Black Rose
Heehee ^_^
- 39
- Posts
- 15
- Years
- Somewhere, over the rainbow . . .
- Seen Nov 23, 2008
^_^ I was bored, so I figured I might as well put my scripting knowledge to use :)
These are free to use, and you don't have to give credit. You can if you want ^_^ but I don't require it :) A simple thanks here would suffice =D
Full Scripts
Login Script:
Registration Script (improved security and validation):
Functions:
Validate form
To call simply use:
I'll add more as soon as I can think of them. ^_^ Possibly even some independent functions =D
~BR
Thanks to /*.Ooka.*/ for the awesome security improvements =D
These are free to use, and you don't have to give credit. You can if you want ^_^ but I don't require it :) A simple thanks here would suffice =D
.
Full Scripts
Login Script:
Spoiler:
PHP:
<?php
if (!mysql_connect("localhost","database_username","db_user_password")){
die(mysql_error());
}
if (!mysql_select_db("database_name")){
die(mysql_error());
}
?>
<form method="post" action="login.php">
Username: <input type="text" name="username" /><br />
Password: <input type="password" name="password" /><br />
<input type="submit" name="login" value="Login" />
</form>
<?php
if(isset($_POST['login'])){
$query = "SELECT * FROM users WHERE username='".$_POST['username']."'";
$array = mysql_query($query);
$user = mysql_fetch_array($array);
if ($user['password'] == md5($_POST['password'])){
print "Successfully logged in! Redirecting . . .";
header("Location: index.php");
} else {
print "Wrong username/password!";
}
}
?>
Registration Script (improved security and validation):
Spoiler:
PHP:
<?php
if (!mysql_connect("localhost","database_username","db_user_password")){
die(mysql_error());
}
if (!mysql_select_db("database_name")){
die(mysql_error());
}
?>
<form method="post" action="register.php">
Desired Username: <input type="text" name="username" /><br />
Password: <input type="password" name="password1" id="password1" /><br />
Confirm Password: <input type="password" name="password2" id="password2" /><br />
<input type="submit" name="submit" value="Register" id="submit" />
</form>
<?php
if (isset($_POST['submit'])){
if($_POST['password1']!=$_POST['password2']){
$error = "Your passwords do not match!<br />";
}
if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $_POST['email'])) {
print "<br />";
} else {
$error .= "The email address you entered is not valid!<br />";
}
$query1 = "SELECT * FROM users WHERE username='".$username."'";
$usercheck = mysql_query($query1);
if ($usercheck['username']==$_POST['username']){
$error .= "The username you chose has already been taken!<br />";
}
if ($error){
print "<div style='border:1px solid #3366AA;background-color:#88CCFF;width:72%;color:#3366AA'>";
print $error;
print "</div>";
die();
}
$query = "SELECT * FROM users WHERE username='".$_POST['username']."'";
$array = mysql_query($query);
$user = mysql_fetch_array($array);
if($user['username'] != '' || $user['username'] != 0){
$errormsg += "<b>That username is already taken!</b><br />";
$error = 1;
}
if ($error >0){
die("You have one or more errors that need your attention!");
} else {
protect($_POST['username']);
protect($_POST['password1']);
$query = "INSERT INTO users (username, password) VALUES ('".$_POST['username']."','".md5($_POST['password1'])."')";
if (!mysql_query($query)){
die(mysql_error());
} else {
print "Registered successfully! Redirecting . . . ";
header("Location: login.php");
}
}
}
function protect ($string){
$string = mysql_real_escape_string($string);
$string = strip_tags($string);
$string = addslashes($string);
return $string;
}
?>
.
Functions:
Validate form
Spoiler:
To call simply use:
PHP:
validate($_POST['username'],$_POST['password1'],$_POST['password2'],$_POST['email']);
PHP:
function validate($user,$pass1,$pass2,$email){
if ($pass1 != $pass2){
$error .= "The passwords you entered do not match.<br />";
}
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
$error .= "The email you entered is not valid.<br />";
}
if($error==""){
register($user,$pass1,$email);
} else {
die ("You have the following errors to correct before continuing:<br /><br />".$error);
}
}
I'll add more as soon as I can think of them. ^_^ Possibly even some independent functions =D
~BR
.
Thanks to /*.Ooka.*/ for the awesome security improvements =D
Last edited: