API tools faq
paste
Advertisement
Guest User

Simple signup/ login example by Miro Balearski

a guest
Feb 4th, 2019
317
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 5.01 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. /****
  4. Db schema
  5.  
  6. create table users (id int(10) not null primary key auto_increment,
  7.                    username varchar(255) not null unique,
  8.                    password varchar(255) not null,
  9.                    email varchar(255) not null default '');
  10.  
  11. ****/                  
  12.                    
  13.                    
  14. function get_dblink(){
  15.  
  16.     return  mysqli_connect("localhost","db_username","db_password","db_name");
  17. }
  18.  
  19. function register_form(){?>
  20.     <form method="post" >
  21.         Username :<input type = "text" name="username">
  22.         Passwod: <input type = "password" name="pass">
  23.         Retype Passwod:<input type = "password" name="pass2">
  24.         <input type="hidden" name="action" value="register">
  25.         <input type="submit" value="Login">
  26.     </form>
  27.     <?php
  28. }
  29.  
  30. function login_form(){
  31.    
  32.     ?>
  33.     <form method="post">
  34.         Username :<input type = "text" name="username">
  35.         Passwod: <input type = "password" name="pass">
  36.         <input type="hidden" name="action" value="login">      
  37.         <input type="submit" value="Login">
  38.     </form>
  39.     <?php
  40. }
  41.  
  42. function logout_form($username){ ?>
  43.     <form method="post">
  44.         <input type="hidden" name="action" value="logout">     
  45.         Logout <?=$username?> <input type="submit" value="Logout">
  46.     </form>
  47.     <?php
  48. }
  49.  
  50.  
  51. /**************************************************************/
  52.  
  53.  
  54. #Validators :
  55.  
  56. function validate_username($username){
  57.    
  58.     if(preg_match('/^[a-zA-Z0-9]{5,}$/', $username)) {
  59.         return true;
  60.     }else{
  61.         throw new Exception("The username should contain a-zA-Z0-9 and should be long 5 chars or more ") ; 
  62.     }
  63. }
  64.  
  65. function validate_password($pass){
  66.    
  67.     if(preg_match('/^[a-zA-Z0-9]{5,}$/', $pass)) {
  68.         return true;
  69.     }else{
  70.         throw new Exception("The password should contain a-zA-Z0-9 and should be long 5 chars or more ");
  71.     }
  72. }
  73. function validate_password_dont_match_the_username($pass, $username){
  74.    
  75.     if($pass===$username){
  76.         throw new Exception("The password can not be the same as the username");   
  77.     }else{
  78.         return true;
  79.     }
  80. }
  81.  
  82. function validate_registration_passwords_match($pass, $pass2){
  83.    
  84.     if($pass===$pass2){
  85.         return true;
  86.     }
  87.     throw new Exception("The passwords don't match");
  88. }
  89.  
  90.  
  91. # DB functions ################################################
  92.  
  93. function authenticate_user($username, $password){
  94.    
  95.     $username= mysqli_real_escape_string(get_dblink(),$username);
  96.    
  97.     $qry = "select id, username, password from users where username='$username' ";
  98.     $res= mysqli_query(get_dblink(), $qry);
  99.     $rr= mysqli_fetch_assoc($res);
  100.    
  101.     return password_verify($password, $rr['password']);
  102. }
  103.  
  104. # Register user
  105.  
  106. function add_user_to_the_database($username,$pass){
  107.    
  108.     $dblink=get_dblink();
  109.    
  110.     $hashed_pass = password_hash($pass, PASSWORD_BCRYPT);
  111.     $username= mysqli_real_escape_string(get_dblink(),$username);
  112.     $qry = "insert into users(username, password) values ('$username', '$hashed_pass')";
  113.  
  114.     mysqli_query( $dblink ,$qry);
  115.     if (mysqli_error($dblink)){
  116.         throw new Exception("Error inserting into the DB ". mysqli_error($dblink));
  117.     }  
  118. }
  119.  
  120.  
  121.  
  122.  
  123. function register_user($username, $pass, $pass2){
  124.    
  125.     try{
  126.         validate_username($username);
  127.         validate_password_dont_match_the_username($pass,$username);
  128.         validate_password($pass);
  129.         validate_registration_passwords_match($pass, $pass2);
  130.        
  131.             # and finally
  132.         add_user_to_the_database($username,$pass);
  133.  
  134.             # todo email validation
  135.             # or
  136.             # automaticaliy login the new user;
  137.        
  138.         login_user($username, $pass);
  139.    
  140.     } catch (Exception $e){
  141.        
  142.         print_r("<div style='color:red'>".$e->getMessage()."</div>");
  143.     }
  144. }
  145.  
  146. function get_user_id_by_username($username){
  147.    
  148.     $username= mysqli_real_escape_string(get_dblink(),$username);
  149.     $qry = "select id  from users where username='$username' ";
  150.     $res= mysqli_query(get_dblink(), $qry);
  151.     $rr= mysqli_fetch_assoc($res);
  152.     return $rr['id'];
  153. }
  154.  
  155. function login_user($username, $password){
  156.    
  157.     if(authenticate_user($username, $password)){
  158.         $_SESSION['valid_user_id'] = get_user_id_by_username($username);
  159.         $_SESSION['username']=$username;
  160.        
  161.     }
  162. }
  163.  
  164. function loggedin_user(){
  165.     return $_SESSION['valid_user_id'];
  166. }
  167.  
  168. function logout_user(){
  169.     session_destroy();
  170. }
  171.  
  172. /***************************************************/
  173.  
  174. session_start();
  175.  
  176. # handle http post requests
  177.  
  178. if(isset($_POST['action']))
  179.     switch($_POST['action']){
  180.        
  181.         case "login":
  182.             login_user($_POST['username'], $_POST['pass']);
  183.         break;
  184.         case "logout":
  185.             logout_user();
  186.         break;  
  187.         case "register":
  188.             register_user($_POST['username'], $_POST['pass'], $_POST['pass2']);
  189.         break;
  190.     }
  191.  
  192. # application
  193.  
  194. if(!loggedin_user()){
  195.    
  196.     # show_some_content_for_NOT_logged_in_users_here();
  197.    
  198.     echo "<h1>You are not logged in. Please Login or Register</h1>";    
  199.     echo "<br><H2>Register:</H2>";
  200.  
  201.     register_form();
  202.  
  203.     echo "<br><H2>Login:</H2>";
  204.     login_form();
  205.    
  206.    
  207.    
  208.     # not registered users exprience stops here
  209.     exit(0);
  210. }
  211.  
  212.  
  213.  
  214. # This content will be available only for logged in users
  215.  
  216. echo "<h1>You are logged in as \"$_SESSION[username]\" </h1>";  
  217. logout_form($_SESSION['username']);
  218.  
  219. # show_content_for_logged_in_users_only();
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!