Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[Tutorial] - User Authentication
#1
Introduction:
In this Tutorial, I will try to show you how to create a User Authentication System.
I will use MySql to store user data to and also read from it.. Therefor you need access to a MySql Database. ;)

The script that I will try to teach you with, has functions as;
Sign Up, Login/Logout, Edit Profile, View profile and Administrator functions, Add User, Edit User, Delete User.
And I also decided to put a comment script in here too, your users can write comments on each profiles...
The whole project is split into multiple files, for the sake of better maintance.


Requirements:
  • PHP and MySql enabled Host
  • Basic understainding of PHP
  • You need to know how to create a Table in your Database Big Grin

Files:
  • config.inc.php # this file contains a code which connects to, by $config defined information.
  • index.php # this is our main file which checks for $_GET requests and then includes the right file.
  • signup.php # here we will handle user registrations.
  • login.php # with this file we allow the user to login to hise/her account.
  • admin.php # this file is same as index.php, it is only not avaliable to the public.
  • ucp.php # this file is included when the user wants to edit his/her profile. It shows a simple User control panel.
  • profile.php # with this file we load the requested user and show his/her profile.
  • comment.php # this will handle the comment script, it loads given id and prints out comments for the same.
  • admin/add.php # this file adds a user when requested.
  • admin/edit.php # functions for editing requested user.
  • admin/delete.php # this one is very simple, it just deletes the wanted user.
  • list.php # this is our member list, it will load all members and print them out

Note: I will follow the list above and explain the files in their order..

PART 1: Creating MySql Tables (Click to View)

PART 2: Writing the MySql Connection Script (Click to View)

PART 3: Writing the main Index (Click to View)

PART 4: Writing the Sign Up script (Click to View)

PART 5: Allowing your users to Login (Click to View)

PART 6: Writing the administration Area (Click to View)

PART 7: User Control panel (Click to View)

PART 8: Profile Page (Click to View)

PART 9: The Comment Script (Click to View)

PART 10: Giving the Admin some Powers (Click to View)

PART 11: Creating a Member List (Click to View)

PART 12: Useful Information (Click to View)

I hope this tutoial have showed you how to work with MySql using PHP...
It's 03:23 AM and I'm tired, my keyboard batteries also give up on me, good night and good luck learning...
Blackhat
Reply
#2
Awesome tutorial !!

Your SQL requests can injected (COOKIES and GET), but i guess that security is not the goal of this tutorial...
Keep up the good work MoTU Smile
Reply
#3
(01-29-2010, 01:07 PM)Spl3en Wrote: Awesome tutorial !!

Your SQL requests can injected (COOKIES and GET), but i guess that security is not the goal of this tutorial...
Keep up the good work MoTU Smile

Thanks Spl3en... Big Grin
I left the security away from this, so people can learn by them self... Security isn't a copy & paste thing... while this tutorial can just be that... ;)
Reply
#4
I see what you mean, and i agree Smile
Really good job there Smile
Reply
#5
Thanks man, means alot ;)
Reply
#6
I got

Warning: require_once(connect.inc.php) [function.require-once]: failed to open stream: No such file or directory in /home/freecomp/public_html/testing/index.php on line 3

Fatal error: require_once() [function.require]: Failed opening required 'connect.inc.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/freecomp/public_html/testing/index.php on line 3

Can you tell me what I did wrong please?
Reply
#7
(02-05-2010, 05:44 AM)tacolord455 Wrote: I got

Warning: require_once(connect.inc.php) [function.require-once]: failed to open stream: No such file or directory in /home/freecomp/public_html/testing/index.php on line 3

Fatal error: require_once() [function.require]: Failed opening required 'connect.inc.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/freecomp/public_html/testing/index.php on line 3

Can you tell me what I did wrong please?

Obviously, you don't have the file connect.inc.php..
Chnage the file config.inc.php to connect.inc.php...
Sorry that was my mistake...
Reply
#8
Works great now, thanks. Could you do a tut on how to make it more secure now? That would be a huge help.
Reply
#9
(02-05-2010, 12:54 PM)tacolord455 Wrote: Works great now, thanks. Could you do a tut on how to make it more secure now? That would be a huge help.

Sure man, Will be up a day or 2... Check back ;)

Thank you!
Reply
#10
Why are you not escaping your query's to the database that allow the user to add their own text? Tongue
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  [Guide] A Different Approach To Authentication Disease 5 2,102 12-06-2010, 01:20 AM
Last Post: Chimi
  User Management Script - User Cake Support 9 5,612 05-13-2010, 03:21 PM
Last Post: Julie

Forum Jump:


Users browsing this thread: 7 Guest(s)