PHP/Login Authentication/User Registration
Adding a User
<source lang="html4strict">
<html> <body> <?php $self = $_SERVER["PHP_SELF"]; $firstname = $_POST["firstname"]; $lastname = $_POST["lastname"]; $username = $_POST["username"]; $password = $_POST["password"]; if( (!$firstname) or (!$lastname) or (!$username) or (!$password) ) {
$form ="Please enter all new user details..."; $form.="<form action=\"$self\""; $form.=" method=\"post\">First Name: "; $form.="<input type=\"text\" name=\"firstname\""; $form.=" value=\"$firstname\">
Last Name: "; $form.="<input type=\"text\" name=\"lastname\""; $form.=" value=\"$lastname\">
User Name: "; $form.="<input type=\"text\" name=\"username\""; $form.=" value=\"$username\">
Password: "; $form.="<input type=\"text\" name=\"password\""; $form.=" value=\"$password\">
"; $form.="<input type=\"submit\" value=\"Submit\">"; $form.="</form>"; echo($form);
} else {
$conn = @mysql_connect("localhost","root", "") or die("Could not connect to MySQL"); $db = @mysql_select_db("my_database",$conn) or die("Could not select database"); $sql = "insert into users (first_name,last_name,user_name,password)values (\"$firstname\",\"$lastname\",\"$username\",password(\"$password\") )"; $result = @mysql_query($sql,$conn)or die("Could not execute query"); if($result){ echo("New user $username added"); }
} ?> </body></html>
</source>
A user registration process
<source lang="html4strict">
create table user_info ( user_id char(18), fname char(15), email char(35));
//File: index.php
<?
$form = "
<form action=\"index.php\" method=\"post\">
<input type=\"hidden\" name=\"seenform\" value=\"y\">
Your first name?:
<input type=\"text\" name=\"fname\" value=\"\">
Your email?:
<input type=\"text\" name=\"email\" value=\"\">
<input type=\"submit\" value=\"Register!\">
</form>
";
if ((! isset ($seenform)) && (! isset ($userid))) :
print $form;
elseif (isset ($seenform) && (! isset ($userid))) :
$uniq_id = uniqid(rand()); @mysql_pconnect("localhost", "root", "") or die("Could not connect to MySQL server!"); @mysql_select_db("user") or die("Could not select user database!"); $query = "INSERT INTO user_info VALUES("$uniq_id", "$fname", "$email")"; $result = mysql_query($query) or die("Could not insert user information!"); setcookie ("userid", $uniq_id, time()+2592000); print "Congratulations $fname! You are now registered!.";
elseif (isset($userid)) :
@mysql_pconnect("localhost", "root", "") or die("Could not connect to MySQL server!"); @mysql_select_db("user") or die("Could not select user database!"); $query = "SELECT * FROM user_info WHERE user_id = "$userid""; $result = mysql_query($query) or die("Could not extract user information!"); $row = mysql_fetch_array($result); print "Hi ".$row["fname"].",
"; print "Your email address is ".$row["email"];
endif; ?>
</source>