Continued from page 1
The following code excerpt can be used as part of authenticate.php to process login request. It connects to MySQL database and queries table used to store registration information.
@mysql_connect("localhost", "mysql_login", "mysql_pwd") or die("Cannot connect to DB!"); @mysql_select_db("tbl_login") or die("Cannot select DB!"); $sql="SELECT loginid FROM login_tbl WHERE loginid=’".$loginid.”’ and password=’”.$password.”’”; $r = mysql_query($sql); if(!$r) { $err=mysql_error(); print $err; exit(); } if(mysql_affected_rows()==0){ print "no such login in system. please try again."; exit(); } else{ print "successfully logged into system."; //proceed to perform website’s functionality – e.g. present information to user }
As in component 1, code excerpt assumes that MySQL table that is used to store registration data is named tbl_login and contains 3 fields – loginid, password and email fields. The values of $loginid and $password variables are passed in from form in authenticate.html using post method.
================================================================
Component 3 – Forgot Password
A registered user may forget his password to log into website’s system. In this case, user will need to supply his loginid for system to retrieve his password and send password to user’s registered email address.
This is typically done through a simple HTML form. This HTML form typically contains 1 field and 2 buttons: 1. A login id field 2. A Submit button 3. A Reset button
Assume that such a form is coded into a file named forgot.html. The following HTML code excerpt is a typical example. When user has filled in all fields, forgot.php page is called when user clicks on Submit button.
[form name="forgot" method="post" action="forgot.php"] [input name="login id" type="text" value="loginid" size="20"/][br] [input type="submit" name="submit" value="submit"/] [input type="reset" name="reset" value="reset"/] [/form]
The following code excerpt can be used as part of forgot.php to process login request. It connects to MySQL database and queries table used to store registration information.
@mysql_connect("localhost", "mysql_login", "mysql_pwd") or die("Cannot connect to DB!"); @mysql_select_db("tbl_login") or die("Cannot select DB!"); $sql="SELECT password, email FROM login_tbl WHERE loginid=’".$loginid.”’”; $r = mysql_query($sql); if(!$r) { $err=mysql_error(); print $err; exit(); } if(mysql_affected_rows()==0){ print "no such login in system. please try again."; exit(); } else { $row=mysql_fetch_array($r); $password=$row["password"]; $email=$row["email"];
$subject="your password"; $header="from:you@yourdomain.com"; $content="your password is ".$password; mail($email, $subject, $row, $header);
print "An email containing password has been sent to you"; }
As in component 1, code excerpt assumes that MySQL table that is used to store registration data is named tbl_login and contains 3 fields – loginid, password and email fields. The value of $loginid variable is passed from form in forgot.html using post method.
================================================================
Conclusion
The above example is to illustrate how a very basic login system can be implemented. The example can be enhanced to include password encryption and additional functionality – e.g. to allow users to edit their login information.
Used with the author's permission. This article is written by daBoss. daBoss is the Webmaster of Designer Banners (http://www.designerbanners.com). daBoss can be contacted at sales (at) designerbanners (dot) com.