Posted By

AlexPrisoner on 04/12/08
Tagged

Versions (?)

usercp.php

/ Published in: PHP
URL: http://www.myworldness.com
Its a good code!
Expand | Embed | Plain Text
<?PHP session_start(); // NEVER REMOVE THIS!
//Variables you would need to change!
$dbhost = 'localhost'; //Your Database Host!
$dbuser = 'exdeeorg_mwn'; //Your Database Username!
$dbpass = 'mwnalex'; //Your Database Password!
$dbname = 'exdeeorg_mwn'; //Your Database Name!
//END! DON'T EDIT ANYTHING BELOW THIS LINE IF YOU DON'T KNOW WHAT YOUR DOING!!!
 
$connect = mysql_connect($dbhost,$dbuser,$dbpass) or die("Could not connect to database<br/><b>Error:</b>".mysql_error());
mysql_select_db($dbname,$connect) or die("Could not connect to database<br/><b>Error:</b>".mysql_error());
 
function CleanText($value){
	return mysql_real_escape_string(htmlentities(stripslashes($value))); //Strips the code of anything that a hacker might try to do ;) Think smart!
}
 
//Login Script
if(isset($_POST['login'])){
	$username = CleanText($_POST['username']); 
	$password = CleanText(md5($_POST['password'])); //MD5 Hash so no one can view the passwords!
	$check = mysql_query("SELECT * FROM `users` WHERE username = '{$username}' AND password = '{$password}'") or die("Could not pull User Data to match data<br/><b>Error:</b>".mysql_error());
	if(mysql_num_rows($check) == 1){
		$userdata = mysql_fetch_array($check);
		$_SESSION['user_id'] = $userdata['id']; //Sets SESSION id so we can fetch Userdata!
		$_SESSION['logged_in'] = 1; //Sets the session to know that they are logged in!
		header("location: index.php");
	}
	else{
		die("Wrong username or password!");
	}
}
 
//Logout Script!
if(isset($_GET['logout'])){
	session_destroy();
	die('You have been logged out!<br/>Now being re-directed to home!<meta http-equiv="refresh" content="3;URL=index.php">
');
}
 
//Register Script!
if(isset($_POST['register'])){
	$username = CleanText($_POST['username']);
	$password = CleanText(md5($_POST['password'])); //Again MD5 hashed to keep your members safe!
	if($username == ''){
		die("You didn't enter a username!");
	}
	if($password == ''){
		die("You didn't enter a password!");
	}
	$checkusername = mysql_query("SELECT * FROM `users` WHERE username = '{$username}'") or die("Could not load users to check username<br/><b>Error</b>".mysql_error());
	if(mysql_num_rows($checkusername) == 1){
		die("That username has already been taken sorry!");
	}
	//Okay so if everything goes good time to insert!
	mysql_query("INSERT INTO `users` (username,password) VALUES ('{$username}','{$password}')") or die("Could not create account<br/><b>Error:</b>".mysql_error());
	die('Account created!<br/><a href="usercp.php?login">Click Here</a> to login!');
}
 
if(isset($_GET['login'])){
	echo '<form method="post">
<table width="500" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td>Username:</td>
    <td><input type="text" name="username"/></td>
  </tr>
  <tr>
    <td>Password</td>
    <td><input type="password" name="password"/></td>
  </tr>
  <tr>
    <td colspan="2" align="center"><input type="submit" name="login" value="Login!"/></td>
  </tr>
</table>
</form>';
}
if(isset($_GET['register'])){
	echo '<form method="post">
<table width="500" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td>Username:</td>
    <td><input type="text" name="username"/></td>
  </tr>
  <tr>
    <td>Password</td>
    <td><input type="password" name="password"/></td>
  </tr>
  <tr>
    <td colspan="2" align="center"><input type="submit" name="register" value="Register!"/></td>
  </tr>
</table>
</form>';
}
die("Could not find any data!");
?>
Report this snippet Tweet
Comment:
You need to login to post a comment.
Posted By

Tagged

Versions (?)

usercp.php

Related snippets

Choose a language for easy browsing:
