Free PHP Login Script

i am posting here a simple login script which i coded few months ago. i am releasing it free of charge. the code can be used for both commercial or personal purpose. Note: make sure you use captcha if you want to protect your login system from spam.

** MOVED HERE WITH FREE DOWNLOAD **

How it works - User gives email and password and the script searches for that email and password in the database and if found it redirects to myaccount.php - The password is stored in md5 format. When the user enters his password, the script converts to md5 string and then compares this to the md5 of the password stored in the database. - This script once logged in registers 2 session variables user_id and user_level (like 1,2,3) which is available on all pages. Make sure that you put session_start() on top on all the pages where you want to login protect. MySQL Table Structure Table Users id INT(20) AUTO_INCREMENT PRIMARY user_id VARCHAR(100) user_email VARCHAR(100) user_level int(2) pwd VARCHAR(100) activated INT(0) date (date) country varchar(100) Login.php
PHP Code:

<?php include 'dbc.php'; $user_email = mysql_real_escape_string($_POST['email']); if ($_POST['Submit']=='Login') { $md5pass = md5($_POST['pwd']); $sql = "SELECT id,user_name,user_level FROM users WHERE email = '$user_email' AND pwd = '$md5pass' AND activated='1'"; $result = mysql_query($sql) or die (mysql_error()); $num = mysql_num_rows($result);

if ( $num != 0 ) { // A matching row was found - the user is authenticated. session_start(); list($user_id,$user_name,$user_level) = mysql_fetch_row($result); // this sets variables in the session $_SESSION['user_name']= $user_name; $_SESSION['user_level'] = $user_level; if (isset($_GET['ret']) && !empty($_GET['ret'])) { header("Location: $_GET[ret]"); } else { header("Location: myaccount.php"); } //echo "Logged in..."; exit(); } header("Location: login.php?msg=Invalid Login"); //echo "Error:"; exit(); } How to protect pages with login script Once the user logs in, all you have to do is just put the following code on top of pages you want to protect (only available to logged users) like myaccount.php, page1.php, page2.php etc... It should be on very top of every php page
PHP Code:

<?php session_start(); if (!isset($_SESSION['user_name'])) { header("Location: login.php"); } <<other page content goes here>> ?> Logout script Just create a page logout.php and put the following code in it. All user need to do is access this page to logout from the system.
PHP Code:

<?php session_start(); unset($_SESSION['user_name']); unset($_SESSION['user_level']); header("Location: login.php");

?> User Registration Register.php This script gets the password from users and stores it as md5 string. When you retreive this password to check for login make sure that you convert the given user password to md5 and then compare what is stored in the database.
PHP Code:

<?php include ('dbc.php'); if ($_POST['Submit'] == 'Register') { $rs_duplicates = mysql_query("select id from users where email='$_POST[em ail]'"); $duplicates = mysql_num_rows($rs_duplicates); if ($duplicates > 0) { //die ("ERROR: User account already exists."); header("Location: register.php?msg=ERROR: User account already exists..") ; exit(); } $rs_user_id = mysql_query("select id from users where user_name='$_POST[u ser_name]'"); $duplicate_user_id = mysql_num_rows($rs_user_id); if ($duplicate_user_id > 0) { //die ("ERROR: User account already exists."); header("Location: register.php?msg=ERROR: User name already exists.."); exit(); } if ($_POST['pass1'] != $_POST['pass2']) { //die ("Password does not match"); header("Location: register.php?msg=ERROR: Password does not match.."); exit(); } $md5pass = md5($_POST['pass2']); $activ_code = rand(1000,9999); mysql_query("INSERT INTO users (`name`,`email`,`pwd`,`country`,`joined`,`activation_code`, `user_name`)

VALUES ('$_POST[name]','$_POST[email]','$md5pass','$_POST[country] ',now(),'$activ_code','$_POST[user_name]')") or die(mysql_error()); $message = "Thank you for registering an account <put your content here>. Put here also link for activation"; mail($_POST['email'], "Login Activation", $message, "From: \"Domain\" <put_from_email_here>\r\n" . "X-Mailer: PHP/" . phpversion()); header("Location: register.php?done=1&msg=Registration Successful! An act ivation code has been sent to your email address..."); exit; } ?> Forgot Password Script Incase the user forgets the password, this script will reset the password and sends the user his new password to his email. This script first checks whether the user has account registered and then resets the password.
PHP Code:

if ($_POST['Submit']=='Send') { $rs_search = mysql_query("select email from users where email='$_POST[email]' "); $user_count = mysql_num_rows($rs_search); if ($user_count != 0) { $newpwd = rand(1000,9999); $newmd5pwd = md5($newpwd); mysql_query("UPDATE users set pwd='$newmd5pwd' where email='$_POST[email]'"); $message = "Here are the login details...\n\n User Name: $_POST[email] \n Password: $newpwd \n ____________________________________________ Thank you. This is an automated response. PLEASE DO NOT REPLY. "; mail($_POST['email'], "New Login Details", $message, "From: \"Domain\" <from_email_address>\r\n" . "X-Mailer: PHP/" . phpversion()); die("Thank you. New Login details has been sent to your email address"); } else die("Account with given email does not exist"); } ?>

Last edited by pbu : 06-16-2008 at 11:00 AM.

DirTimes Web Directory - Premium General web directory of quality websites. Submit today! Premium Web Directory - Premium general web directory. Submit your site for Inclusion
pbu View Public Profile Send a private message to pbu Visit pbu's homepage! Find all posts by pbu #2 05-14-2008, 06:37 PM

Apoztel
Junior Member Re: Free PHP Login Script

Join Date: May 2008 Posts: 1

Hi, thanks for the scripts, but how do I manipulate them for my needs/ Here is my MySQL code DROP DATABASE IF EXISTS dbjoinourteam; CREATE DATABASE dbjoinourteam; USE dbjoinourteam; CREATE TABLE admin ( adminid tinyint(3) unsigned NOT NULL auto_increment, adminusername varchar(15) NOT NULL, adminpassword varchar(15) NOT NULL, PRIMARY KEY (adminid) ) ENGINE=InnoDB DEFAULT CHARSET=latin1; INSERT INTO admin (adminid, adminusername, adminpassword) VALUES (1,'Smooby','#1Sm00bie#1'); CREATE TABLE jobopenings ( jobid int(10) unsigned NOT NULL auto_increment, jobname varchar(30) NOT NULL, PRIMARY KEY USING BTREE (jobid) ) ENGINE=InnoDB DEFAULT CHARSET=latin1; CREATE TABLE applicantinfo ( applicantid int(10) unsigned NOT NULL auto_increment, lastname varchar(255) NOT NULL, middleinitial varchar(1) NULL, firstname varchar(255) NOT NULL, email varchar(100) NOT NULL, emailapproved enum('n','y') NOT NULL default 'n', cellphone varchar(14) NULL,

workphone varchar(14) NULL, homephone varchar(14) NULL, resume varchar(64000) NOT NULL, applicationdate timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP, PRIMARY KEY (applicantid) ) ENGINE=InnoDB DEFAULT CHARSET=latin1; CREATE TABLE jobapplyingfor ( jobid int(10) unsigned NOT NULL, applicantid int(10) unsigned NOT NULL, KEY FK_jobapplyingfor_1 USING BTREE (jobid), CONSTRAINT FK_jopapplyingfor_1 FOREIGN KEY (jobid) REFERENCES jobopenings (jobid) ON DELETE CASCADE ON UPDATE CASCADE, KEY FK_jobapplyingfor_2 USING BTREE (applicantid), CONSTRAINT FK_jobapplyingfor_2 FOREIGN KEY (applicantid) REFERENCES applicantinfo (applicantid) ON DELETE CASCADE ON UPDATE CASCADE ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
Apoztel View Public Profile Find all posts by Apoztel #3 05-14-2008, 07:46 PM Join Date: Feb 2008 Location: hrwebdir.org Posts: 308 Blog Entries: 11

admin
Administrator

Re: Free PHP Login Script

All you need is two fields for the applicants to login with user name and password. CREATE TABLE applicantinfo ( applicantid int(10) unsigned NOT NULL auto_increment, applicant_userid VARCHAR(100), applicant_passwd VARCHAR(100), lastname varchar(255) NOT NULL, middleinitial varchar(1) NULL, firstname varchar(255) NOT NULL, email varchar(100) NOT NULL, emailapproved enum('n','y') NOT NULL default 'n', cellphone varchar(14) NULL, workphone varchar(14) NULL, homephone varchar(14) NULL, resume varchar(64000) NOT NULL, applicationdate timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP, PRIMARY KEY (applicantid) ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
admin

View Public Profile Send a private message to admin Visit admin's homepage! Find all posts by admin View Blog #4 07-29-2008, 02:36 AM

webdesigner706
Junior Member Re: Free PHP Login Script

Join Date: Jul 2008 Posts: 1

Thanks for the Script....It does exactly what I needed. I have been in design a while but just getting started with PHP. So, not only does it work for the log in I needed, it gives me a nice script to study. Thanks again.
webdesigner706 View Public Profile Find all posts by webdesigner706 #5 09-30-2008, 02:12 PM

kino
Junior Member Re: cant register users to my site

Join Date: Sep 2008 Posts: 2

please help me out, am getting this error below. other scripts are running ok however the Register.php script cant even show the image. Is it because am using windows? <br /> <b>Fatal error</b>: Call to undefined function: imagepng() in <b>c:\program files\easyphp1-8\www\rottery\pngimg.php</b> on line <b>8</b><br />
kino View Public Profile Find all posts by kino #6 09-30-2008, 02:18 PM

kino
Junior Member Re: Free PHP Login Script

Join Date: Sep 2008 Posts: 2

the Login scripts are cool! but i cant see the image on the Register.php script. is it that am using windows please help. <br /> <b>Fatal error</b>: Call to undefined function: imagepng() in <b>c:\program

files\easyphp1-8\www\rottery\pngimg.php</b> on line <b>8</b><br />

kino View Public Profile Find all posts by kino #7 09-30-2008, 03:13 PM Join Date: Feb 2008 Location: hrwebdir.org Posts: 1,400

pbu
Administrator

Re: Free PHP Login Script

Thats because you dont have PHP GD library with PNG support is installed. __________________ Best PHP Scripts | Best Wordpress Themes
pbu View Public Profile Send a private message to pbu Visit pbu's homepage! Find all posts by pbu #8 10-25-2008, 07:11 PM

surbjit
Junior Member Re: Free PHP Login Script

Join Date: Oct 2008 Posts: 12

I get another error when i uploaded it to my webhost: Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'root'@'10.50.0.15' (using password: NO) in /home/a8271294/public_html/dbc.php on line 3 Im also using a free webhost and i cant make the username guest can someone tell me how to edit the database details to the username on my webhost and the password on my webhost?? thanks surbjit
surbjit View Public Profile Send a private message to surbjit Find all posts by surbjit #9 10-27-2008, 11:24 PM

stuart2301
Junior Member Re: Free PHP Login Script

Join Date: Oct 2008 Posts: 22

open up your dbc.php for editing and change line 3 to read your username@your hostname with password i think. All these should be placed in between the " ' " little quotes at the minute you have no password inbetween the last set good luck
stuart2301 View Public Profile Send a private message to stuart2301 Find all posts by stuart2301 #10 10-31-2008, 10:30 PM

surbjit
Junior Member Re: Free PHP Login Script

Join Date: Oct 2008 Posts: 12

Right ive got another problem everything works but the email validation is not being sent ? Please help me sorry for being such a pain but im a complete newbie to this all! Thanks, surbjit