PHP/Login Authentication/Login Form

Материал из Web эксперт
Перейти к: навигация, поиск

A More Sophisticated Login Page

   <source lang="html4strict">

<?php session_start(); if (isset($_POST["submit"])) { 

 if ($_POST["user"] == "php5" && $_POST["pass"] == "iscool") {
   $_SESSION["username"] = $_POST["user"];
   if (isset($_GET["url"])) {
     $url = $_GET["url"];
   } else {
     $url = "index.php";
   }
   if (!isset($_COOKIE[session_name()])) {
     if (strstr($url, "?")) {
       header("Location: " . $url .
         "&" . session_name() . "=" . session_id());
     } else {
       header("Location: " . $url .
         "?" . session_name() . "=" . session_id());
     }
   } else {
     header("Location: " . $url);
   }
 }

} ?> <html> <head> <title>User Authentication</title> </head> <body> <form method="post"> <input type="text" name="user" />
<input type="password" name="pass" />
<input type="submit" name="submit" value="Login" /> </form> </body> </html> 

 </source>


A Simple Login Page

   <source lang="html4strict">

<?php session_start(); if (isset($_POST["submit"])) { 

 if ($_POST["user"] == "php5" && $_POST["pass"] == "iscool") {
   $_SESSION["username"] = $_POST["user"];
 }

} ?> <html> <head> <title>User Authentication</title> </head> <body> <?php if (isset($_SESSION["username"])) { 

 echo("You are logged in!");

} else { ?> <form method="post"> <input type="text" name="user" />
<input type="password" name="pass" />
<input type="submit" name="submit" value="Login" /> </form> <?php } ?> </body> </html> 

 </source>


A Simple User Authentication Script

   <source lang="html4strict">

<html> <head> <title>User Authentication</title> </head> <body> <?php if (isset($_POST["user"]) && isset($_POST["pass"]) && 

 strtolower($_POST["user"]) == "shelley" && $_POST["pass"] == "deadline") {

?> Welcome! <?php } else { ?> Please log in! <form method="post"> User name: <input type="text" name="user" />
Password: <input type="password" name="pass" />
<input type="submit" name="Login" /> </form> <?php } ?> </body> </html> 

 </source>


Hard code login Form

   <source lang="html4strict">

<HTML> <BODY> <FORM METHOD="POST" ACTION="LoginFormAction.php">

Login Page



User Name:
<INPUT TYPE="TEXT" NAME="username" SIZE="16">

Password:
<INPUT TYPE="PASSWORD" NAME="password" SIZE="16">



<INPUT TYPE="SUBMIT" VALUE="Submit"> </FORM> </BODY> </HTML> 


      </source>


Login form with Error Messages and Preserving User Input

   <source lang="html4strict">

<?php function validate_user ($username, $password){ 

   return true;

}

// create empty array to store error messages $errors = array(); $p =& $_POST;

if (count ($p) > 0){ 

    if (!isset ($p["username"]) || (trim ($p["username"]) == "")){
         $errors[] = "You must enter a username.";
    }elseif{ ((strlen ($p["username"]) < 8) || (ereg ("[^a-zA-Z0-9]", $p["username"]))){
         $errors[] = "You did not enter a valid username. Usernames must be
                     at least eight characters long and can only contain
                     letters and digits.";
    }
    
    if (!isset ($p["password"]) || (trim ($p["password"]) == "")){
         $errors[] = "You must enter a password.";
    }elseif ((strlen ($p["password"]) < 8) || (ereg ("[^[:alnum:][:punct:][:space:]]", $p["password"]))){
         $errors[] = "You did not enter a valid password. Passwords must be
                     at least eight characters long and can only contain
                     letters, digits, punctuation and spaces.";
    }
    
    if (count ($errors) == 0) {
         $r = validate_user ($p["username"], $p["password"]);
  
         if ($r == false){
              $errors[] = "Login failed. Username/password not found.";
         } else {
              print ("<html><head><title>Congratulations</title></head>
<body>

Congratulations!

You logged in!

                     </body></html>");
              exit;
         }
    }

} ?> <html> <head><title>Login Form</title></head> <body>

Login Form

<?php 

    if (count ($errors) > 0) {
         $n = count ($errors);
         for ($i = 0; $i < $n; $i++){
              print "
" . $errors[$i] . "";
         }     
    }

?> <form action="<?php print ($PHP_SELF); ?>" method="POST">

Username: <input type="text" name="username" value="<?php if (isset ($p["username"])) print $p["username"]; ?>" />
Password: <input type="text" name="password" value="<?php if (isset ($p["password"])) print $p["password"]; ?>" />
<input type="submit" name="submit">
    <input type="hidden" name="__process_form__" value="1" />

</form> </body> </html> 

      </source>


Log-In Page

   <source lang="html4strict">

<html> 

<head>
 <title>Log-In Page</title>
</head>
<body>
Please enter your user details to log-in here...
<form action = "authenticate.php" method = "post">
Username:

<input type = "text" name = "username">



Password:

<input type = "text" name = "password">



<input type = "submit" value = "Log In">
</form>
</body>

</html> File: authenticate.php

<?php $username = $_POST["username"]; $password = $_POST["password"]; $self = $_SERVER["PHP_SELF"]; $referer = $_SERVER["HTTP_REFERER"]; if( ( !$username ) or ( !$password ) ) { header( "Location:$referer" ); exit(); } $conn=@mysql_connect( "localhost", "userName", "password" ) or die( "Could not connect" ); $rs = @mysql_select_db( "my_database", $conn ) or die( "Could not select database" ); $sql = "select * from users where user_name=\"$username\" and password = password( \"$password\" )";

$rs = mysql_query( $sql, $conn ) or die( "Could not execute query" ); $num = mysql_numrows( $rs ); if( $num != 0 ) {

$msg = "

Welcome $username - your log-in succeeded!

";

} else { 

 header( "Location:$referer" ); exit();

} ?> <html> 

<head>
 <title>Log-In Authenticated</title>
 </head>
 <body>
  <?php echo( $msg ); ?>
 </body>

</html> 

 </source>


Verifying a login cookie

   <source lang="html4strict">

<?php unset($username); if ($_COOKIE["login"]) { 

   list($c_username,$cookie_hash) = split(",",$_COOKIE["login"]);
   if (md5($c_username.$secret_word) == $cookie_hash) {
       $username = $c_username;
   } else {
       print "You have sent a bad cookie.";
   }

} if ($username) { 

   print "Welcome, $username.";

} else { 

   print "Welcome, anonymous user.";

} ?> 

 </source>


View guestbook

   <source lang="html4strict">

<html> <head> <title>View guestbook</title> </head> <body>

Latest 3 guestbook entries...

<?php $rs = @mysql_connect( "localhost", "userName", "password" )or die( "Could not connect to MySQL" ); $rs = @mysql_select_db( "my_database" ) or die( "Could not select database" ); $sql = "select * from guestbook order by time desc limit 3"; $rs = @mysql_query( $sql ) or die( "Could not execute SQL query" ); while ( $row = mysql_fetch_array( $rs ) ) { ?>

Name: <?php echo $row["name"]; ?> Email: <a href="mailto:<?php echo $row["email"]; ?>"> <?php echo $row["email"]; ?></a> 
 <?php
 $datetime = $row["time"];
 $year = substr( $datetime, 0, 4 );
 $mon  = substr( $datetime, 4, 2 );
 $day  = substr( $datetime, 6, 2 );
 $hour = substr( $datetime, 8, 2 );
 $min  = substr( $datetime, 10, 2 );
 $sec  = substr( $datetime, 12, 2 );
 $orgdate = date("l F dS, Y h:i A",mktime( $hour, $min, $sec, $mon, $day, $year ) );
 ?>
Date: <?php echo $orgdate; ?>
Comments: <?php echo $row["comments"]; ?>


<?php } ?> </body> </html> 

 </source>
Источник — «http://wbex.ru/index.php?title=PHP/Login_Authentication/Login_Form&oldid=925»