Hi everyone, I am at University of Ulster in Ireland studying computing science. My final year project is to develop a system to manage a chess club which must incorporate access rights (e.g. admin and ordinary members). I have decided to use PHP, MySQL and Apache. I have never used PHP language before, If anybody can give me any help or advise it would be very much appreciated…
Thanks
That is fairly simple. Either go to PHP.net and study SESSION variables or google it.
Learn how to set and check SESSION variables. Here is what you will need to create a login form and validate users.
Set up a database on your MySQL site. If you are thinking of doing it locally for testing, look into installing Apache’s XAMMP. ( http://www.apachefriends.org/en/xampp.html ) This will install Apache, MySQL and PHP
all in one swipe. The database should have a table, let’s call it Users. In the User’s table have two fields,
one called UserID and one UserPassword. Enter some data for you such as “john doe” and “mypass”.
(that will be used for testing.
Next, you need a login/registration form. This can be a simple HTML page with a form on it. The form should include two input text fields with the two above inputs. And two submit buttons, one for “LOGIN” and one for “REGISTER”. The form’s action will point to a second page, let’s call it UserCheck.php.
The second file, UserCheck.php will read the posted data from the text boxes, let’s call them ‘user’ and ‘pass’. Then the database would be open and queried with something like: SELECT * FROM USERS WHERE UserID = "$_POST[‘user’] "… Of course this is just a quick idea list, you will have to check out how to do it or ask questions here. Once the query id completed, you end up with a recordset that contains just that user’s data. You compare the ‘UserPassword’ with what they typed in. If it fails echo the error message. If it matches, set the session variable that passes thru every other page in the site. Something like $_SESSION[‘userok’]=“yes”;
On every other page on the site, the first few lines of code would be checking that session code which would redirect to a you-are-not-allowed page to display an error.
Something like if ($_SESSION[‘userok’]!=“yes”) header(“Location: InvalidUser.php”);
Well enough for you to think about for a start.
WOW, I just found a nice tutorial on this subject for you. It covers a lot of extra security info you should learn, too. it will help! http://phpsense.com/2006/php-login-script/