113 replies to this topic

[RichardBuchanan]

Thanks for the PDO code (I've been looking for something like this for several years!)

Now, can you guys show me how to log out (Smile).

I'm ready to create some web pages.

HTML is a piece of cake, but I have always ran into problems when it came to PHP registration and authentication (I can always use some someone else page-with modifications of course (Laugh).

I think that I might have found the right web site that can teach me what I need to know...?

[Alexander]

 

Now, can you guys show me how to log out (Smile).

 

Log out? The session can be unset/destroyed in the appropriate logout page you desire:

i.e.

<?php
// Initialize the session.
session_start();

// Unset all of the session variables.
$_SESSION = array();

// Invalidate the current session cookie to prevent further requests of the same session
if (ini_get("session.use_cookies")) {
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000,
        $params["path"], $params["domain"],
        $params["secure"], $params["httponly"]
    );
}

// Remove the associated session data
session_destroy();

//You can redirect them from this point on to, say, a thank you, home or log-in page.
?>

[frankball8]

The insert function is working fine, it inserts into the table and puts in the encrypted password, but I am having trouble getting the login to work!

 

This is the class code that I modified slightly:

 

<?php


 class Users {
public $username = null;
public $password = null;
public $salt = "Zo4rU5Z1YyKJAASY0PT6EUg7BBYdlEhPaNLuxAwU8lqu1ElzHv0Ri7EM6irpx5w";


public function __construct( $data = array() ) {
if( isset( $data['username'] ) ) $this->username = stripslashes( strip_tags( $data['username'] ) );
if( isset( $data['password'] ) ) $this->password = stripslashes( strip_tags( $data['password'] ) );
}


public function storeFormValues($postvars) {
//store the parameters
$this->__construct($postvars); 
}


public function userLogin() {


$success = false;


try{
$hostname = "localhost";
$dbname = "customertest";
$user = "user";
$pw = "root";
$connstr = "mysql:host=$hostname;dbname=$dbname";
$conn = new PDO($connstr,$user,$pw); 
$conn->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
$sql = "SELECT * FROM employeetest WHERE login = :username AND password = :password LIMIT 1";


$stmt = $conn->prepare( $sql );
$stmt->bindValue( "username", $this->username, PDO::PARAM_STR );
$stmt->bindValue( "password", hash("sha256", $this->password . $this->salt), PDO::PARAM_STR );
$stmt->execute();


$valid = $stmt->fetchColumn();


if( $valid ) {
$success = true;
}


$conn = null;
return $success;
} #end try
catch (PDOException $e) {
echo $e->getMessage();
return $success;
}
}


public function register() {
$correct = false;
try {
$hostname = "localhost";
$dbname = "customertest";
$user = "user";
$pw = "root";
$connstr = "mysql:host=$hostname;dbname=$dbname";
$conn = new PDO($connstr,$user,$pw); 
$conn->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
$sql = "INSERT INTO employeetest(login, password) VALUES(:username, :password)";


$stmt = $conn->prepare( $sql );
$stmt->bindValue( "username", $this->username, PDO::PARAM_STR );
$stmt->bindValue( "password", hash("sha256", $this->password . $this->salt), PDO::PARAM_STR );
$stmt->execute();
return "Registration Successful <br/> <a href='index.php'>Login Now</a>";
}
catch( PDOException $e ) {
return $e->getMessage();
}
}


 }


?>

 

 

I don't know why he uses fetchColumn instead of fetchAll...but yeah, I'm really stuck, and I've looked over the whole thing maybe twenty times.

Edited by frankball8, 06 April 2015 - 05:42 AM.

[DwayneThompson]

Hi,

Your code is magnanimously nice and wonderful!
But there is one problem with the code - it does not run on my web server.
I am using php version 5.4 and Apache version 2.3.14.
Could this be the problem?

I use dreamweaver to design my pages - on the design view, the content and css arrangement are very neat. But on the web browser, when I fill in the form to login, the page clears and displays the comment '//if user did not click the login button show the login form'
No error messages!

I do not know how to figure this out!

Please could you help?

Thank you!

Please find attached files.
NB: changes are: /css/style2.css; /register2.php(instead of register.php); /login2.php(instead of index.php);
username field in db is userName;
password field in db is passWord;
database is 'test';
table is 'users';

 

I realize this thread is a bit old but still looks useful. Did not see a reply to your post regarding the registration page. I did find that when I copied the code from the tutorial and pasted it into the file that the comment at the top was not inside the open php tag 

//if user did not click registration button show the registration field.
<?php if( !(isset( $_POST['register'] ) ) ) { ?>

Instead it should look like this 

 

<?php //if user did not click registration button show the registration field.
     if( !(isset( $_POST['register'] ) ) ) { 
?>

[Codin]

Great login and register tutorial and found it to be very helpful. I have been researching the internet trying to find a way to create a OOP PHP logout script which would work with the user class you have created. And now since I have joined the forum I see that you showed how to do a logout. And again great tutorial thanks.

Edited by Codin, 31 August 2015 - 01:03 PM.

[King3D4]

how do i see what version of php do i use