Activity Stream
48,167 MEMBERS
6730 ONLINE
besthostingforums On YouTube Subscribe to our Newsletter besthostingforums On Twitter besthostingforums On Facebook besthostingforums On facebook groups

Results 1 to 4 of 4
  1.     
    #1
    Member

    Default PHP PDO login system, user class. Also Includes a theming system {Source}

    Hello,


    Before you look at the source I would like to say a huge thank you to Bennett's (http://btreptow.com/) who is one of my developer/beta tester for Graft Development. He has imputed allot of his own work into script, and i cannot take credit for the input he has put into this himself. Secondly I would like to thank Brad for help testing the script at each stage.

    config.inc.php
    PHP Code: 
    <?php
    define
    ("MYSQL_HOST","localhost");
    define("MYSQL_USER","username");
    define("MYSQL_PASSWORD","password");
    define("MYSQL_DATABASE","db_name");
    define("CURRENT_DESIGN","default");

    try {
    $dbh = new PDO("mysql:host="MYSQL_HOST.";dbname=".MYSQL_DATABASE,MYSQL_USER,MYSQL_PASSWORD);
    } catch(
    PDOException $e){

    echo 
    $e->getMessage();
    }


    ?>
    user.inc.php
    PHP Code: 
    <?php
    class user {
    public 
    $uid "";
    public 
    $userinfo;
           
          public function 
    __construct($id null)
      {
          if(
    null !== $id)
          {
              
    $this->getUserInfo($id);
              
    $this->uid $id;
          }
      }
    public function 
    __destruct(){

    }
    public function 
    getUserInfo($id){
    global 
    $dbh;
    $st $dbh->prepare("SELECT * FROM `users` WHERE `id` = :id LIMIT 1");
    $st->execute(array(":id" => $id));
    $this->userinfo $st->fetch(PDO::FETCH_OBJ);
    }
    public function 
    login($email,$password){
    global 
    $dbh;
    $st $dbh->prepare("SELECT * FROM `users` WHERE `email` = :email AND `password` = :password LIMIT 1");
    $st->execute(array(":email" => $email,":password" => $password));
    $result $st->fetch(PDO::FETCH_OBJ);
    if (
    $result 0) { 
        
    $id $result->id;
      
    $this->uid $id;
      return 
    $id;
      } 
      else { 
          return 
    "Login error"
      } 
    }
    public function 
    signup($fname,$lname,$email,$password,$ip){
    global 
    $dbh;
    $st $dbh->prepare("SELECT count(*) FROM `users` WHERE `email` = :email LIMIT 1");
    $st->execute(array(":email" => $email));
    $Data  $st->fetchColumn();
    if (
    $Data 0) { 
      return 
    "Error on email";
    } else { 
    try {

          
    $st $dbh->prepare("INSERT INTO users (email, password, firstname, lastname, ip) value (:email, :password, :firstname, :lastname, :ip)"); 
          
    $st->execute(array(":email" => $email":password" => $password":firstname" => $fname":lastname" => $lname":ip" => $ip));
          } catch (
    PDOException $err) {
      return 
    "Error " $err->getMessage();
    }
    $st $dbh->prepare("SELECT * FROM `users` WHERE `email` = :email AND `password` = :password LIMIT 1");
    $st->execute(array(":email" => $email,":password" => $password));
    $result $st->fetch(PDO::FETCH_OBJ);
    if (
    $result 0) { 
        
    $id $result->id;
      
    $this->uid $id;
      return 
    $id;
      }

      } 
    }
    }

    ?>
    signup.php
    PHP Code: 
    <?php
    session_start
    ();
    include(
    "include/config.inc.php");
    include(
    "include/classes/user.inc.php");

    if (isset(
    $_POST['submit'])) {
    $fname htmlentities($_POST['fname']);
    $lname htmlentities($_POST['lname']);
    $email $_POST['email'];
    if(!
    filter_var($emailFILTER_VALIDATE_EMAIL)) {
    $error "This email address is not valid, sorry. Alternative this field could been left blank.";
    } Else {
    if(!
    filter_var($fnameFILTER_SANITIZE_STRIPPED)) {
    $error "This first name has been blocked by our filter, you cannot use miscellaneous characters. Alternative this field could been left blank.";
    } Else {
    if(!
    filter_var($lnameFILTER_SANITIZE_STRIPPED)) {
    $error "This last name has been blocked by our filter, you cannot use miscellaneous characters. Alternative this field could been left blank.";
    } Else {
    $pass htmlentities($_POST['password']);
    $password md5($pass);
    $ip $_SERVER['REMOTE_ADDR'];


    $user = New user;
    $signup $user->signup($fname,$lname,$email,$password,$ip);
    if (
    $signup == "Error on email") {
    $error "This email address is already in use, sorry";
    } Else {
    $_SESSION['id']= $signup;
    }}}}
    }


    $design "include/designs/".CURRENT_DESIGN."/";
    include(
    $design."design.top.inc.php");
    // Start of content


    if(isset($_SESSION['id'])) {
      echo 
    "<meta http-equiv='Refresh' content='0; url=https://website.com/'>
    "
    ;
    } else {
      include(
    $design."design.signup.inc.php");
    }


    // end of content
    include($design."design.bottom.inc.php");
    ?>
    logout.php
    PHP Code: 
    <?php
    session_start
    ();
    session_destroy();
    include(
    "include/config.inc.php");
    include(
    "include/classes/user.inc.php");
    $design "include/designs/".CURRENT_DESIGN."/";
    include(
    $design."design.top.inc.php");

      include(
    $design."design.login.inc.php");



    // end of content
    include($design."design.bottom.inc.php");
    ?>
    index.php
    PHP Code: 
    <?php
    session_start
    ();
    include(
    "include/config.inc.php");
    include(
    "include/classes/user.inc.php");
    if (isset(
    $_POST['submit'])) {

    $email htmlentities($_POST['email']);
    $pass htmlentities($_POST['password']);
    $password md5($pass);
    $user = New user;
    $login $user->login($email,$password);
    if (
    $login == "Login error") {
    echo 
    "wrong information";
    } Else {
    $_SESSION['id']= $login;
    }}


    $design "include/designs/".CURRENT_DESIGN."/";
    include(
    $design."design.top.inc.php");
    // Start of content


    if(isset($_SESSION['id'])) {
      include(
    $design."design.home.inc.php");
    } else {
      include(
    $design."design.login.inc.php");
    }


    // end of content
    include($design."design.bottom.inc.php");
    ?>
    design.home.inc.php
    PHP Code: 
    <?
    $user 
    = New user($_SESSION['id']);
    $result $user->userinfo;
    echo 
    $result->email."<br />";
    echo 
    $result->firstname."<br />";
    echo 
    $result->lastname."<br />";
    echo 
    $result->msn."<br />";
    echo 
    $result->aim."<br />";
    echo 
    $result->skype."<br />";
    unset(
    $user); 
    ?>
    design.login.inc.php
    PHP Code: 
    <div id="login_holder">
    <
    div class="login">
    <
    span class="title"><span>Login</span></span>
    <
    div class="content">

    <
    form action="" method="post">
    E-mail: <input type="email" name="email" /><br />
    Password: <input type="password" name="password" /><br />
    <
    input type="submit" name="submit" />

    </
    form>

    </
    div>
    </
    div>
    </
    div
    design.signup.inc.php
    PHP Code: 
    <div id="login_holder">
    <div class="login">
    <span class="title"><span>Signup</span></span>
    <div class="content">
    <? if ($error == "") {
    } else {
    echo  
    $error;
    }
    ?>
    <form action="" method="post">
    Firstname: <input type="text" name="fname" /><br />
    Lastname: <input type="text" name="lname" /><br />
    E-mail: <input type="email" name="email" /><br />
    Password: <input type="password" name="password" /><br />
    <input type="submit" name="submit" />

    </form>

    </div>
    </div>
    </div>
    The design.top.inc.php and design.bottom.inc.php is the html code of the website for all the pages.

    Lastly some tips this is what i use for my .htaccess
    Code: 
    #Start write engine
    RewriteEngine on
    #page 404 Page not found
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.+)$ 404.php
    
    #Hide index
    Options -Indexes
    I hope this can come in handy for a few people. If you find any security issues please tell me and i'll fix them.

    Regards,
    Jordan
    xifyhosting Reviewed by xifyhosting on . PHP PDO login system, user class. Also Includes a theming system {Source} Hello, Before you look at the source I would like to say a huge thank you to Bennett's (http://btreptow.com/) who is one of my developer/beta tester for Graft Development. He has imputed allot of his own work into script, and i cannot take credit for the input he has put into this himself. Secondly I would like to thank Brad for help testing the script at each stage. config.inc.php <?php define("MYSQL_HOST","localhost"); define("MYSQL_USER","username"); Rating: 5

  2.   Sponsored Links

  3.     
    #2
    Member
    Website's:
    Elite.SO Defendos.com Motionite.com
    Looks good mate

    Defendos BETA3 Released! Thread - Official Website

  4.     
    #3
    Member
    Looks sweet, nice post Jordan.

  5.     
    #4
    Member
    very useful.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. i want to add login system to my site...
    By Havis in forum Webmaster Discussion
    Replies: 5
    Last Post: 1st Aug 2012, 12:06 PM
  2. [Selling] jtLogin Secure Login System Nosql
    By safeservicejt in forum Marketplace (Buy, Sell and Trade)
    Replies: 0
    Last Post: 14th Apr 2012, 10:49 AM
  3. Common Login System
    By nairaweb in forum Web Development Area
    Replies: 8
    Last Post: 10th Apr 2012, 02:23 PM
  4. [Hiring] Need A Coder For User Login System
    By gopinath112 in forum Completed Transactions
    Replies: 2
    Last Post: 25th Aug 2011, 05:27 PM
  5. User Referrer system
    By Inevitable in forum vBulletin
    Replies: 1
    Last Post: 24th Apr 2009, 02:10 AM

Tags for this Thread

BE SOCIAL