Jump to content


Check out our Community Blogs

Register and join over 40,000 other developers!


Recent Status Updates

View All Updates

Photo
* * * * * 3 votes

Creating A Simple Yet Secured Login/registration With Php5

encryption registration login

  • Please log in to reply
113 replies to this topic

#109 RichardBuchanan

RichardBuchanan

    CC Lurker

  • Just Joined
  • Pip
  • 1 posts

Posted 29 December 2014 - 11:51 AM

Thanks for the PDO code (I've been looking for something like this for several years!)

Now, can you guys show me how to log out (Smile).

I'm ready to create some web pages.

HTML is a piece of cake, but I have always ran into problems when it came to PHP registration and authentication (I can always use some someone else page-with modifications of course (Laugh).

I think that I might have found the right web site that can teach me what I need to know...?


  • 0

#110 Alexander

Alexander

    YOL9

  • Moderator
  • 3963 posts
  • Location:Vancouver, Eh! Cleverness: 200
  • Programming Language:C, C++, PHP, Assembly

Posted 30 December 2014 - 10:48 PM

 

Now, can you guys show me how to log out (Smile).

 

Log out? The session can be unset/destroyed in the appropriate logout page you desire:

i.e.

<?php
// Initialize the session.
session_start();

// Unset all of the session variables.
$_SESSION = array();

// Invalidate the current session cookie to prevent further requests of the same session
if (ini_get("session.use_cookies")) {
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000,
        $params["path"], $params["domain"],
        $params["secure"], $params["httponly"]
    );
}

// Remove the associated session data
session_destroy();

//You can redirect them from this point on to, say, a thank you, home or log-in page.
?>

  • 0

All new problems require investigation, and so if errors are problems, try to learn as much as you can and report back.


#111 frankball8

frankball8

    CC Lurker

  • Just Joined
  • Pip
  • 2 posts

Posted 06 April 2015 - 05:41 AM

The insert function is working fine, it inserts into the table and puts in the encrypted password, but I am having trouble getting the login to work!

 

This is the class code that I modified slightly:

 

<?php


 class Users {
public $username = null;
public $password = null;
public $salt = "Zo4rU5Z1YyKJAASY0PT6EUg7BBYdlEhPaNLuxAwU8lqu1ElzHv0Ri7EM6irpx5w";


public function __construct( $data = array() ) {
if( isset( $data['username'] ) ) $this->username = stripslashes( strip_tags( $data['username'] ) );
if( isset( $data['password'] ) ) $this->password = stripslashes( strip_tags( $data['password'] ) );
}


public function storeFormValues($postvars) {
//store the parameters
$this->__construct($postvars); 
}


public function userLogin() {


$success = false;


try{
$hostname = "localhost";
$dbname = "customertest";
$user = "user";
$pw = "root";
$connstr = "mysql:host=$hostname;dbname=$dbname";
$conn = new PDO($connstr,$user,$pw); 
$conn->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
$sql = "SELECT * FROM employeetest WHERE login = :username AND password = :password LIMIT 1";


$stmt = $conn->prepare( $sql );
$stmt->bindValue( "username", $this->username, PDO::PARAM_STR );
$stmt->bindValue( "password", hash("sha256", $this->password . $this->salt), PDO::PARAM_STR );
$stmt->execute();


$valid = $stmt->fetchColumn();


if( $valid ) {
$success = true;
}


$conn = null;
return $success;
} #end try
catch (PDOException $e) {
echo $e->getMessage();
return $success;
}
}


public function register() {
$correct = false;
try {
$hostname = "localhost";
$dbname = "customertest";
$user = "user";
$pw = "root";
$connstr = "mysql:host=$hostname;dbname=$dbname";
$conn = new PDO($connstr,$user,$pw); 
$conn->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
$sql = "INSERT INTO employeetest(login, password) VALUES(:username, :password)";


$stmt = $conn->prepare( $sql );
$stmt->bindValue( "username", $this->username, PDO::PARAM_STR );
$stmt->bindValue( "password", hash("sha256", $this->password . $this->salt), PDO::PARAM_STR );
$stmt->execute();
return "Registration Successful <br/> <a href='index.php'>Login Now</a>";
}
catch( PDOException $e ) {
return $e->getMessage();
}
}


 }


?>
 
 
I don't know why he uses fetchColumn instead of fetchAll...but yeah, I'm really stuck, and I've looked over the whole thing maybe twenty times.

Edited by frankball8, 06 April 2015 - 05:42 AM.

  • 0

#112 DwayneThompson

DwayneThompson

    CC Lurker

  • Just Joined
  • Pip
  • 1 posts

Posted 05 May 2015 - 04:19 PM

Hi,

Your code is magnanimously nice and wonderful!
But there is one problem with the code - it does not run on my web server.
I am using php version 5.4 and Apache version 2.3.14.
Could this be the problem?

I use dreamweaver to design my pages - on the design view, the content and css arrangement are very neat. But on the web browser, when I fill in the form to login, the page clears and displays the comment '//if user did not click the login button show the login form'
No error messages!

I do not know how to figure this out!

Please could you help?

Thank you!

Please find attached files.
NB: changes are: /css/style2.css; /register2.php(instead of register.php); /login2.php(instead of index.php);
username field in db is userName;
password field in db is passWord;
database is 'test';
table is 'users';

 

I realize this thread is a bit old but still looks useful. Did not see a reply to your post regarding the registration page. I did find that when I copied the code from the tutorial and pasted it into the file that the comment at the top was not inside the open php tag 

//if user did not click registration button show the registration field.
<?php if( !(isset( $_POST['register'] ) ) ) { ?>
Instead it should look like this 
 
<?php //if user did not click registration button show the registration field.
     if( !(isset( $_POST['register'] ) ) ) { 
?>

  • 0

#113 Codin

Codin

    CC Lurker

  • Just Joined
  • Pip
  • 1 posts

Posted 31 August 2015 - 12:48 PM

Great login and register tutorial and found it to be very helpful. I have been researching the internet trying to find a way to create a OOP PHP logout script which would work with the user class you have created. And now since I have joined the forum I see that you showed how to do a logout. And again great tutorial thanks.


Edited by Codin, 31 August 2015 - 01:03 PM.

  • 0

#114 King3D4

King3D4

    CC Lurker

  • Just Joined
  • Pip
  • 1 posts

Posted 19 October 2015 - 07:09 AM

how do i see what version of php do i use  :biggrin:  :biggrin:  :biggrin:  :biggrin:  :confused:  :confused:  :confused:  :confused:


  • 0





Also tagged with one or more of these keywords: encryption, registration, login