If you learn the language properly you shouldn't need a tutorial for every single thing you want to do
I don't think it's really the language you need to learn. once you've done some beginner tutorials and you're comfortable with the different concepts associated with the web (thinking sessions, post, get, cookies) and what they're useful for, then it'll just come naturally.
@Butters - rest of this post. Don't take the term 'database-driven' lightly - it doesn't just mean that your application utilises a database - the whole design of your app should be reflected in your database. I'll use your login example to show how you might (simply) go about creating a login script and I'll do it using procedural concepts rather than OOP as I think it might be pushing you further into the deep end.
so, the main focus of your login from a data point of view is the user. Things you should be asking yourself are: how many types of user are there? what information do you want to know about the user?
in your case, you seem to be after a normal user and an admin user (which I'm guessing is you, even though it's irrelevant really) - in which case, as Mr Jestar said, a single field in your database which acts as a boolean (true/false switch) telling you that the admin value for that user is true or false. obviously, you'll also need a username (this can act as a primary key, as you should have a unique username for each user. you'll also need a password (passwords are such a big can of worms, it's not even funny), and just for the hell of it, you might want to know the date they joined, the last time they logged in and an email address. your users database should now look a little like this (format for each line is fieldname - type):
Code:
users
username - primary key (varchar(255))
password - varchar(255)
email - varchar(255)
date_joined - datetime
last_login - datetime
admin - tinyint(1)
now that you've got your user data set up, you'll be needing to think about what you do with the data. you'll be wanting a page that the user logs in. this will contain a form that uses post as a method and a blank (but set) action. your form tag should look a little like:
Code:
<form action="" method="post">
there you'll have 3 types of html input - text, password and submit:
Code:
<input type='text' name='username' />
<input type='password' name='password' />
<input type='submit' value='login' />
the 'name' attribute is important, because once you've submitted the form, the data from the field is sent to PHP in the form of $_POST - your username input data will become $_POST['username'].
now that your login form is set up, comes the PHP. because the action attribute of the form is blank, the page will 'refresh', and send the form data to itself, so you need to set some PHP at the top of the same page to catch all this data and use it. the format of your page should look something like this:
Code:
<?php
//the place you catch your post data
//you might want to set conditions here to check if the user is
//already logged in
?>
<!-- the html to create your form !>
I'm guessing that you know a little about sessions - but basically, they store information about a user whilst they are on your site. it is an array that you can set and access by using $_SESSION. to be able to use sessions, you need to have the following code at the top of EACH PAGE that you want session data to be available in
so, your user has given you some data from a form, and you want to check if there's anyone in your database that matches those credentials - I've seen in 1 of your threads that you know how to run a mysql query - so you'll want to run something along the lines of:
Code:
SELECT *
FROM users
WHERE username = {posted user data} AND password = {posted password}
it's important to mention at this point (though somewhat of a digression at this point) that your data needs to be escaped to prevent SQL injection - any data from $_POST (and $_GET, but that's irrelevant now) that you put in a mysql query needs to be sanitised:
Code:
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
if you've set up your database correctly, the query you ran will only ever match one user. Running this query will return an array that will either be empty or contain 1 element, so you can check a user's credentials thus:
Code:
if (count($db_result) === 1) { //posted data matched a user
//set user session data
} else {
//something to do if username and password didn't match a user
}
now you know whether a user's email and password were correct, all that's left is to set their $_SESSION variable so that you can quickly check if they're logged in, without having to get them to login on every oage!
Code:
if (count($db_result) === 1) { //posted data matched a user
$_SESSION['logged_in'] = true;
header('Location: index.php');
} else {
echo 'Your email and/or password were incorrect - you're welcome to try again';
}
if their username and pasword matched, their session is set and they're sent to index.php where you can do whatever you want with them!
a little code you can put in your pages to check if a user's logged in will be:
Code:
session_start();
if (!array_key_exists('logged_in',$_SESSION)) {
//user is not logged in - do something - maybe slap them.
}
I think that should just be it. I've really waffled on, but I'm bored! feel free, anyone, to pick holes in this - I'm sure there are plenty, but bear in mind that this is a simple tutorial to help Butters. Hope it does
just re-read this, and it seems a bit condescending - sorry about that
you never listened to me when I recommended tutorials. I'm hurt. HURT!