PDA

View Full Version : PHP/MySQL user/login script needed. Ideas?




Dimwhit
Apr 29, 2008, 07:07 PM
Hey all,

I'm going to be setting up a new website for my company, and I'm going to be needed a site-wide user registration/login system. I have one that I found online and modified a bit for my current site, but it's not particularly robust. I could probably adapt it. But I'm wondering if anyone knows of a good, reasonably-easy to install system. I don't mind paying a little bit if needed, either.

Any ideas or suggestions?



italiano40
Apr 29, 2008, 07:09 PM
i would hire a freelance programmer to create one, and you can find one on rentacoder.com

Dimwhit
Apr 29, 2008, 07:13 PM
i would hire a freelance programmer to create one, and you can find one on rentacoder.com

Well, I could create one. I just don't want to re-invent the wheel. And it would take me quite some time.

italiano40
Apr 29, 2008, 07:42 PM
hopes this help http://phpsense.com/php/php-login-script.html

nomade
Apr 30, 2008, 03:00 PM
Try this :

<?php
session_start();
include('coor.php');
$username=$_POST['user'];
$passw=$_POST['password'];
$query="SELECT * FROM login WHERE user='$username' AND password='$passw'";
$result=mysql_query($query, $connect) or die('error making query');
$affected_rows = mysql_num_rows($result);
if($affected_rows == 1) {
$_SESSION['user']=$username;
header('location:index.php');
}
else {
header('location:loginAdmin.php?erreur=erreur');
}
?>

thejadedmonkey
Apr 30, 2008, 03:46 PM
The input isn't validated, and there's no encryption.

elppa
Apr 30, 2008, 06:31 PM
Try this :

<?php
session_start();
include('coor.php');
$username=$_POST['user'];
$passw=$_POST['password'];
$query="SELECT * FROM login WHERE user='$username' AND password='$passw'";
$result=mysql_query($query, $connect) or die('error making query');
$affected_rows = mysql_num_rows($result);
if($affected_rows == 1) {
$_SESSION['user']=$username;
header('location:index.php');
}
else {
header('location:loginAdmin.php?erreur=erreur');
}
?>

Login script, say hello to SQL injection (http://en.wikibooks.org/wiki/Programming:PHP:SQL_Injection).