Jump to content
php.lv forumi
Sign in to follow this  
daGrevis

Reģistrēšanās un ielogošanās sistēma

Recommended Posts

Šeit ir reģistrēšanās un ielogošanās sistēma, kurā ir daži "bugiņi", kā piemēram, ka nevar ielogoties [ :D ], un prasu jums, kā to varētu izlabot... Ceru, ka palīdzēsiet, jo viens pats to nevaru, jo ar PHP neesmu tik lielos draugos [ pagaidām ], tap\ec prasu jums... :) Kļūda ir tāda, ka ieejot /login.php, un savadot savus datus, izmet šādu kļūdu - There was an error: , please try again. !

 

MySQL ieraksts

CREATE TABLE `users` (
 `id` INT( 5 ) NOT NULL AUTO_INCREMENT,
 `username` VARCHAR( 20 ) NOT NULL,
 `password` VARCHAR( 32 ) NOT NULL,
 PRIMARY KEY ( `id` )
) TYPE=MyISAM;

 

/functions.php

<?php

function user_register($username, $password)
{
    // Now encrypt the password, using md5;
    $encrypted = md5($password);

    // Store the information in the database;
    $query = "INSERT INTO users (username, password) VALUES ('$username', '$encrypted')";
    mysql_query ($query) or die ('Could not create user!');
}

function user_login($username, $password)
{
    // Try and get the user using the username & encrypted pass
    $query = "SELECT id, username FROM users WHERE username='$username' and password='$password'";
    $result = mysql_query($query);
    $user = mysql_fetch_array($result);
    $numrows = mysql_num_rows($result);

    // Now encrypt the data to be stored in the session
    $encrypted_id = md5($user['id']);
    $encrypted_name = md5($user['username']);

    // Store the data in the session
    $_SESSION['id'] = $id;
    $_SESSION['username'] = $username;
    $_SESSION['encrypted_id'] = $encrypted_id;
    $_SESSION['encrypted_name'] = $encrypted_name;

   if ($numrows == 1)
   {
       return 'Correct';
   }
   else
   {
       return false;
   }
}

function user_logout()
{
    // End the session and unset all vars
    session_unset ();
    session_destroy ();
}

function is_authed()
{
    // Check if the encrypted username is the same
    // as the unencrypted one, if it is, it hasn't been changed
    if (isset($_SESSION['username']) && (md5($_SESSION['username']) == $_SESSION['encrypted_name']))
    {
         return true;
    }
    else
    {
         return false;
    }
}

?>

 

/init.php

<?php

// Start the session
session_start();

// MySQL Settings
$db_host = 'localhost';
$db_user = 'root';
$db_pass = '';
$db_database = 'db';

// Connect to the database
mysql_connect ($db_host, $db_user, $db_pass) or die ('Could not connect to the database.');
mysql_selectdb ($db_database) or die ('Could not select database.');

// Seed the random number generator
srand();

// Include functions
include 'functions.php';

?>

 

/register.php

<?php

// Include init file
include 'init.php';

if (!isset($_POST['submit']))
{
    // Show the form
    include 'register_form.inc.php';
    exit;
}
else
{
    // Check if any of the fields are missing
    if (empty($_POST['username']) || empty($_POST['password']) || empty($_POST['confirmpass']))
    {
         // Reshow the form with an error
         $reg_error = 'One or more fields missing';
         include 'register_form.inc.php';
         exit;
    }

    // Check if the passwords match
    if ($_POST['password'] != $_POST['confirmpass'])
    {
         // Reshow the form with an error
         $reg_error = 'Your passwords do not match';
         include 'register_form.inc.php';
         exit;
    }

    // Everything is ok, register
    user_register ($_POST['username'], md5($_POST['password']));

    echo 'Thank you for registering on our site, <a href="index.php">click here</a> to go back.';

}

?>

 

/register_form.inc.php

<?php if (isset($reg_error)) { ?>
There was an error: <?php echo $reg_error; ?>, please try again.
<?php } ?>
<form action="register.php" method="post">

<b>Username:</b> <input type="text" size="20" maxlength="20" name="username"
<?php if (isset($_POST['username'])) { ?> value="<?php echo $_POST['username']; ?>" <?php } ?>/><br />

<b>Password:</b> <input type="password" size="20" maxlength="10" name="password" /><br />

<b>Confirm Password:</b> <input type="password" size="20" maxlength="10" name="confirmpass" /><br />

<input type="submit" name="submit" value="Register!" />
</form>

 

/login.php

<?php

// Include init file
include 'init.php';

if (!isset($_POST['submit']))
{
    // Show the form
    include 'login_form.inc.php';
    exit;
}
else
{
    // Try and login with the given username & pass
    $result = user_login($_POST['username'], $_POST['password']);

    if ($result != 'Correct')
    {
         // Reshow the form with the error
         $login_error = $result;
         include 'login_form.inc.php';
    }
    else
    {
         echo 'Thank you for logging in, <a href="index.php">click here</a> to go back.';
    }
}

?>

 

/login_form.inc.php

<?php if (isset($reg_error)) { ?>
There was an error: <?php echo $reg_error; ?>, please try again.
<?php } ?>
<form action="register.php" method="post">

<b>Username:</b> <input type="text" size="20" maxlength="20" name="username"
<?php if (isset($_POST['username'])) { ?> value="<?php echo $_POST['username']; ?>" <?php } ?>/><br />

<b>Password:</b> <input type="password" size="20" maxlength="10" name="password" /><br />

<b>Confirm Password:</b> <input type="password" size="20" maxlength="10" name="confirmpass" /><br />

<input type="submit" name="submit" value="Register!" />
</form>

 

/index.php

<?php

include 'init.php';

if (!is_authed())
{
    die ('You are not permitted to view this page!');
}

?>

All works!

 

Ceru, ka palīdzēsiet... ;)

Share this post


Link to post
Share on other sites

Problēma ir tajā, ka no login.php tiek izsaukts:

$result = user_login($_POST['username'], $_POST['password']);

bet DB tiek glabāts md5 no paroles, tādēļ vajadzētu sākt ar šo:

$result = user_login($_POST['username'], md5($_POST['password']));

Share this post


Link to post
Share on other sites
Sign in to follow this  

×
×
  • Create New...