[PHP] OOP Login/Register script (with no HTML form)


/ Published in: PHP
Save to your folder(s)



Copy this code and paste it in your HTML
  1. <?php
  2. DEFINE("USED_LOCALLY", "1");
  3. include("functions.php");
  4.  
  5. interface post_data {
  6.  
  7. // Create interface that the main class will rely on
  8.  
  9. function login_get_data();
  10. function login_clean_data();
  11. function login_check_data();
  12.  
  13. function register_get_clean_data();
  14. function register_add_data();
  15.  
  16. function logout();
  17. }
  18.  
  19. abstract class sql_server {
  20.  
  21. // Class that handles the SQL connection
  22.  
  23. public $cnx;
  24. public function __construct() {
  25. $this -> cnx = mysql_connect("localhost", "root", "password");
  26. mysql_select_db("login", $this -> cnx);
  27. }
  28. }
  29.  
  30. class post_data_class extends sql_server implements post_data {
  31. // Creating the main variables and setting them to private for security
  32.  
  33. private $login_vars = array("Username" => NULL,
  34. "Password" => NULL);
  35. private $register_vars = array("Full Name" => NULL,
  36. "Country" => NULL,
  37. "Phone Number" => NULL,
  38. "Address" => NULL,
  39. "Email" => NULL,
  40. "User_Name" => NULL,
  41. "Pass_Word" => NULL);
  42.  
  43. // Getting the POST data automatically and setting them to the private variables.
  44.  
  45. public function __construct() {
  46. parent::__construct();
  47.  
  48. if(isset($_POST["login_submit"])) {
  49.  
  50. // Stating the process by collecting data
  51.  
  52. $this -> login_get_data();
  53. }
  54.  
  55. else {
  56.  
  57. // Logging off if no form has been submitted and there's a GET in the URL
  58.  
  59. if(isset($_GET["logout"])) {
  60.  
  61. // Logging out
  62.  
  63. $this -> logout();
  64.  
  65. }
  66.  
  67. }
  68.  
  69. if(isset($_POST["register_submit"])) {
  70.  
  71. // Working on the register script if the register form was submitted
  72.  
  73. $this -> register_get_clean_data();
  74. }
  75.  
  76. else {
  77. redirect("index.php");
  78. die();
  79. }
  80. }
  81.  
  82. public function login_get_data() {
  83.  
  84. // Giving error if any of the fields are empty
  85.  
  86. if(empty($_POST["username"]) || empty($_POST["password"])) {
  87. $_SESSION["login"]["error"] = "Make sure none of the fields are empty";
  88. redirect("index.php");
  89. die();
  90. }
  91.  
  92. // Else, processing
  93.  
  94. else {
  95. $this -> login_vars["Username"] = $_POST["username"];
  96. $this -> login_vars["Password"] = $_POST["password"];
  97.  
  98. $this -> login_clean_data();
  99. }
  100. }
  101.  
  102. public function register_get_clean_data() {
  103.  
  104. // Giving error in case any of the fields are empty
  105.  
  106. if(empty($_POST["full_name"]) || empty($_POST["phone_number"]) || empty($_POST["email"]) || empty($_POST["address"]) || empty($_POST["user_name"]) || empty($_POST["pass_word"]) || empty($_POST["pass_word_verification"])) {
  107. $_SESSION["register"]["error"] = "Make sure none of the fields are empty.";
  108. redirect("index.php");
  109. die();
  110. }
  111.  
  112. // Verifying information
  113.  
  114. // Full Name
  115.  
  116. if(!preg_match("/(.*)\\s(.*)/", $_POST["full_name"]) || strlen($_POST["full_name"]) < 5) {
  117. $_SESSION["register"]["error"] = "Make sure your full name is a valid one.";
  118. }
  119.  
  120. // Phone Number
  121.  
  122. if(!is_numeric($_POST["phone_number"]) || strlen($_POST["phone_number"]) < 5) {
  123. $_SESSION["register"]["error"] .= "<br />" . "Make sure your phone number is a valid one.";
  124. }
  125.  
  126. // Email
  127.  
  128. if(!is_valid_email($_POST["email"])) {
  129. $_SESSION["register"]["error"] .= "<br />" . "Make sure your e-mail is a valid one.";
  130. }
  131.  
  132. else {
  133. $clean_email = sanitize($_POST["email"]);
  134. $clean_email_check = mysql_query("SELECT * FROM Users WHERE 'Email' = '" . $clean_email . "'");
  135. if(mysql_num_rows($clean_email_check) > 0) {
  136. $_SESSION["register"]["error"] .= "<br />" . "Your email is already taken.";
  137. }
  138. }
  139.  
  140. // Address
  141.  
  142. if(!preg_match("/(.*)\\s(.*)/", $_POST["address"]) || strlen($_POST["address"]) < 10) {
  143. $_SESSION["register"]["error"] .= "<br />" . "Make sure your address is a valid one.";
  144. }
  145.  
  146. // Username
  147.  
  148. if(strlen($_POST["user_name"]) > 15) {
  149. $_SESSION["register"]["error"] .= "<br />" . "Your username is too long.";
  150. }
  151.  
  152. else {
  153.  
  154. $clean_user_name = sanitize($_POST["user_name"]);
  155.  
  156. $user_name_check = mysql_query("SELECT * FROM Users WHERE 'Username' = '" . $clean_user_name . "'");
  157.  
  158. if(mysql_num_rows($user_name_check) > 0) {
  159. $_SESSION["register"]["error"] .= "<br />" . "Your username is already taken.";
  160. }
  161. }
  162. // Password
  163.  
  164. if($_POST["pass_word"] !== $_POST["pass_word_verification"]) {
  165. $_SESSION["register"]["error"] .= "<br />" . "Make sure your passwords match.";
  166. }
  167.  
  168. if(isset($_SESSION["register"]["error"])) {
  169.  
  170. redirect("index.php");
  171. die();
  172. }
  173.  
  174.  
  175. // Sanitizing the results
  176.  
  177. $temporary_register_array = array("Full Name" => $_POST["full_name"],
  178. "Country" => $_POST["country"],
  179. "Email" => $_POST["email"],
  180. "Address" => $_POST["address"],
  181. "Phone Number" => $_POST["phone_number"],
  182. "User_Name" => $_POST["user_name"],
  183. "Pass_Word" => hash('sha512', $_POST["pass_word"]));
  184.  
  185. $clean_register_results = array_map("sanitize", $temporary_register_array);
  186.  
  187. $this -> register_vars = $clean_register_results;
  188.  
  189. $this -> register_add_data();
  190.  
  191. }
  192.  
  193.  
  194. public function login_clean_data() {
  195.  
  196. // Function that sanitizes the POST data
  197.  
  198. $clean_results = array_map("sanitize", $this -> login_vars);
  199.  
  200. $this -> login_vars["Username"] = $clean_results["Username"];
  201. $this -> login_vars["Password"] = hash('sha512', $clean_results["Password"]);
  202.  
  203.  
  204. // Processing the last step which is checking to see if what is provided is correct
  205.  
  206. $this -> login_check_data();
  207. }
  208.  
  209. public function login_check_data() {
  210.  
  211. // Checking the database for the given information
  212.  
  213. $query = "SELECT * FROM Users
  214. WHERE `Username` = '" . $this -> login_vars["Username"] . "' && `Password` = '" . $this -> login_vars["Password"] . "'";
  215. $query = mysql_query($query);
  216.  
  217. if(mysql_num_rows($query) > 0) {
  218.  
  219. // If information is valid
  220.  
  221. $_SESSION["id"] = 1;
  222. $_SESSION["username"] = $this -> login_vars["Username"];
  223. $_SESSION["password"] = $this -> login_vars["Password"];
  224.  
  225. redirect("index.php");
  226. die();
  227. }
  228.  
  229. else {
  230. $_SESSION["login"]["error"] = "Username/Password combination is invalid.";
  231. redirect("index.php");
  232. die();
  233. }
  234. }
  235.  
  236. public function register_add_data() {
  237.  
  238. // Adding the values to the database
  239.  
  240. mysql_query("INSERT INTO Users
  241. (`Username`, `Password`, `Full Name`, `Phone Number`, `Address`, `Country`, `Email`)
  242. VALUES ('" . $this -> register_vars["User_Name"] . "', '" . $this -> register_vars["Pass_Word"] . "', '" . $this -> register_vars["Full Name"] . "', '00" . $this -> register_vars["Phone Number"] . "', '" . $this -> register_vars["Address"] . "', '" . $this -> register_vars["Country"] . "', '" . $this -> register_vars["Email"] . "')");
  243. redirect("index.php");
  244. }
  245.  
  246.  
  247.  
  248.  
  249.  
  250.  
  251. public function logout() {
  252.  
  253. // Exiting if user is not logged in
  254.  
  255. if(!is_logged_in()) {
  256. die("You are not logged in.");
  257. }
  258.  
  259. else {
  260. $_SESSION = array();
  261. redirect("index.php");
  262. die();
  263. }
  264. }
  265.  
  266. }
  267.  
  268. $start = new post_data_class();
  269. ?>

Report this snippet


Comments

RSS Icon Subscribe to comments

You need to login to post a comment.