Support Forums
[Tutorial] - User Authentication - Printable Version

+- Support Forums (https://www.supportforums.net)
+-- Forum: Categories (https://www.supportforums.net/forumdisplay.php?fid=87)
+--- Forum: Coding Support Forums (https://www.supportforums.net/forumdisplay.php?fid=18)
+---- Forum: PHP The Hypertext Preprocessor (https://www.supportforums.net/forumdisplay.php?fid=21)
+---- Thread: [Tutorial] - User Authentication (/showthread.php?tid=4506)



[Tutorial] - User Authentication - Gaijin - 01-25-2010

Introduction:
In this Tutorial, I will try to show you how to create a User Authentication System.
I will use MySql to store user data to and also read from it.. Therefor you need access to a MySql Database. ;)

The script that I will try to teach you with, has functions as;
Sign Up, Login/Logout, Edit Profile, View profile and Administrator functions, Add User, Edit User, Delete User.
And I also decided to put a comment script in here too, your users can write comments on each profiles...
The whole project is split into multiple files, for the sake of better maintance.


Requirements:
  • PHP and MySql enabled Host
  • Basic understainding of PHP
  • You need to know how to create a Table in your Database Big Grin

Files:
  • config.inc.php # this file contains a code which connects to, by $config defined information.
  • index.php # this is our main file which checks for $_GET requests and then includes the right file.
  • signup.php # here we will handle user registrations.
  • login.php # with this file we allow the user to login to hise/her account.
  • admin.php # this file is same as index.php, it is only not avaliable to the public.
  • ucp.php # this file is included when the user wants to edit his/her profile. It shows a simple User control panel.
  • profile.php # with this file we load the requested user and show his/her profile.
  • comment.php # this will handle the comment script, it loads given id and prints out comments for the same.
  • admin/add.php # this file adds a user when requested.
  • admin/edit.php # functions for editing requested user.
  • admin/delete.php # this one is very simple, it just deletes the wanted user.
  • list.php # this is our member list, it will load all members and print them out

Note: I will follow the list above and explain the files in their order..

PART 1: Creating MySql Tables (Click to View)

PART 2: Writing the MySql Connection Script (Click to View)

PART 3: Writing the main Index (Click to View)

PART 4: Writing the Sign Up script (Click to View)

PART 5: Allowing your users to Login (Click to View)

PART 6: Writing the administration Area (Click to View)

PART 7: User Control panel (Click to View)

PART 8: Profile Page (Click to View)

PART 9: The Comment Script (Click to View)

PART 10: Giving the Admin some Powers (Click to View)

PART 11: Creating a Member List (Click to View)

PART 12: Useful Information (Click to View)

I hope this tutoial have showed you how to work with MySql using PHP...
It's 03:23 AM and I'm tired, my keyboard batteries also give up on me, good night and good luck learning...
Blackhat


RE: [Tutorial] - User Authentication - Spl3en - 01-29-2010

Awesome tutorial !!

Your SQL requests can injected (COOKIES and GET), but i guess that security is not the goal of this tutorial...
Keep up the good work MoTU Smile


RE: [Tutorial] - User Authentication - Gaijin - 01-29-2010

(01-29-2010, 01:07 PM)Spl3en Wrote: Awesome tutorial !!

Your SQL requests can injected (COOKIES and GET), but i guess that security is not the goal of this tutorial...
Keep up the good work MoTU Smile

Thanks Spl3en... Big Grin
I left the security away from this, so people can learn by them self... Security isn't a copy & paste thing... while this tutorial can just be that... ;)


RE: [Tutorial] - User Authentication - Spl3en - 01-31-2010

I see what you mean, and i agree Smile
Really good job there Smile


RE: [Tutorial] - User Authentication - Gaijin - 01-31-2010

Thanks man, means alot ;)


RE: [Tutorial] - User Authentication - tacolord455 - 02-05-2010

I got

Warning: require_once(connect.inc.php) [function.require-once]: failed to open stream: No such file or directory in /home/freecomp/public_html/testing/index.php on line 3

Fatal error: require_once() [function.require]: Failed opening required 'connect.inc.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/freecomp/public_html/testing/index.php on line 3

Can you tell me what I did wrong please?


RE: [Tutorial] - User Authentication - Gaijin - 02-05-2010

(02-05-2010, 05:44 AM)tacolord455 Wrote: I got

Warning: require_once(connect.inc.php) [function.require-once]: failed to open stream: No such file or directory in /home/freecomp/public_html/testing/index.php on line 3

Fatal error: require_once() [function.require]: Failed opening required 'connect.inc.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/freecomp/public_html/testing/index.php on line 3

Can you tell me what I did wrong please?

Obviously, you don't have the file connect.inc.php..
Chnage the file config.inc.php to connect.inc.php...
Sorry that was my mistake...


RE: [Tutorial] - User Authentication - tacolord455 - 02-05-2010

Works great now, thanks. Could you do a tut on how to make it more secure now? That would be a huge help.


RE: [Tutorial] - User Authentication - Gaijin - 02-05-2010

(02-05-2010, 12:54 PM)tacolord455 Wrote: Works great now, thanks. Could you do a tut on how to make it more secure now? That would be a huge help.

Sure man, Will be up a day or 2... Check back ;)

Thank you!


RE: [Tutorial] - User Authentication - Unwanted - 04-11-2010

Why are you not escaping your query's to the database that allow the user to add their own text? Tongue