Member Avatar for ceteris

i have create a login page and registration

how can i view table from database to php output and to change password.

heres my login.php

<?php

session_start();

$username= $_POST['username'];
$password= $_POST['password'];


$password=md5($password);

if($username&&$password)
{
$connect=mysql_connect("localhost","root","") or die("Coldn't connect");
mysql_select_db("phplogin") or die("Couldn't find db");

$query=mysql_query("SELECT * from users WHERE username='$username'");

$numrows=mysql_num_rows($query);

if ($numrows!=0)
{
 while($row=mysql_fetch_assoc($query))
 {
  $dbusername=$row['username'];
  $dbpassword=$row['password'];
 }

 if ($username==$dbusername&&md5($password)==$dbpassword)
 {
   
  echo "youre in <a href='member.php'>Click</a> here to enter the member page.";

  $_SESSION['username']=$username;

 }
 else
      echo "incorrect password!";
}
else
    die("That user doesnt exist!");


}
else
    die("Please enter username and password!");

?>

and for register.php

<?php

$submit=$_POST['submit'];
$fullname=strip_tags($_POST['fullname']);
$username=strtolower(strip_tags($_POST['username']));
$password=$_POST['password'];
$repeatpassword=$_POST['repeatpassword'];
$date=date("Y-m-d");

if ($submit)
{


$connect=mysql_connect("localhost","root","");
mysql_select_db('phplogin');

$namecheck=mysql_query("SELECT username FROM users WHERE username='$username'");
$count=mysql_num_rows($namecheck);

if($count!=0)
{
  die ("Username already taken!");

}


//check for existance
if ($fullname&&$username&&$password&&$repeatpassword)
{

if ($password==$repeatpassword)
{

if (strlen($username)>25 || strlen($fullname)>25)
{

echo "your username/fullname shoudld be less than 25";

}
else

if (strlen($password)>25 || strlen($password)<6)

{
echo "your password should be between 6 and 25 character";

}
else

{
$password=md5($password);
$repeatpassword=md5($repeatpassword);





$query=mysql_query("INSERT INTO users VALUES ('','$fullname','$username','$password','$date') ");


echo "<p>you have registered , <a href='index.php' >return to login page</a> </p>";



}






}

else die ('password didnt match');

}
//end second if
else die ('please fill in all data');




}



?>
<html>

<h2> registration </h2> <br>


<form action="register.php" method="POST">
<table>
<tr>
<td>
Your full name::
</td>
<td>
<input type="text" name="fullname" value='<?php echo $fullname; ?>'>
</td>
</tr>

<tr>
<td>
Choose a username::
</td>
<td>
<input type="text" name="username" value='<?php echo $username; ?>'>
</td>
</tr>
<tr>
<td>
Choose a password::
</td>
<td>
<input type="password" name="password">
</td>
</tr>
<tr>
<td>
Repeat a password::
</td>
<td>
<input type="password" name="repeatpassword">
</td>
</tr>
</table>
<p>
<input type="submit" name="submit" value="Register">

</html>
Edited by ceteris because: n/a
  • 3 Contributors
  • 5 Replies
  • 166 Views
  • 9 Hours Discussion Span
  • Latest Post Latest Post by diafol

Recommended Answers

All 5 Replies

Member Avatar for diafol

Consider using the [ CODE ] button on the editor so that we can see the code properly. plain text code is too hard to read

Member Avatar for ceteris

i edit to [code] now. i just encrypt the password so i can view all table list from database. and how can i change the password?

Member Avatar for stoopkid

i hate people who copy/paste code, and when it doesn't work, post it to a forum instead of trying to solve it yourself.

to View usernames

$result = mysql_query("SELECT * FROM users");
  while($r = mysql_fetch_array($result)) {
   echo "$r['full_name']<br>";
   echo "$r['username']<br>";
   echo "$r['password']<br>";
}

You did not provide your MySQL structure, so those values may be different.

As for changing a password, you'll need to setup an Edit page, and you'll be using MySQL's UPDATE function. Google it.

Member Avatar for ceteris

i didnt just copy it. this code is working i just need help to view and change password

Member Avatar for diafol

You should never view a password.
Changing a pw should entail 3 fields (as you've placed):

<input ... name="pw" /><!--original-->
<input ... name="pw1" /><!--new-->
<input ... name="pw2" /><!--confirm-->

In your form handling:

session_start();
$user_id = $_SESSION['userid']; //this should be a clean integer
if(isset($_POST['submit'])){
   $error = false;
   $pw = $_POST['pw'];
   $pw1 = $_POST['pw1'];
   $pw2 = $_POST['pw2'];
   $salt1 = "4 s4lt"; //these could be taken from a secure include file
   $salt2 = "4n0th3r s4lt";
   if($pw1 == $pw2 && $pw1 != "" && $pw2 != "" && $pw !=""){
      $pw = md5( $salt1 . $pw . $salt2 );
      $r = mysql_query("SELECT password FROM users WHERE user_id = $user_id");
      if(mysql_num_rows($r)){
         $d = mysql_fetch_array($r);
         if($pw == $d['password']){
             $pw1 = md5( $salt1 . $pw1 . $salt2 );
             $pw2 = md5( $salt1 . $pw2 . $salt2 );
             $r = mysql_query("UPDATE users SET password = '$pw1'");
             if(mysql_affected_rows()){
                $msg = "You have successfully changed your password";
             }else{
                $error = true;
             }
         }else{
             $error = true;
         }
      }else{
          $error = true;
      }
   }else{
      $error=true;
   }
   if($error)$msg = "Your password could not be changed";
}

Here's a snippet off the top of my head. You'll get the idea. It's not a custom solution for you, but should help.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.