<?php
session_start();
session_register('isloggedin');
session_register('username');
session_register('cnt');
global $isloggedin , $dbhost, $dbuser, $dbpasswd, $dbname;
/*
you must change the below variables to allow the connection to your database
*/
$dbhost = "localhost";
$dbuser = "login";
$dbpasswd = "password";
$dbname = "DBname";
/* To Create the MYSQL table run this SQL
CREATE TABLE users
(id INT not null AUTO_INCREMENT,
name TEXT not null ,
pword TEXT not null ,
PRIMARY KEY (id),
INDEX (id),
UNIQUE (id))
*/
function login($username,$password) {
global $isloggedin , $dbhost, $dbuser, $dbpasswd, $dbname;
/*
Usage login($username,$password)
will test the input from a form and check it agains a pre existing database with user names and passwords in then
this will incode it using the md5 standard (see nerd handbook) of encryption.
Returns: true and sets the global session variable $isloggedin
false and you can do whatever you like with them
*/
//Data base connection.
$cnx = mysql_connect($dbhost,$dbuser,$dbpasswd) or die("Problem In first connection");
mysql_select_db($dbname,$cnx) or die(mysql_error());
$hash= md5($password); //encrypting the password
$query1= "select *
from users
WHERE name = '$username'
AND pword = '$hash'";
$result = mysql_query($query1) or die (mysql_error()); // boring old mysql query execution
if (!$result || mysql_num_rows($result) < 1){ // if there is no results returned then there wasn't a match, do your worst!
return false;
}
else {
while(list($id, $name, $pword, $cnt) = mysql_fetch_row($result)){
$cnt++;
$update = "UPDATE cnt
SET cnt='$cnt'
WHERE id='$id'";
$result2 = mysql_query($update);
}
if (!$isloggedin){
$hashvar = date("F d, Y H");
//setcookie('isloggedin',md5($hashvar),time()+(1 * 60 * 60),'/','',0); //take the comment out to use cookie version
$isloggedin = md5($hashvar);
return true;
}
else {
//If it is there then just update the variables
$hashvar = date("F d, Y H");
$isloggedin = md5($hashvar);
}
}
}
function testlogin(){
/*
This function will test to see if the user has logged in or not. This must be used on all pages that are secure
If this function is not used then you are not inside the login program.
USAGE: testlogin();
if (testlogin()){
do secure stuff;
}
else{
do unsecure stuff;
}
RETURNS: 1 if true and user is logged in
false if they are not
*/
global $isloggedin;
$hashvar = date("F d, Y H");
$crosscheck = md5($hashvar);
if ($crosscheck == $isloggedin){
return 1;
}
else {
return false;
}
}
function newuser($username,$password){
/*
This function is used to create new users. It takes in a username and password then encrypts the password and
stores it in a mysql database (SEE CREATE TABLE CODE ON LINE 7).
Returns 1 IF everything went ok
Returns 2 if There was an error
Returns 3 if that user already exists
*/
global $isloggedin , $dbhost, $dbuser, $dbpasswd, $dbname;
$cnx = mysql_connect($dbhost,$dbuser,$dbpasswd) or die("Problem In first connection");
mysql_select_db($dbname,$cnx) or die(mysql_error());
$query1= "select *
from users
WHERE name = '$username'";
$result= mysql_query($query1) or die(mysql_error());
if (!$result || mysql_num_rows($result) >= 1){ // if there is no results returned then there wasn't a match, do your worst!
$feedback = 3;
return $feedback;
}
else {
$hash= md5($password);
$query = "Insert into users (name,pword) VALUES ('$username','$hash')";
$result = mysql_query($query) or die(mysql_error());
if ($result){
return 1;
}
else{
return 2;
}
}
}
?>
|
|
Store
Your email:
