Problem regarding user registration.

bbilal · #1 10-11-2007, 11:42 PM

I have created a MYSQL database and a form on dreamweaver with all the fields I have mentioned in database but what I have to do to make people register with the form I mean to say if a person fill the form and click on submit OR register how can all the data will go in database I have created?

thetestingsite · #2 10-11-2007, 11:44 PM

You would need a server side code (php, asp, etc) to process the form data and insert in the database. http://www.php-mysql-tutorial.com has some good tutorials on this.

Hope this helps.

bbilal · #3 10-11-2007, 11:48 PM

I know this site but I think this is not mentioned in this tutorial about server side code where can I have that code?

tech_support · #4 10-12-2007, 12:32 AM

You have to actually make it

That's why it's called... a "TUTORIAL".

Edit:

Here's a simple login script that I made:

1. Save this as login.php

PHP Code:


			
<?php
session_start();

$dbuser = ''; //Database Username
$dbpass = ''; //Database Password
$dbhost = ''; //Database Host
$db = ''; //Database

mysql_connect($dbhost, $dbuser, $dbpass) or die(mysql_error());
mysql_select_db($db);

/* PLEASE REMOVE THIS AFTER YOU HAVE RUN ?setup=true */

if (isset($_GET['setup']))    {

$sql = 'CREATE TABLE `users` (`user` TEXT NOT NULL, `pass` TEXT NOT NULL, `email` TEXT NOT NULL) ENGINE = InnoDB';
mysql_query($sql) or die(mysql_error());
echo 'Table created. Remember to remove the ?setup part in the source page.';
die();
}

/* PLEASE REMOVE THIS PART AFTER YOU HAVE RUN ?setup=true */

$errMsg = 'Please enter your username and password to begin.';
$showForm=1;

if (isset($_GET['register']))    {
    $errMsg = 'Register here...';
}

if (isset($_SESSION['errMsg']))    {
    $errMsg = $_SESSION['errMsg'];
    unset($_SESSION['errMsg']);
}
if (isset($_POST['Login']))    {
    $user = $_POST['user'];
    $pass = md5(md5(md5($_POST['pass'])));
    
    $sql = "SELECT * FROM `users` WHERE user='$user' AND pass='$pass'";
    $result = mysql_query($sql);
    $row = mysql_fetch_assoc($result);
    if ($row['pass'] == $pass && $row['user'] == $user)    {
        $errMsg = 'Thanks for logging in!';
        $ip = $_SERVER['REMOTE_ADDR'];
        $ip = substr($ip,0,strrpos($ip,'.'));
        $_SESSION['logged'] = $row['user'];
        $_SESSION['pass'] = $row['pass'];
        $_SESSION['auth'] = md5($row['user'].$row['pass'].$ip);
        header('location:'.$_SERVER['PHP_SELF']);
    }
    else    {
        $errMsg = 'Incorrect username/password.';
    }
}
elseif (isset($_POST['Register']))    {
    $user = $_POST['user'];
    $pass = md5(md5(md5($_POST['pass'])));
    $passco = md5(md5(md5($_POST['pass-confirm'])));
    $email = $_POST['email'];
    
    $sql = "SELECT * FROM `users` WHERE user='$user'";
    $row = mysql_query($sql);
    
    if (mysql_num_rows($row) != 0)    {
        $errMsg = 'User taken. You can login now using the form below.';
    }
    elseif ($pass != $passco)    {
        $errMsg = 'Passwords don\'t match.';
    }
    //ereg pattern thanks to http://www.ilovejackdaniels.com/php/email-address-validation
    elseif (!ereg('^[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9](.[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9])+$',$email))    {
        $errMsg = 'You haven\'t provided us with a valid email address.';
    }
    else    {
        $sql = "INSERT INTO `users`(user,pass,email) VALUES('$user','$pass','$email')";
        mysql_query($sql) or die(mysql_error());
        $_SESSION['errMsg'] = 'User created.';
        $showForm=0;
        header('location:'.$_SERVER['PHP_SELF']);
    }
}

if (isset($_GET['logout']))    {
    session_destroy(); //Destroys the session, aka. all data in the $_SESSION array, eg. username, password etc.
    session_start(); //Starts the session all over again
    $errMsg = 'You have been logged out.';
}
//Sets the user
$user = isset($_SESSION['logged']) ? $_SESSION['logged'] : '';
//Sets the pass
$pass = isset($_SESSION['pass']) ? $_SESSION['pass'] : '';
//Checks if the user is logged in and on the same computer...
$ip = $_SERVER['REMOTE_ADDR'];
$ip = substr($ip,0,strrpos($ip,'.'));
if (!isset($_SESSION['logged']) || md5($user.$pass.$ip) != $_SESSION['auth'])    {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Login</title>
</head>

<body>
<?php
if (isset($_GET['register']))    {
echo $errMsg;
if ($showForm!=0)    {
?>

<form name="register" method="post" action="?register=true">
    <p>
      <label>Username: <input type="text" name="user" value="<?php echo isset($_POST['user']) ? $_POST['user'] : ''; ?>"></label>
    </p>
    <p>
      <label>Password: <input type="password" name="pass"></label>
    </p>
    <p>
      <label>and again: <input type="password" name="pass-confirm"></label>
    <p>
    <p>
      <label>E-Mail: <input type="text" name="email" value="<?php echo isset($_POST['email']) ? $_POST['email'] : ''; ?>"></label>
    </p>
    <p>
      <label><input type="submit" name="Register" value="Register"></label>
    </p>
</form>

<?php
}
} else    {
echo $errMsg; // Echoes the error message.
?>
<form name="login" method="post" action="">
    <p>
      <label>Username: <input type="text" name="user"></label>
    </p>
    <p>
      <label>Password: <input type="password" name="pass"></label>
    </p>
    <p>
      <label><input type="submit" name="Login" value="Login"></label>
    </p>
    <p><a href="?register=true">Register</a></p>
</form>
<?php } ?>
</body>
</html>
<?php
die(); //Stops outputting anything else.
}
?>

2. In the pages you want to be secure, put this in:

PHP Code:


			
<?php include('login.php'); ?>

It'll display the login form when a person isn't logged in.

3. Goto: login.php?setup=true after you have configured your database stuff in the code

4. Remove the section where it tells you to.

5. Try registering/logging in.

bbilal · #5 10-12-2007, 08:54 PM

Oh thank you so much!

remp · #6 10-12-2007, 09:03 PM

Hello... can anyone tell me what are the advantages of having a user registration... and what services can you offer to those who register? (the most common services...) Thanks

boogyman · #7 10-12-2007, 09:12 PM

Quote:

Originally Posted by remp

Hello... can anyone tell me what are the advantages of having a user registration... and what services can you offer to those who register? (the most common services...) Thanks

you can offer anything and/or everything, however any time you need to store information beyond just a session, a database should be used.

Usually a tier system is a good idea, where you give a global version of the site that anyone can view, a free version where people can register and may contain some proprietary / sensitive information and/or paid version, which is based upon a user giving money to the site (eg donation, monthly payment, yearly payment, etc...)

basically it just depends on how you want to construct your site and what privileges you would like your users to have.

djr33 · #8 10-12-2007, 10:54 PM

User registration allows you some idea of who a visitor is, and how they acquired an account. Is it paid? Is it free? Do you store their email? Credit card? Social security number? Username? IP?

It allows:
Identification (such as posting on a forum)
Limited access / Modified access / Full access (as described above)
Security to some degree (such as admins who can upload files)
Contact options (email, PM)
Data storage/retrieval (very important, and many many uses)
[indirectly] Connectivity between users, beyond what just an IP can offer
Tracking (for security, hackers, or even malicious information gathering)
A feeling of security for the user (whether or not it actually means something)

To summarize: Storage, Identification, Security/Access.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search