Home arrow PHP arrow Page 2 - Project Management: Authentication

Create the Table - PHP

I recently completed an article series in which we built a project management application. Every application that wants to control access to its resources has an access control mechanism that will verify if a user is allowed to use the particular application. A project management application is a good candidate for such a control. In this four-part series, we will build an authentication system for the application.

TABLE OF CONTENTS:
  1. Project Management: Authentication
  2. Create the Table
  3. The Login Code
  4. Login Code continued
By: David Web
Rating: starstarstarstarstar / 3
July 28, 2008

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement

So create a table with the following SQL:

CREATE TABLE `users` (

`uid` int(11) NOT NULL auto_increment,

`name` varchar(20) NOT NULL default '',

`sname` varchar(20) NOT NULL default '',

`uname` varchar(100) NOT NULL default '',

`upass` varchar(8) NOT NULL default '',

`level` enum('admin','normal') NOT NULL default 'normal',

`last_login` datetime NOT NULL default '0000-00-00 00:00:00',

`email` varchar(100) NOT NULL default '',

PRIMARY KEY (`uid`)

) TYPE=MyISAM AUTO_INCREMENT=5 ;



Below is some sample data for the table:


INSERT INTO `users` VALUES (1, 'jack', 'dee', 'jack.dee', 'pass', 'admin', '0000-00-00 00:00:00', 'jack@dee.com');

INSERT INTO `users` VALUES (2, 'maria', 'garises', 'maria.garises', 'pass', 'normal', '0000-00-00 00:00:00', 'maria@garises.com');

INSERT INTO `users` VALUES (3, 'kine', 'brand', 'kine.brand', 'pass', 'normal', '0000-00-00 00:00:00', 'kine@brand.com');

INSERT INTO `users` VALUES (4, 'john', 'doe', 'john.doe', 'pass', 'normal', '0000-00-00 00:00:00', 'john@doe.com');


Copy and paste the above SQL in your MySQL administration application and run it. You should have a table called "users" with the sample data above. Now, let's create the login script that will run the login process for us. Create a new PHP document and add the following code:


<?php

include "dbcon.php";

include "functions.php";

//initialise variables

$err=false;

$errmsg="";


//is form submitted?

if(isset($_POST['submit'])){

//check that the form values are not empty, if so, set errormsg value

if(empty($_POST['uname'])){

$errmsg="The username field is empty, please enter a username<br>";

$err=true;

}

if(empty($_POST['upass'])){

$err=true;

$errmsg .="The password field is empty, please enter password<br>";

}


//check that the username is in correct format

if(!checkformat($_POST['uname'])){

$err=true;

$errmsg .="The username that you entered has a incorrect format.<br>";

}



//if there is no errors above, then clean the form values before using in query.

if(!$err){

$cleanuname = mysql_escape_string($_POST['uname']);

$cleanupass = mysql_escape_string($_POST['upass']);


$checkuser = "SELECT * from users WHERE uname = '".$cleanuname."' AND upass = '".$cleanupass."'";

$checkuser_res = mysql_query($checkuser);

$checkuser_num = mysql_num_rows($checkuser_res);


if($checkuser_num > 0){

//if user exists and passes authentication

//setup session variables and redirect to index page

$row = mysql_fetch_assoc($checkuser_res);

$_SESSION['name'] = $row['name']." ".$row['sname'];

$_SESSION['uid'] = $row['uid'];

$_SESSION['level'] = $row['level'];


//redirect

header("location:main.php");

}else{

//if values do not match set errmsg

$err=true;

$errmsg .="The username or password you entered does not match.<br> MYSQL ERROR ".mysql_error();

}//else


}//end $err check


} //end form submit check


?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/userauth.dwt.php" codeOutsideHTMLIsLocked="false" -->

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<!-- InstanceBeginEditable name="doctitle" -->

<title>Project Management ::Login</title>

<!-- InstanceEndEditable -->

<!-- InstanceBeginEditable name="head" --><!-- InstanceEndEditable -->

<link href="Templates/loginstyle.css" rel="stylesheet" type="text/css" />

</head>


<body>

<table width="100%" border="0">

<tr>

<td bgcolor="#6699CC" class="headertxt">Project Management:: User Authentication </td>

</tr>

<tr>

<td><!-- InstanceBeginEditable name="main" -->

<table width="100%" border="0" class="formborder">

<tr>

<td colspan="2" class="loginheader">Login</td>

</tr>

<tr>

<td colspan="2">&nbsp;</td>

</tr>

<form action="login.php" method="post" name="f1" class="formborder">

<?php if(isset($errmsg)){?>

<tr>

<td colspan="2" class="errmsg" ><?php echo $errmsg; ?></td>

</tr>

<tr>

<td colspan="2">&nbsp;</td>

</tr>

<tr>

<?php

}

?>

<td width="10%" valign="bottom"><strong>Username:</strong></td>

<td width="90%"><label>

<input name="uname" type="text" class="login" id="uname" size="40" />

</label></td>

</tr>

<tr>

<td valign="bottom"><strong>Password:</strong></td>

<td><label>

<input name="upass" type="password" class="login" id="upass" size="40" />

</label></td>

</tr>

<tr>

<td>&nbsp;</td>

<td><a href="password.php">Forgot your password?</a> </td>

</tr>

<tr>

<td>&nbsp;</td>

<td><label>

<input name="submit" type="submit" id="submit" value="Log me in!" />

</label></td>

</tr>

</form>

</table>

<!-- InstanceEndEditable --></td>

</tr>

<tr>

<td align="right" class="cright">copyright &copy; 2007 PM </td>

</tr>

</table>

</body>

<!-- InstanceEnd --></html>






 
 
>>> More PHP Articles          >>> More By David Web
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

PHP ARTICLES

- Hackers Compromise PHP Sites to Launch Attac...
- Red Hat, Zend Form OpenShift PaaS Alliance
- PHP IDE News
- BCD, Zend Extend PHP Partnership
- PHP FAQ Highlight
- PHP Creator Didn't Set Out to Create a Langu...
- PHP Trends Revealed in Zend Study
- PHP: Best Methods for Running Scheduled Jobs
- PHP Array Functions: array_change_key_case
- PHP array_combine Function
- PHP array_chunk Function
- PHP Closures as View Helpers: Lazy-Loading F...
- Using PHP Closures as View Helpers
- PHP File and Operating System Program Execut...
- PHP: Effects of Wrapping Code in Class Const...

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: