"; | |
// exit; | |
// } | |
//spit out XHTML | |
// while( $rows = $alpha->pf_fetchRow() ) | |
//if( $alpha->pf_numRows() == 1 ) | |
if( ($rows = mysql_num_rows($q)) == 1 ) | |
{ | |
//setup session variables | |
$_SESSION['logged_in'] = 1; | |
$_SESSION['username'] = $rows[0]; | |
// $_SESSION['timestamp'] = $rows[7]; | |
$_SESSION['session_id'] = md5( $_SERVER['REMOTE_ADDR'] + $rows[1]); | |
} | |
//update their time | |
$time = date("l, d M. Y g:i:s A"); | |
//$alpha->pf_query( "UPDATE mdh_com SET timestamp='$time' WHERE user='$username' "); | |
$update = mysql_query( "UPDATE mdh_com SET timestamp='$time' WHERE user='$username' "); | |
// echo "Click <a href=\"index.php\">here</a> to continue."; | |
header("Location: index.php"); | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment