Skrip Login PHP

Kami akan membuat sistem login sederhana menggunakan kode PHP di halaman kami, dan database MySQL untuk menyimpan informasi pengguna kami. Kami akan melacak pengguna yang masuk dengan cookie .

Sebelum kita dapat membuat skrip login, pertama-tama kita perlu  membuat database  untuk menyimpan pengguna. Untuk tujuan tutorial ini, kita hanya memerlukan bidang "nama pengguna" dan "kata sandi", namun Anda dapat membuat bidang sebanyak yang Anda inginkan.

 CREATE TABLE users (ID MEDIUMINT NOT NULL AUTO_INCREMENT PRIMARY KEY, username VARCHAR(60), password VARCHAR(60)) 

Ini akan membuat database yang disebut  pengguna  dengan 3 bidang: ID, nama pengguna, dan kata sandi.

Halaman Pendaftaran 1

 <?php 
 // Connects to your Database 

 mysql_connect("your.hostaddress.com", "username", "password") or die(mysql_error()); 

 mysql_select_db("Database_Name") or die(mysql_error()); 


 //This code runs if the form has been submitted

 if (isset($_POST['submit'])) { 



 //This makes sure they did not leave any fields blank

 if (!$_POST['username'] | !$_POST['pass'] | !$_POST['pass2'] ) {

   die('You did not complete all of the required fields');

  }



 // checks if the username is in use

  if (!get_magic_quotes_gpc()) {

   $_POST['username'] = addslashes($_POST['username']);

  }

 $usercheck = $_POST['username'];

 $check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'") 

or die(mysql_error());

 $check2 = mysql_num_rows($check);



 //if the name exists it gives an error

 if ($check2 != 0) {

   die('Sorry, the username '.$_POST['username'].' is already in use.');

     }


 // 
this makes sure both passwords entered match

  if ($_POST['pass'] != $_POST['pass2']) {

   die('Your passwords did not match. ');

  }



  // here we encrypt the password and add slashes if needed

  $_POST['pass'] = md5($_POST['pass']);

  if (!get_magic_quotes_gpc()) {

   $_POST['pass'] = addslashes($_POST['pass']);

   $_POST['username'] = addslashes($_POST['username']);

    }



 // now we insert it into the database

  $insert = "INSERT INTO users (username, password)

    VALUES ('".$_POST['username']."', '".$_POST['pass']."')";

  $add_member = mysql_query($insert);

  ?>



 
 <h1>Registered</h1>

 <p>Thank you, you have registered - you may now login</a>.</p>

Registration Page 2

 <?php 
 } 

 else 
 { 
 ?>


 
 <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">

 <table border="0">

 <tr><td>Username:</td><td>

 <input type="text" name="username" maxlength="60">

 </td></tr>

 <tr><td>Password:</td><td>

 <input type="password" name="pass" maxlength="10">

 </td></tr>

 <tr><td>Confirm Password:</td><td>

 <input type="password" name="pass2" maxlength="10">

 </td></tr>

 <tr><th colspan=2><input type="submit" name="submit" 
value="Register"></th></tr> </table>

 </form>


 <?php

 }
 ?> 


                 



                 
The Login Page 1
 <?php 

 // Connects to your Database 

 mysql_connect("your.hostaddress.com", "username", "password") or die(mysql_error()); 

 mysql_select_db("Database_Name") or die(mysql_error()); 


 //Checks if there is a login cookie

 if(isset($_COOKIE['ID_my_site']))


 //if there is, it logs you in and directes you to the members page

 { 
  $username = $_COOKIE['ID_my_site']; 

  $pass = $_COOKIE['Key_my_site'];

    $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());

  while($info = mysql_fetch_array( $check ))  

   {

   if ($pass != $info['password']) 

    {

        }

   else

    {

    header("Location: members.php");



    }

   }

 }


 //if the login form is submitted 

 if (isset($_POST['submit'])) { // if form has been submitted



 // makes sure they filled it in

  if(!$_POST['username'] | !$_POST['pass']) {

   die('You did not fill in a required field.');

  }

  // checks it against the database



  if (!get_magic_quotes_gpc()) {

   $_POST['email'] = addslashes($_POST['email']);

  }

  $check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());



 //Gives error if user dosen't exist

 $check2 = mysql_num_rows($check);

 if ($check2 == 0) {

   die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>');

     }

 while($info = mysql_fetch_array( $check ))  

 {

 $_POST['pass'] = stripslashes($_POST['pass']);

  $info['password'] = stripslashes($info['password']);

  $_POST['pass'] = md5($_POST['pass']);



 //gives error if the password is wrong

  if ($_POST['pass'] != $info['password']) {

   die('Incorrect password, please try again.');

  }


                 



                 
The Login Page 2

else 

 { 

 
 // if login is ok then we add a cookie 

   $_POST['username'] = stripslashes($_POST['username']); 

   $hour = time() + 3600; 

 setcookie(ID_my_site, $_POST['username'], $hour); 

 setcookie(Key_my_site, $_POST['pass'], $hour);  

 

 //then redirect them to the members area 

 header("Location: members.php"); 

 } 

 } 

 } 

 else 

{  

 

 // if they are not logged in 

 ?> 

 <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> 

 <table border="0"> 

 <tr><td colspan=2><h1>Login</h1></td></tr> 

 <tr><td>Username:</td><td> 

 <input type="text" name="username" maxlength="40"> 

 </td></tr> 

 <tr><td>Password:</td><td> 

 <input type="password" name="pass" maxlength="50"> 

 </td></tr> 

 <tr><td colspan="2" align="right"> 

 <input type="submit" name="submit" value="Login"> 

 </td></tr> 

 </table> 

 </form> 

 <?php 

 } 

 

 ?> 


                 
 The full code can be found on GitHub: https://github.com/Goatella/Simple-PHP-Login


                 
This script first checks to see if the login information is contained in a cookie on the users computer. If it is, it tries to log them in. If this is successful they are redirected to the members area.


                 
If there is no cookie, it allows them to login. If the form has been submitted, it checks it against the database and if it was successful sets a cookie and takes them to the members area. If it has not been submitted, it shows them the login form.

Area Anggota

 <?php 

 // Connects to your Database 

 mysql_connect("your.hostaddress.com", "username", "password") or die(mysql_error()); 

 mysql_select_db("Database_Name") or die(mysql_error()); 

 
 //checks cookies to make sure they are logged in 

 if(isset($_COOKIE['ID_my_site'])) 

 { 

  $username = $_COOKIE['ID_my_site']; 

  $pass = $_COOKIE['Key_my_site']; 

    $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); 

  while($info = mysql_fetch_array( $check ))   

   { 

 

 //if the cookie has the wrong password, they are taken to the login page 

   if ($pass != $info['password']) 

    {    header("Location: login.php"); 

    } 

 

 //otherwise they are shown the admin area  

  else 

    { 

     echo "Admin Area<p>"; 

 echo "Your Content<p>"; 

 echo "<a href=logout.php>Logout</a>"; 

    } 

   } 

   } 

 else 

 

 //if the cookie does not exist, they are taken to the login screen 

 {    

 header("Location: login.php"); 

 } 

 ?> 

Kode ini memeriksa  cookie kami  untuk memastikan pengguna masuk, sama seperti halaman login. Jika mereka masuk, mereka diperlihatkan area anggota. Jika mereka tidak masuk, mereka  dialihkan  ke halaman masuk.

Pastikan untuk mengunduh kode lengkap di GitHub:  https://github.com/Goatella/Simple-PHP-Login

Halaman Keluar

 <?php 

 $past = time() - 100; 

 //this makes the time in the past to destroy the cookie 

 setcookie(ID_my_site, gone, $past); 

 setcookie(Key_my_site, gone, $past); 

 header("Location: login.php"); 

 ?> 

Semua yang dilakukan halaman logout kami adalah  menghancurkan cookie , lalu mengarahkannya kembali ke halaman login. Kami menghancurkan cookie dengan menyetel kedaluwarsa ke beberapa waktu di masa lalu.