You are on page 1of 3

Sign-up & Log-in Script (PHP Code)

First we'll create an include file for the connection info, which will save us from having it
separately in each script. Paste the following into a file called "config.php"

<?php
$server = "localhost"; // server to connect to.
$database = "mydata"; // the name of the database.
$db_user = "myusername"; // mysql username to access the database with.
$db_pass = "mypassword"; // mysql password to access the database with.
$table = "users"; // the table that this script will set up and use.
?>

You'll need to create the user table on your database to store the info in. To do so, paste the
following into a file called "create.php". Then upload both create.php and config.php, and
point your browser to create.php.

<?php
include ("config.php");

// connect to the mysql server


$link = mysql_connect($server, $db_user, $db_pass)
or die ("Could not connect to mysql because ".mysql_error());

// select the database


mysql_select_db($database)
or die ("Could not select database because ".mysql_error());

// create table on database


$create = "create table $table (
id smallint(5) NOT NULL auto_increment,
username varchar(30) NOT NULL,
password varchar(32) NOT NULL,
PRIMARY KEY (id),
UNIQUE KEY username (username)
);";

mysql_query($create)
or die ("Could not create tables because ".mysql_error());
echo "Complete.";
?>

Now you'll need to create your user signup form. This can be a regular HTML page that
simply points to your PHP script. It should look like this:

<html><head>
<title>User Registration</title>
</head><body>
<form action="register.php" method="post">

Pick a Username: <input type="text" name="username" size="20"><br>


Pick a Password: <input type="password" name="password" size="20"><br>
<input type="submit" value="Sign Up">
</form>
</body></html>

Then, create a file called register.php, or whatever you pointed the form to, and put this
code in it:

<?php

include("config.php");

// connect to the mysql server


$link = mysql_connect($server, $db_user, $db_pass)
or die ("Could not connect to mysql because ".mysql_error());

// select the database


mysql_select_db($database)
or die ("Could not select database because ".mysql_error());

// check if the username is taken


$check = "select id from $table where username = '".$_POST['username']."';";
$qry = mysql_query($check) or die ("Could not match data because ".mysql_error());
$num_rows = mysql_num_rows($qry);
if ($num_rows != 0) {
echo "Sorry, there the username $username is already taken.<br>";
echo "<a href=register.html>Try again</a>";
exit;
} else {

// insert the data


$insert = mysql_query("insert into $table values ('NULL', '".$_POST['username']."',
'".$_POST['password']."')")
or die("Could not insert data because ".mysql_error());

// print a success message


echo "Your user account has been created!<br>";
echo "Now you can <a href=login.html>log in</a>";
}

?>

Now the log-in page, another HTML page pointing to another PHP script:

<html><head>
<title>User Registration</title>
</head><body>

<form action="login.php" method="post">

Username: <input type="text" name="username" size="20"><br>


Password: <input type="password" name="password" size="20"><br>
<input type="submit" value="Log In">
</form>

</body></html>
The log-in script that the above form points to:
<?php
include("config.php");

// connect to the mysql server


$link = mysql_connect($server, $db_user, $db_pass)
or die ("Could not connect to mysql because ".mysql_error());

// select the database


mysql_select_db($database)
or die ("Could not select database because ".mysql_error());

$match = "select id from $table where username = '".$_POST['username']."'


and password = '".$_POST['password']."';";

$qry = mysql_query($match)
or die ("Could not match data because ".mysql_error());
$num_rows = mysql_num_rows($qry);

if ($num_rows <= 0) {
echo "Sorry, there is no username $username with the specified password.<br>";
echo "<a href=login.html>Try again</a>";
exit;
} else {

setcookie("loggedin", "TRUE", time()+(3600 * 24));


setcookie("mysite_username", "$username");
echo "You are now logged in!<br>";
echo "Continue to the <a href=members.php>members</a> section.";
}
?>

The check cookie function on all pages in the member's area, to make sure they're logged
in:

<?php if (!isset($_COOKIE['loggedin'])) die("You are not logged in!


log in");
$mysite_username = $HTTP_COOKIE_VARS["mysite_username"];
echo "you are logged in as $mysite_username.
"; ?>

And finally, the log out script, which can just be pointed to with a regular link:

<?php

// expire cookie
setcookie ("loggedin", "", time() - 3600);

echo "You are now logged out.<br>";


echo "<a href=\"login.html\">Log in</a>.";

?>