Sie sind auf Seite 1von 19

1 Login IN php Mysql

Login in phpmysql

Admin.html <iframe name="loginadmin" style="position:absolute;border-color:#BBCEE6;borderwidth:1px;border-style:solid;" src="./loginadmin.php" frameborder="0"></iframe> Loginadmin.php

Change password.html <div id="wb_changepassword" style="position:absolute;width:574px;height:148px;"> <form name="changepassword" method="post" src=./changepassword.php" id="changepassword"> <input type="hidden" name="form_name" value="changepassword"> <div id="wb_Text1" style="position:absolute;left:4px;top:4px;width:566px;height:16px;text-align:center;zindex:2;"> <span style="color:#376BAD;font-family:Arial;font-size:13px;">Change your password</span></div> <div id="wb_Text2" style="position:absolute;left:4px;top:32px;width:280px;height:16px;text-align:right;zindex:3;"> <span style="color:#376BAD;font-family:Arial;fontsize:13px;">Password:</span></div> <input type="password" id="password" style="position:absolute;left:289px;top:29px;width:98px;height:18px;lineheight:18px;z-index:4;" name="password" value=""> Changepassword.php <?php Prepared by Aman Teno Elemo, Hawassa university@2012 from School of informatics 1

2 Login IN php Mysql session_start(); $error_message = ""; if ($_SERVER['REQUEST_METHOD'] == 'POST' && $_POST['form_name'] == 'changepassword') { $mysql_server = 'localhost'; $mysql_username = 'root'; $mysql_password = ''; $mysql_database = 'wys'; $mysql_table = 'users'; $success_page = ''; if (!isset($_SESSION['username'])) { $error_message = 'Not logged in!'; } else { $password_value = md5($_POST['password']); $newpassword = md5($_POST['newpassword']); $confirmpassword = md5($_POST['confirmpassword']); $username_value = $_SESSION['username']; if ($newpassword != $confirmpassword) { $error_message = 'The confirm new password must match the new password entry'; } else Prepared by Aman Teno Elemo, Hawassa university@2012 from School of informatics 2

3 Login IN php Mysql if (!ereg("^[A-Za-z0-9_!@$]{1,50}$", $newpassword)) { $error_message = 'New password is not valid, please check and try again!'; } else { $db = mysql_connect($mysql_server, $mysql_username, $mysql_password); if (!$db) { die('Failed to connect to database server!<br>'.mysql_error()); } mysql_select_db($mysql_database, $db) or die('Failed to select database<br>'.mysql_error()); $sql = "SELECT password FROM ".$mysql_table." WHERE username = '".mysql_real_escape_string($username_value)."'"; $result = mysql_query($sql, $db); if ($data = mysql_fetch_array($result)) { if ($password_value == $data['password']) { $sql = "UPDATE `".$mysql_table."` SET `password` = '$newpassword' WHERE `username` = '$username_value'"; mysql_query($sql, $db); } else { $error_message = 'Old password is not valid!'; Prepared by Aman Teno Elemo, Hawassa university@2012 from School of informatics 3

4 Login IN php Mysql } } mysql_close($db); if (empty($error_message)) { header('Location: '.$success_page); exit; } } } } ?>

Edit profile.html <div id="wb_editprofileform" style="position:absolute;width:368px;height:202px;"> <form name="editprofileform" method="post" action="<?php echo basename(__FILE__); ?>" id="editprofileform"> <input type="hidden" name="form_name" value="editprofileform"> <div id="wb_Text1" style="position:absolute;left:5px;top:5px;width:358px;height:16px;text-align:center;zindex:11;"> <span style="color:#376BAD;font-family:Arial;font-size:13px;">Edit Profile</span></div> <div id="wb_Text2" style="position:absolute;left:5px;top:33px;width:161px;height:16px;text-align:right;zindex:12;"> <span style="color:#376BAD;font-family:Arial;font-size:13px;">Full Name:</span></div> Prepared by Aman Teno Elemo, Hawassa university@2012 from School of informatics 4

5 Login IN php Mysql <input type="text" id="fullname" style="position:absolute;left:171px;top:30px;width:148px;height:18px;lineheight:18px;z-index:13;" name="fullname" value="<?php echo $db_fullname; ?>"> <div id="wb_Text3" style="position:absolute;left:5px;top:59px;width:161px;height:16px;text-align:right;zindex:14;"> <span style="color:#376BAD;font-family:Arial;font-size:13px;">User Name:</span></div> <input type="text" id="username" style="position:absolute;left:171px;top:56px;width:148px;height:18px;lineheight:18px;z-index:15;" name="username" value="<?php echo $db_username; ?>"> <div id="wb_Text4" style="position:absolute;left:5px;top:85px;width:161px;height:16px;text-align:right;zindex:16;"> <span style="color:#376BAD;font-family:Arial;fontsize:13px;">Password:</span></div> <input type="password" id="password" style="position:absolute;left:171px;top:82px;width:148px;height:18px;lineheight:18px;z-index:17;" name="password" value=""> <div id="wb_Text5" style="position:absolute;left:5px;top:111px;width:161px;height:16px;text-align:right;zindex:18;"> <span style="color:#376BAD;font-family:Arial;font-size:13px;">Confirm Password:</span></div> <input type="password" id="confirmpassword" style="position:absolute;left:171px;top:108px;width:148px;height:18px;lineheight:18px;z-index:19;" name="confirmpassword" value=""> <div id="wb_Text6" style="position:absolute;left:5px;top:137px;width:161px;height:16px;text-align:right;zindex:20;"> <span style="color:#376BAD;font-family:Arial;font-size:13px;">E-mail:</span></div> <input type="text" id="email" style="position:absolute;left:171px;top:134px;width:148px;height:18px;lineheight:18px;z-index:21;" name="email" value="<?php echo $db_email; ?>"> Prepared by Aman Teno Elemo, Hawassa university@2012 from School of informatics 5

6 Login IN php Mysql <input type="submit" id="update" name="update" value="Update" style="position:absolute;left:170px;top:177px;width:90px;height:20px;z-index:22;"> </form> </div> Editprofile.php <?php session_start(); if (!isset($_SESSION['username'])) { $accessdenied_page = ''; header('Location: '.$accessdenied_page); exit; } $mysql_server = 'localhost'; $mysql_username = 'root'; $mysql_password = ''; $mysql_database = 'wys'; $mysql_table = 'users'; $error_message = ''; $db_username = ''; $db_fullname = ''; $db_email = ''; if ($_SERVER['REQUEST_METHOD'] == 'POST' && $_POST['form_name'] == 'editprofileform') { $success_page = ''; $oldusername = $_SESSION['username']; Prepared by Aman Teno Elemo, Hawassa university@2012 from School of informatics 6

7 Login IN php Mysql $newusername = $_POST['username']; $newemail = $_POST['email']; $newpassword = $_POST['password']; $confirmpassword = $_POST['confirmpassword']; $newfullname = $_POST['fullname']; if ($newpassword != $confirmpassword) { $error_message = 'Password and Confirm Password are not the same!'; } else if (!ereg("^[A-Za-z0-9_!@$]{1,50}$", $newusername)) { $error_message = 'Username is not valid, please check and try again!'; } else if (!empty($newpassword) && !ereg("^[A-Za-z0-9_!@$]{1,50}$", $newpassword)) { $error_message = 'Password is not valid, please check and try again!'; } else if (!ereg("^[A-Za-z0-9_!@$.' &]{1,50}$", $newfullname)) { $error_message = 'Fullname is not valid, please check and try again!'; } else if (!ereg("^.+@.+\..+$", $newemail)) Prepared by Aman Teno Elemo, Hawassa university@2012 from School of informatics 7

8 Login IN php Mysql { $error_message = 'Email is not a valid email address. Please check and try again.'; } else { $db = mysql_connect($mysql_server, $mysql_username, $mysql_password); if (!$db) { die('Failed to connect to database server!<br>'.mysql_error()); } mysql_select_db($mysql_database, $db) or die('Failed to select database<br>'.mysql_error()); if ($oldusername != $newusername) { $sql = "SELECT username FROM ".$mysql_table." WHERE username = '".mysql_real_escape_string($newusername)."'"; $result = mysql_query($sql, $db); if ($data = mysql_fetch_array($result)) { $error_message = 'Username already used. Please select another username.'; } } if (empty($error_message)) { $crypt_pass = md5($newpassword); $newusername = mysql_real_escape_string($newusername); $newemail = mysql_real_escape_string($newemail); Prepared by Aman Teno Elemo, Hawassa university@2012 from School of informatics 8

9 Login IN php Mysql $newfullname = mysql_real_escape_string($newfullname); $sql = "UPDATE `".$mysql_table."` SET `username` = '$newusername', `fullname` = '$newfullname', `email` = '$newemail' WHERE `username` = '$oldusername'"; mysql_query($sql, $db); if (!empty($newpassword)) { $sql = "UPDATE `".$mysql_table."` SET `password` = '$crypt_pass' WHERE `username` = '$oldusername'"; mysql_query($sql, $db); } } mysql_close($db); if (empty($error_message)) { $_SESSION['username'] = $newusername; $_SESSION['fullname'] = $newfullname; header('Location: '.$success_page); exit; } } } $db = mysql_connect($mysql_server, $mysql_username, $mysql_password); if (!$db) { die('Failed to connect to database server!<br>'.mysql_error()); } Prepared by Aman Teno Elemo, Hawassa university@2012 from School of informatics 9

10 Login IN php Mysql mysql_select_db($mysql_database, $db) or die('Failed to select database<br>'.mysql_error()); $sql = "SELECT * FROM ".$mysql_table." WHERE username = '". $_SESSION['username']."'"; $result = mysql_query($sql, $db); if ($data = mysql_fetch_array($result)) { $db_username = $data['username']; $db_fullname = $data['fullname']; $db_email = $data['email']; } mysql_close($db); ?>

Loginname.html <span id="LoginName1">Welcome <?php if (isset($_SESSION['username'])) { echo $_SESSION['username']; } else { echo 'Not logged in'; } ?>!</span>

Login.html Prepared by Aman Teno Elemo, Hawassa university@2012 from School of informatics 10

11 Login IN php Mysql <div id="wb_loginform" style="position:absolute;width:313px;height:128px;"> <form name="loginform" method="post" action="<?php echo basename(__FILE__); ? >" id="loginform"> <input type="hidden" name="form_name" value="loginform"> <div id="wb_Text1" style="position:absolute;left:4px;top:4px;width:305px;height:16px;text-align:center;zindex:23;"> <span style="color:#376BAD;font-family:Arial;font-size:13px;">Log In</span></div> <div id="wb_Text2" style="position:absolute;left:4px;top:32px;width:133px;height:16px;text-align:right;zindex:24;"> <span style="color:#376BAD;font-family:Arial;font-size:13px;">User Name:</span></div> <input type="text" id="username" style="position:absolute;left:142px;top:29px;width:98px;height:18px;lineheight:18px;z-index:25;" name="username" value="<?php echo $username; ?>"> <div id="wb_Text3" style="position:absolute;left:4px;top:58px;width:133px;height:16px;text-align:right;zindex:26;"> <span style="color:#376BAD;font-family:Arial;fontsize:13px;">Password:</span></div> <input type="password" id="password" style="position:absolute;left:142px;top:55px;width:98px;height:18px;lineheight:18px;z-index:27;" name="password" value="<?php echo $password; ?>"> <div id="wb_Text4" style="position:absolute;left:156px;top:84px;width:153px;height:16px;z-index:28;"> <span style="color:#376BAD;font-family:Arial;font-size:13px;">Remember me</span></div> <input type="checkbox" id="rememberme" name="rememberme" value="on" style="position:absolute;left:141px;top:83px;z-index:29;"> <input type="submit" id="login" name="login" value="Log In" style="position:absolute;left:141px;top:104px;width:70px;height:20px;z-index:30;"> </form> Prepared by Aman Teno Elemo, Hawassa university@2012 from School of informatics 11

12 Login IN php Mysql </div>

Login.php <?php if ($_SERVER['REQUEST_METHOD'] == 'POST' && $_POST['form_name'] == 'loginform') { $success_page = ''; $error_page = basename(__FILE__); $mysql_server = 'localhost'; $mysql_username = 'root'; $mysql_password = ''; $mysql_database = 'wys'; $mysql_table = 'users'; $crypt_pass = md5($_POST['password']); $found = false; $fullname = '';

$db = mysql_connect($mysql_server, $mysql_username, $mysql_password); if (!$db) { die('Failed to connect to database server!<br>'.mysql_error()); } mysql_select_db($mysql_database, $db) or die('Failed to select database<br>'.mysql_error()); $sql = "SELECT password, fullname, active FROM ".$mysql_table." WHERE username = '".mysql_real_escape_string($_POST['username'])."'"; $result = mysql_query($sql, $db); Prepared by Aman Teno Elemo, Hawassa university@2012 from School of informatics 12

13 Login IN php Mysql if ($data = mysql_fetch_array($result)) { if ($crypt_pass == $data['password'] && $data['active'] != 0) { $found = true; $fullname = $data['fullname']; } } mysql_close($db); if($found == false) { header('Location: '.$error_page); exit; } else { session_start(); $_SESSION['username'] = $_POST['username']; $_SESSION['fullname'] = $fullname; $rememberme = isset($_POST['rememberme']) ? true : false; if ($rememberme) { setcookie('username', $_POST['username'], time() + 3600*24*30); setcookie('password', $_POST['password'], time() + 3600*24*30); } header('Location: '.$success_page); Prepared by Aman Teno Elemo, Hawassa university@2012 from School of informatics 13

14 Login IN php Mysql exit; } } $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : ''; $password = isset($_COOKIE['password']) ? $_COOKIE['password'] : ''; ?>

Logout.html <input type="submit" id="logout" name="logout" value="Logout" style="position:absolute;width:206px;height:67px;">

Logout.php <?php if ($_SERVER['REQUEST_METHOD'] == 'POST' && $_POST['form_name'] == 'logoutform') { session_start(); unset($_SESSION['username']); } ?>

Passwordrecovery.html <div id="wb_forgotpassword" style="position:absolute;width:281px;height:80px;"> <form name="forgotpassword" method="post" action="<?php echo basename(__FILE__); ?>" id="forgotpassword"> <input type="hidden" name="form_name" value="forgotpasswordform">

Prepared by Aman Teno Elemo, Hawassa university@2012 from School of informatics 14

15 Login IN php Mysql <div id="wb_Text1" style="position:absolute;left:4px;top:4px;width:273px;height:16px;text-align:center;zindex:31;"> <span style="color:#376BAD;font-family:Arial;font-size:13px;">Forgot your password? </span></div> <div id="wb_Text2" style="position:absolute;left:4px;top:32px;width:103px;height:16px;text-align:right;zindex:32;"> <span style="color:#376BAD;font-family:Arial;font-size:13px;">Email:</span></div> <input type="text" id="email" style="position:absolute;left:112px;top:29px;width:98px;height:18px;lineheight:18px;z-index:33;" name="email" value=""> <input type="submit" id="submit" name="submit" value="Submit" style="position:absolute;left:111px;top:56px;width:70px;height:20px;z-index:34;"> </form> </div>

Passwordrecovery.php <?php if ($_SERVER['REQUEST_METHOD'] == 'POST' && $_POST['form_name'] == 'forgotpasswordform') { $email = addslashes($_POST['email']); $success_page = ''; $error_page = basename(__FILE__); $mysql_server = 'localhost'; $mysql_username = 'root'; $mysql_password = ''; Prepared by Aman Teno Elemo, Hawassa university@2012 from School of informatics 15

16 Login IN php Mysql $mysql_database = 'wys'; $mysql_table = 'users'; $db = mysql_connect($mysql_server, $mysql_username, $mysql_password); if (!$db) { die('Failed to connect to database server!<br>'.mysql_error()); } mysql_select_db($mysql_database, $db) or die('Failed to select database<br>'.mysql_error()); $sql = "SELECT * FROM ".$mysql_table." WHERE email = '".mysql_real_escape_string($email)."'"; $result = mysql_query($sql, $db); if ($data = mysql_fetch_array($result)) { $alphanum = array('a','b','c','d','e','f','g','h','i','j','k','m','n','o','p','q','r','s','t','u','v','x','y','z','A','B','C','D',' E','F','G','H','I','J','K','M','N','P','Q','R','S','T','U','V','W','X','Y','Z','2','3','4','5','6','7','8','9'); $chars = sizeof($alphanum); $a = time(); mt_srand($a); for ($i=0; $i < 6; $i++) { $randnum = intval(mt_rand(0,56)); $newpassword .= $alphanum[$randnum]; } $crypt_pass = md5($newpassword); $sql = "UPDATE `".$mysql_table."` SET `password` = '$crypt_pass' WHERE `email` = '$email'"; Prepared by Aman Teno Elemo, Hawassa university@2012 from School of informatics 16

17 Login IN php Mysql mysql_query($sql, $db); $mailto = $_POST['email']; $subject = 'New password'; $message = 'Your new password for http://www.yourwebsite.com/ is:'; $message .= $newpassword; $header = "From: webmaster@yourwebsite.com"."\r\n"; $header .= "Reply-To: webmaster@yourwebsite.com"."\r\n"; $header .= "MIME-Version: 1.0"."\r\n"; $header .= "Content-Type: text/plain; charset=utf-8"."\r\n"; $header .= "Content-Transfer-Encoding: 8bit"."\r\n"; $header .= "X-Mailer: PHP v".phpversion(); mail($mailto, $subject, $message, $header); header('Location: '.$success_page); } else { header('Location: '.$error_page); } mysql_close($db); exit; } ?> Protectpage.php <?php session_start(); if (!isset($_SESSION['username'])) Prepared by Aman Teno Elemo, Hawassa university@2012 from School of informatics 17

18 Login IN php Mysql { header('Location: '); exit; } ?>

User redirect.php ?php session_start(); if (!isset($_SESSION['username'])) { header('Location: '); exit; } ?>

Biography of the Author Aman Teno was born in Ethiopia oromiya region Arsi zone In Gaasore/aminya tribe Ogolcho district From his father Teno Elemo/Xenoo Elemoo in afaan oromo/ And his Mother Guja Rabayo/Guujaa Rabbayyo in Faan orormo/ Prepared by Aman Teno Elemo, Hawassa university@2012 from School of informatics 18

19 Login IN php Mysql Education history Aman start his education at ZuwayMinch elementary school in 1995 september 02 or (1988 in local) Continue his education upto grade six mean 2001 then transfer to baricha elementary school in grade seven found in nearby local town Ogolcho in grade seven he dropout of his education then in next year he goto other place where his Ant(Nedhi) live in and start his education at Ashabeka elementary school found in sagure district. He finishes his grade seven at this school and come back to his home town in grade eight. Then he transfer to keterfuafuate highschool for grade nine and ten and finish his education there. Grade eleven first semester he start his education at Assella preparatory school but in second semester he transferred to Batu/Zuway/ preparatory and highschool due to the air condition is not comfortable for him. And finish hi education until grade twelve in Batu. After he finishes his school education he placed to hawassa university by the government placement in 2009.At hawassa university Aman start his education in information system department. And continue his education in good performance. And now at 2004 Aman is graduating class at hawassa university.

Behavioral history Aman have good behavior very sociable person. Have amazing tolerance ability

Aman follow muslim religion,

Prepared by Aman Teno Elemo, Hawassa university@2012 from School of informatics 19