Post: [TUT] [PHP + MYSQL] Registeration + login form
Options
10-25-2010, 01:03 AM
#1
Securing_Bravo
~ The Graphics Room ~
Note : I have not made this.I was surfing on the internet and got this...thought it was usefull therefore posted it here.
We have to make some difference files here.. So I hope you know the basics of webcoding.. And MySQL database since we have to make some tables..
We need this!
- A registration form
- A login form
- Backend to registration form
- Backend to login form
4 files.
We are going to start with the easiest files which are the 2 html forms. Since these forms are basic html, I'm not going to explain what is happening. If anyone really need some help here, tell me.
The first form we are going to make is the registration form.
To this we need notepad. A tool every windows have. Before we begin, save it as "registration.html"
We have to make 4 input boxes named: name, email, username & password. Here is my setup:
<form name="login" method="post" action="register.php">
<table border="0" width="225" align="center">
<tr>
<td width="219" bgcolor="#999999">
<p align="center"><font color="white"><span style="font-size:12pt;"><b>Registration</b></span></font></p>
</td>
</tr>
<tr>
<td width="219">
<table border="0" width="282" align="center">
<tr>
<td width="116"><span style="font-size:10pt;">Name:</span></td>
<td width="156"><input type="text" name="name" maxlength="100"></td>
</tr>
<tr>
<td width="116"><span style="font-size:10pt;">Email:</span></td>
<td width="156"><input type="text" name="email" maxlength="100"></td>
</tr>
<tr>
<td width="116"><span style="font-size:10pt;">Username:</span></td>
<td width="156"><input type="text" name="username"></td>
</tr>
<tr>
<td width="116"><span style="font-size:10pt;">Password:</span></td>
<td width="156"><input type="password" name="password"></td>
</tr>
<tr>
<td width="116"> </td>
<td width="156">
<p align="right"><input type="submit" name="submit" value="Submit"></p>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td width="219" bgcolor="#999999"> </td>
</tr>
</table>
</form>
That was the registration form..
Now, create a new file and name this on login.html. Only 2 boxes are needed here: username & password.
<form name="login" method="post" action="login.php">
<table border="0" width="225" align="center">
<tr>
<td width="219" bgcolor="#999999">
<p align="center"><font color="white"><span style="font-size:12pt;"><b>Login</b></span></font></p>
</td>
</tr>
<tr>
<td width="219">
<table border="0" width="220" align="center">
<tr>
<td width="71"><span style="font-size:10pt;">Username:</span></td>
<td width="139"><input type="text" name="username"></td>
</tr>
<tr>
<td width="71"><span style="font-size:10pt;">Password:</span></td>
<td width="139"><input type="password" name="password"></td>
</tr>
<tr>
<td width="71"> </td>
<td width="139">
<p align="right"><input type="submit" name="submit" value="Submit"></p>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td width="219" bgcolor="#999999"><font color="white">Not Registered? </font><a href="register.html" target="_self"><font color="white">Register</font></a><font color="white"> </font><b><i><font color="white">Now!</font></i></b></td>
</tr>
</table>
</form>
(Remember to save both)
That was the forms.. Now we will setup the tables in MySQL..
Make it look like this:
CREATE TABLE users (
userid int(25) NOT NULL auto_increment,
name varchar(25) NOT NULL default '',
email varchar(255) NOT NULL default '',
username varchar(25) NOT NULL default '',
password varchar(255) NOT NULL default '',
PRIMARY KEY (userid),
UNIQUE KEY username (username)
) TYPE=MyISAM COMMENT='Members';
Tell if you need help..
Now we are going to create the registration.php
Create that file in notepad, and save..
This will work with the databases and registration.htm page.
The first thing we will need to do is connect to our database.
//Database Information
$dbhost = "localhost";
$dbname = "your database name";
$dbuser = "username";
$dbpass = "yourpass";
//Connect to database
mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());
Now that the script can connect to the database, it needs to collect all the information from the .html form.
$name = $_POST['name'];
$email = $_POST['email'];
$username = $_POST['username'];
$password = $_POST['password'];
Now it will work.. But what is a site without secure..
That means that you , and everyone else that opens the database can see every password, username, mail and so on..
So what we do now is to make it encrypt the info using md5. How great.
We will need to change the above to:
$name = $_POST['name'];
$email = $_POST['email'];
$username = $_POST['username'];
$password = md5($_POST['password']);
Can you see the difference.. Good..
Now, we need to add a code to be sure not getting mass bugs.. Like if all users used the same name.. That would be a perfect bug, or not..
So lets add a code that checks the database for if the chosen username is taken..
$checkuser = mysql_query("SELECT username FROM users WHERE username='$username'");
$username_exist = mysql_num_rows($checkuser);
if($username_exist > 0){
echo "I'm sorry but the username you specified has already been taken. Please pick another one.";
unset($username);
include 'register.html';
exit();
}
Now, we will do so it will tell that the user have successfully registered.
$query = "INSERT INTO users (name, email, username, password)
VALUES('$name', '$email', '$username', '$password'
";
mysql_query($query) or die(mysql_error());
mysql_close();
echo "You have successfully Registered";
Now we will add a code that will send the user emails hes/hers account details..
You will need to edit the yoursite, webmaster and youremail variables below.
$yoursite = ‘www.blahblah.com’;
$webmaster = ‘yourname’;
$youremail = ‘youremail’;
$subject = "You have successfully registered at $yoursite...";
$message = "Dear $name, you are now registered at our web site.
To login, simply go to our web page and enter in the following details in the login form:
Username: $username
Password: $password
Please print this information out and store it for future reference.
Thanks,
$webmaster";
mail($email, $subject, $message, "From: $yoursite <$youremail>\nX-Mailer
HP/" . phpversion());
echo "Your information has been mailed to your email address.";
?>
Then save the register.php script!
Now we will create the final file, the login.php file. This will check to see if the user has entered the correct information and then validate them.
First we must connect to database..
//Database Information
$dbhost = "localhost";
$dbname = "your database name";
$dbuser = "username";
$dbpass = "yourpass";
//Connect to database
mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());
Now the script needs to start the session, grab the variables from the login form and then check the database to make sure they are correct.
session_start();
$username = $_POST[‘username’];
$password = md5($_POST[‘password’]);
$query = “select * from users where username=’$username’ and password=’$password’”;
$result = mysql_query($query);
If they don’t match, display the error and the login form again.
Add this..
if (mysql_num_rows($result) != 1) {
$error = “Bad Login”;
include “login.html”;
If they do match, begin the session and include the members page.
Add this..
} else {
$_SESSION[‘username’] = “$username”;
include “memberspage.php”;
}
?>
[multipage=register.php]
That’s it! Now for the full code:
register.php
<?PHP
//Database Information
$dbhost = "localhost";
$dbname = "your database name";
$dbuser = "username";
$dbpass = "yourpass";
//Connect to database
mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());
$name = $_POST['name'];
$email = $_POST['email'];
$username = $_POST['username'];
$password = md5($_POST['password']);
// lets check to see if the username already exists
$checkuser = mysql_query("SELECT username FROM users WHERE username='$username'");
$username_exist = mysql_num_rows($checkuser);
if($username_exist > 0){
echo "I'm sorry but the username you specified has already been taken. Please pick another one.";
unset($username);
include 'register.html';
exit();
}
// lf no errors present with the username
// use a query to insert the data into the database.
$query = "INSERT INTO users (name, email, username, password)
VALUES('$name', '$email', '$username', '$password'";
mysql_query($query) or die(mysql_error());
mysql_close();
echo "You have successfully Registered";
// mail user their information
$yoursite = ‘www.blahblah.com’;
$webmaster = ‘yourname’;
$youremail = ‘youremail’;
$subject = "You have successfully registered at $yoursite...";
$message = "Dear $name, you are now registered at our web site.
To login, simply go to our web page and enter in the following details in the login form:
Username: $username
Password: $password
Please print this information out and store it for future reference.
Thanks,
$webmaster";
mail($email, $subject, $message, "From: $yoursite <$youremail>\nX-MailerHP/" . phpversion());
echo "Your information has been mailed to your email address.";
?>
[multipage=Login.php]
login.php
<?php
//Database Information
$dbhost = "localhost";
$dbname = "your database name";
$dbuser = "username";
$dbpass = "yourpass";
//Connect to database
mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());
session_start();
$username = $_POST[‘username’];
$password = md5($_POST[‘password’]);
$query = “select * from users where username=’$username’ and password=’$password’”;
$result = mysql_query($query);
if (mysql_num_rows($result) != 1) {
$error = “Bad Login”;
include “login.html”;
} else {
$_SESSION[‘username’] = “$username”;
include “memberspage.php”;
}
?>
Happy coding!
-
Securing_Bravo
The following user thanked Securing_Bravo for this useful post:
Copyright © 2026, NextGenUpdate.
All Rights Reserved.
