[php] members only section

Discussion in 'Web Design & Coding' started by sean.ferguson, May 10, 2004.

  1. sean.ferguson

    sean.ferguson Moderator Folding Team

    Messages:
    1,693
    Location:
    Fife; Scotland
    im needing a secure login script that allows access to a protected dir; this is to be a members only section.

    What I Need:
    - Admin Area; No User Registrations
    - Users Must Be Registered Via Admin
    - Secure, Simple and Fast PHP
    - Information on How to Protect a Full Directory
    - MySQL Database of Users
    - Login Script
    - Something To Check User Is Valid

    What it needs to do:
    I need to be able to create new users via an admin panel of some form, users must be able to login from a form (user: pword:). After users login they are to be re-directed to the member only dir, they can only enter the directory if they have successfully logged in. I need to be able to monitor user usage and times/dates when they logged into the member area. It has to be secure enough to hold billing information.

    I have searched on the PHP Resource Index and the free options they have are not really up to scratch... not the ones i have tried thus far anyway. I would prefer a free solution so the software that retails at $399.99 is out of the question im afraid. Im not to bothered about looks as it will be customized anyway.

    Thanks for any help
     
  2. Geffy

    Geffy Moderator Folding Team

    Messages:
    7,805
    Location:
    United Kingdom
    I wrote something a bit ago that used .htaccess with .htpasswd, and a php login
     
  3. sean.ferguson

    sean.ferguson Moderator Folding Team

    Messages:
    1,693
    Location:
    Fife; Scotland
    ok, i have my login script; SQL database and members authenticity script... but im stuck in MySQL as i have no prior experience with it and its queries

    I have a Table (User) and four fields (id,username,password,email), what is the query i pass in MySQL to add data to these four fields, for example's sake say i want to add id:1 - user: test - password: testing - email: test@testing.com
    Im stumped, anyonoe help?
     
  4. Geffy

    Geffy Moderator Folding Team

    Messages:
    7,805
    Location:
    United Kingdom
    say your different fields are coming from a PHP script in the following
    $_POST['username']
    $_POST['password']
    $_POST['email']

    the query you would use would be
    INSERT INTO `table_name` (id,username,password,email) VALUES ('NULL', '". $_POST['username'] ."','". $_POST['password'] ."','". $_POST['email'] ."')

    breaking it down its saying it wants to insert data into the table called "table_name" and that "table_name" has the fields called id, username, password and email, and then that the list of VALUES should be inserted into those fields
    I dont know if the ordering in the table field listing matters, but I always just do it in the order that they appear in phpMyAdmin, and the VALUES list is always in the same order, hope that helps

    btw it is best to have the id field set to auto_increment when you create the table for MySQL
     
  5. sean.ferguson

    sean.ferguson Moderator Folding Team

    Messages:
    1,693
    Location:
    Fife; Scotland
    thanks, i already have the 'id' field set to auto_increment so i gather i dont need to enter any values for the id field?
     
  6. ZeroHour

    ZeroHour ho3 ho3 ho3

    Messages:
    1,118
    Location:
    Scotland
  7. Geffy

    Geffy Moderator Folding Team

    Messages:
    7,805
    Location:
    United Kingdom
    I always just send "NULL" to the id field, MySQL then ignores it and happily auto increments it. I leave it in so I can better see and structure the statement/query
     
  8. Khayman

    Khayman I'm sorry Hal... Political User Folding Team

    Messages:
    5,518
    Location:
    England
    I remeber writing my admin section for my site a while ago, i used to use just .htaccess with .htpasswd. don't even need a php login as it will pop up a box asking for the login details.

    In the end i done my own in php and mysql. was fun. The main problem, that i found anyway, is that after they have logged on you have to know they have logged on. Usualy done in the form of a cookie (although i suppose you could log an IP address or somthing) and making that cookie secure so that people can't forge it (not that anyone would want to go to that effort to get in my site, but i though i might as well go all the way :))
     
  9. ZeroHour

    ZeroHour ho3 ho3 ho3

    Messages:
    1,118
    Location:
    Scotland
    thekore just out of intrest how long u been doing PHP and is this for you or a customer? LOL ;)
     
  10. sean.ferguson

    sean.ferguson Moderator Folding Team

    Messages:
    1,693
    Location:
    Fife; Scotland
    php, not long; i have only ever played with includes and referrers ip info etc... this is very new to me.
    its for me and a customer... i am in the process of setting up a company and the company website is going to be the main focal point for the customer. The members only area was going to be so as previous customers can log in and find out news on up and coming products, company news and gain access to customer forums which would be hidden from the public eye.
     
  11. sean.ferguson

    sean.ferguson Moderator Folding Team

    Messages:
    1,693
    Location:
    Fife; Scotland
    the phpfreaks tutorial looks like exactly what i was looking for; im trying it out just now. I'l be back once i have scripted and customised to let you know :)
     
  12. sean.ferguson

    sean.ferguson Moderator Folding Team

    Messages:
    1,693
    Location:
    Fife; Scotland
    okay after getting the basics from the tutorial; its missing the checkuser.php file :confused: ZeroHour you got any idea whats supposed to be in the checkuser.php page or where the actuall page is at? I cant test it / customize it until i have that file :(
     
  13. ZeroHour

    ZeroHour ho3 ho3 ho3

    Messages:
    1,118
    Location:
    Scotland
    Ahhh.
    I will email the dude from PHPFreaks as I know him.
    Will let you know ASAP m8
     
  14. ZeroHour

    ZeroHour ho3 ho3 ho3

    Messages:
    1,118
    Location:
    Scotland
    Dublex and sean.ferguson like this.
  15. sean.ferguson

    sean.ferguson Moderator Folding Team

    Messages:
    1,693
    Location:
    Fife; Scotland
    yeah thats right take the piss out of a n00b :p

    you'l be getting your [​IMG] clicked ;)
     
  16. ZeroHour

    ZeroHour ho3 ho3 ho3

    Messages:
    1,118
    Location:
    Scotland
    HeHe
    you could not see it for looking lol ;)
    Hope it works for u m8
     
  17. Geffy

    Geffy Moderator Folding Team

    Messages:
    7,805
    Location:
    United Kingdom
    is it just me or does phpfreaks always seem to die and stop serving pages after you try to look at the second page of any tutorial??
     
  18. ZeroHour

    ZeroHour ho3 ho3 ho3

    Messages:
    1,118
    Location:
    Scotland
    Hmm
    There is a mirror for them.
    The ad's can hold the WHOLE page up if the ad server is busy. Its a issue with IE.
    I used to run Kazaalite.com and I had that problem too. The ad server caused the page to load slowly as IE waited for the content to come from there crappy server LOL
     
  19. X-Istence

    X-Istence * Political User

    Messages:
    6,498
    Location:
    USA
    He aint using IE :p
     
  20. ZeroHour

    ZeroHour ho3 ho3 ho3

    Messages:
    1,118
    Location:
    Scotland
    Yeh but others can have a similar prob :p