Sign in or Sign up

PHP login page Part 2 of the register/login.php.
Started by Epic


Rate this topic
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5


5 posts in this topic
[IDLE]Epic Offline
Programmers
***


IDLE
Posts: 147
Threads: 20
Joined: Thu Apr 2017
Reputation: 7

CZPoints: 0 CZP
Contributor
04-24-2017, 03:05 PM -
#1
before i start, i know this is not the best login code, so spare your comment. you can write a better one if this does not satisfy you. since this is just a tutorial to learn from.

to everyone i recommend on my last tutorial to add hashes so it wont be stored in plain text.


hi again.
i did not have any time to post this after the first tutorial, but now i have time so here we go.

so first, we do not need to setup any kind of MYSQL database in this one.
also we will not be using the process and db.php from the other project (we could have, this is just to learn tho).

so the first thing we would do is create the processlogin.php

Code:
<?php
$username = $_POST['user'];
$password = $_POST['pass'];

$username = stripcslashes($username);
$password = stripcslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
//this connects to your database
mysql_connect("yourhostipaddress", "username", "password");
mysql_select_db("database");
//here it selects columns from the database.
$result = mysql_query("select * from users where username = '$username' and password = '$password'")
            or die("Failed to Connect".mysql_error());
$row = mysql_fetch_array($result);
//here it checks if the username and the password is the same as the login information in the table.
if ($row['username'] == $username && $row['password'] == $password ) {
    echo "Login succeeded. Welcome ".$row['username'];
} else {
    echo "Failed To Login";
}
header("Location: index.php");
?>
after that rename
Code:
mysql_connect("yourhostipaddress", "username", "password");
mysql_select_db("database");
to your database information.
now we are moving onto the next file.
create a php file called login.php
and paste this code inside of it.

Code:
<form action ="processlogin.php" method ="POST">
    <div class="youclassnamehere">
    <input class="sectiondiv2" id="user" placeholder="Username" name="user" type="text" />
    </div>
        <br><br>
        <div class="youclassnamehere">
    <input class="youclassnamehere" placeholder="Password" id="pass" name="pass" type="password" />
    </div>
    
    <br>
    <!--<label><input name="Checkbox1" type="checkbox"> Remember Me?</label>--->
    <center><button type="submit" value="submit" id="login" class="youclassnamehere">Login</button><center>
    </form>
now save that file and it should be fully working, keep in mind this is not fully working login system cause it wont stay logged in forever, and there is no logout process here, but you can make that if you know how to.

thanks for watching this part of the tutorial.
hope you enjoyed it aswell.
keep having a great night/day.




Save your negative comments
say something positive!
This post was last modified: 04-24-2017, 03:08 PM by Epic.
[Image: PMBDPha.png]
Dark Offline
Junior Member
**


Registered
Posts: 49
Threads: 8
Joined: Wed Apr 2017
Reputation: 0

CZPoints: 0 CZP
04-24-2017, 03:12 PM -
#2
Thanks for posting this!
Corrupt Zone <3
WhiteHat Offline
Junior Member
**


Registered
Posts: 6
Threads: 2
Joined: Fri Apr 2017
Reputation: 0

CZPoints: 0 CZP
04-25-2017, 10:24 AM -
#3
nice tutorial.
ScorpionOfWar Offline
Super Moderator
******


Super Moderators
Posts: 239
Threads: 11
Joined: Fri Mar 2017
Reputation: 14

CZPoints: 38 CZP
Contributor
04-25-2017, 11:08 AM -
#4
Nice tutorial :)
Btw for everyone who doesnt want to search it, here is the first part: https://corrupt.zone/Thread-PHP-Mysql-register-with-php
[Image: PWXNX5p.gif]

Discord - @ScorpionOfWar#0001
[NS]Splinter Offline
~# Nulled Systems #~
***


NulledSystems
Posts: 25
Threads: 5
Joined: Sat Sep 2017
Reputation: 3

CZPoints: 21 CZP
10-03-2017, 09:22 PM -
#5
Epic,

The MySQL_connect is deprecated since php 5.5.0 and is removed since 7. also I the way you have login done you are leaving yourself open to SQL attacks.
Father Farter Offline
Junior Member
**


Registered
Posts: 1
Threads: 0
Joined: Sun Oct 2017
Reputation: 0

CZPoints: 0 CZP
10-04-2017, 09:07 PM -
#6
Quite a lot hosts support older versions of PHP , v7 isn't supported everywhere. That's what I've checked against some hosting companies.

As for the code.... Never ever do login from one page , nor avoiding hashing algo for usernames and passwords. Also , vulns are so much.... Just that first processlogin.php is doing direct call and log in to SQL server , plus , Your user & pass are plain text , no real checks , and , this code also helps a newbie to get Your DB in no time ! :O




Users browsing this thread: 1 Guest(s)