PHP login script

_TubbZ_

_TubbZ_

_TubbZ_

Associate
Joined
30 Jun 2009
Posts
405
Hello,

I have been asked to make a website (which is something i never have really done) for someone and they would like a login feature along with a million others! I am writing it in PHP and there must be decent login script out there which will save me the hassle and testing. Does anyone have any recommendations?

Plus any other cool libraries that you like to use :)

Oh and as i don't think i am going earn too much from this project i really will only want to use free scripts and libraries.
 
you could use this one below, however the use of security cover in this is quite.... well anyway; I would look into implementing some basic security functionality into it, minus the already used strip slashes, it's not the best but it'll do for a very small project and I HIGHLY RECOMMEND upgrading it and changing it about a bit.

I can't remember where this was taken from but it was in my file where I saved all those php tutorials when I was starting out haha!

PHP: 
<?php
$host="localhost"; // Host name 
$username="entersomething"; // Mysql username 
$password="entersomething"; // Mysql password 
$db_name="entersomething"; // Database name 
$tbl_name="entersomething"; // Table name 
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:page.php");
}
else {
echo "Wrong Username or Password";
}
?>
 
black-ops said:
you could use this one below, however the use of security cover in this is quite.... well anyway; I would look into implementing some basic security functionality into it, minus the already used strip slashes, it's not the best but it'll do for a very small project and I HIGHLY RECOMMEND upgrading it and changing it about a bit.

I can't remember where this was taken from but it was in my file where I saved all those php tutorials when I was starting out haha!

PHP: 
<?php
$host="localhost"; // Host name 
$username="entersomething"; // Mysql username 
$password="entersomething"; // Mysql password 
$db_name="entersomething"; // Database name 
$tbl_name="entersomething"; // Table name 
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:page.php");
}
else {
echo "Wrong Username or Password";
}
?>
Click to expand...

You shouldn't use stripslashes on input without first checking for Magic Quotes.
 
black-ops said:
you could use this one below, however the use of security cover in this is quite.... well anyway; I would look into implementing some basic security functionality into it, minus the already used strip slashes, it's not the best but it'll do for a very small project and I HIGHLY RECOMMEND upgrading it and changing it about a bit.

I can't remember where this was taken from but it was in my file where I saved all those php tutorials when I was starting out haha!

PHP: 
<?php
$host="localhost"; // Host name 
$username="entersomething"; // Mysql username 
$password="entersomething"; // Mysql password 
$db_name="entersomething"; // Database name 
$tbl_name="entersomething"; // Table name 
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:page.php");
}
else {
echo "Wrong Username or Password";
}
?>
Click to expand...


Session_register is depreciated: http://php.net/manual/en/function.session-register.php
 
You must log in or register to reply here.
Back
Top Bottom