Redirect to "members" page based on Login

cwazybrad

Hey everyone 🙂

I'm trying to develop this 'page' or 'small' website for a friend and I need some help. (Please be nice)

I am not sure if PHP is the right way to do this, but basically what I want is to have a website where a Member/User logs in, and that login will take them to there own "personalised" page, or HTML where they can download a file. This file will just be uploaded daily by the company.

I could be looking at up to about 100 members (and possibly growing) and each have there own unique code, email or password. (pref. just a Code and Passsword) - so I was thinking MYSQL and PHP, but wasn't sure.

Does any one know or could provide me to a starting point/tutorial? I know you can make a PHP login using Dreamweaver etc, but this is 'specific' to the User Login.

Would appreciate any help,

Thanks heaps.

roscor

Here is what is on this post

1/ create table code
2/ insert code
3/ form, can be used for insert code and select code but on separate pages
4/ select code

all PHP code should be place at the very start of each page before anything else including html

first create a table on your mysql database, here's how, in your text editor of choice, notepad, front-page, allycode etc, create a new php Page call it
create table.php

Put this into the page

<?php
//database connection info
    include("dbconnphp");

$conn = mysql_connect($host, $username, $password) or die(mysql_error());
mysql_select_db($database,$conn) or die(mysql_error());

// Create a MySQL table in the selected database setting three fields, id, username and password, the id is auto increment.
mysql_query("CREATE TABLE members(
id INT NOT NULL AUTO_INCREMENT, 
PRIMARY KEY(id),
 username VARCHAR(30), 
 password VARCHAR(30)")
 or die(mysql_error());  

echo "Table Created!";

?>

save the page then call the page by putting create table.php into the address bar. If there is an error you will see what is wrong because of die(mysql_error());
otherwise you will see Table Created because of the echo which is similar to print .

Insert Code

<?PHP session_start();//used when creating session enabled pages

//on send the form checks using following code
if($_POST['submit']=="send") {

//preg match checks characters in username text box and allows a to z and A to Z the 4 is the minimum number of characters. if the validation fails $error1 is envoked 
 if(preg_match('/^[a-z0-9_-]{4,}$/i', $_POST['username'])){
        $user = $_POST['username'];     

    }
        else {
        $error1 .= "<font face='Verdana' size='2' color='#FF0000'>Error: on Text box USERNAME, Do not use invalid characters ? < > . , - + = ~ # @ | \ / '' ' : ; { } [ ] * ^ ! etc.";
             }   

//same as above but checks password
  if(preg_match('/^[a-z0-9_-]{4,}$/i', $_POST['password'])){
// will send password to your database encrypted MD5, 
        $passw = md5($_POST['password']);
    }
        else {
        $error2 .= "<font face='Verdana' size='2' color='#FF0000'>Error: on Text Box PASSWORD, Do not use invalid characters ? < > . , - + = ~ # @ | \ / '' ' : ; { } [ ] * ^ ! etc.";
            }           

//database connection info
include("dbconnphp");

//connection to database which includes host, username and password, not to be confused with your form, 
$conn = mysql_connect($host, $username, $password) or die(mysql_error());
mysql_select_db($database,$conn) or die(mysql_error());


//if inserting data use a form similar to the one below useing the query INSERT
$query = "INSERT INTO members VALUES('','$user','$passw')";
mysql_query($query);

echo 'Member Registration Successful'
}

else {
echo 'Sorry Not Registed your details at this time, try again later'
         }
}

?>

You need to create two text boxes, usually username and password,

something like this,

The <?php echo $_SERVER['PHP_SELF']; ?> parses the page and checks any validation you have when the form is sent ("send"). Place this within the <body> tags of your page.

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" >  

<STRONG>Username:</STRONG>&nbsp;<INPUT TYPE="text" NAME="username" value="<? echo $user; ?>"><? $error1; ?><br><br>
<STRONG>Password:</STRONG>&nbsp;&nbsp;<INPUT TYPE="password" NAME="password" value="<? echo $passw; ?>"><? $error2; ?></p>
<P><input name="submit" type="submit" value="send">&nbsp;&nbsp;<input type="reset" name="reset">

</form>

Select Code

<?PHP session_start();//used when creating session enabled pages

//on send the form checks using following code
if($_POST['submit']=="send") {

//preg match checks characters in username text box and allows a to z and A to Z the 4 is the minimum number of characters. if the validation fails $error1 is envoked 
 if(preg_match('/^[a-z0-9_-]{4,}$/i', $_POST['username'])){
        $user = $_POST['username'];     

    }
        else {
        $error1 .= "<font face='Verdana' size='2' color='#FF0000'>Error: on Text box USERNAME, Do not use invalid characters ? < > . , - + = ~ # @ | \ / '' ' : ; { } [ ] * ^ ! etc.";
             }   

//same as above but checks password
  if(preg_match('/^[a-z0-9_-]{4,}$/i', $_POST['password'])){
// will send password to your database encrypted MD5, 
        $passw = md5($_POST['password']);
    }
        else {
        $error2 .= "<font face='Verdana' size='2' color='#FF0000'>Error: on Text Box PASSWORD, Do not use invalid characters ? < > . , - + = ~ # @ | \ / '' ' : ; { } [ ] * ^ ! etc.";
            }   


//database connection info
include("dbconnphp");

//connection to database which includes host, username and password, not to be confused with your form, 
$conn = mysql_connect($host, $username, $password) or die(mysql_error());
mysql_select_db($database,$conn) or die(mysql_error());

// select uses * which means everything from your table_name and checks both username and password
    $query="SELECT * FROM members WHERE  username ='$user' and password ='$passw'";
    $result = mysql_query($query) or die ("Could not run query.");

// always use two equals == which means equal to, in this case 1 which means the member must be on the database
 if (mysql_num_rows($result) == 1) {

$user = mysql_result($result,0, 'username');
$passw = mysql_result($result,0,"password");

//creates session valid user
$_SESSION['vuser']=$user;

//header redirects if all code is validated and a member is found
header("target page once validation is complete.php");
}
 else {
//if there is no member the page will die and a blank screen will display the message below
die('Not authorised Restricted Area');
}
  }
?>

on the target page to ensure you only have valid users add

<?PHP session_start();//needed on all session enabled pages or you session varible woill not be usable
if (empty($_SESSION['vuser'])){
 die('Not authorised Restricted Area');
}
else
{
rest of code
*
*
*
 finished with a curly bracket
}

a lot to take in,sorry about the structure of the post,

roscor

cwazybrad

Hi roscor

Thanks very much for this detailed information, it was extremely helpful, but this code you have given me - this doesn't look 'unique' to each user login.

Reading through it, it sounds like it directs 'all' users to the same page.

I dont want this,

What i'm trying to get is when each user logs into the site, they are directed to a different landing page (or 'home' page) based on the Login.

e.g.

John logs in and gets redirected to John.html
Mary logs in and gets redirected to Mary.html

etc,

I was thinking, if i create a mySQL database, and add a

user
password
redirect

I could put the redirect link/URL and then have the PHP redirect the user to that field or data.

Does this make sense?

halojoy

yesy
that is how you should do it.

In case of a successful username/password match in login
you have the users redirect page
and you can use

<?php

// username/password did match
// so set user logged_in, in session and eventual cookie
$_SESSION['logged_in'] = true;

// redirect to user startpage
header( 'location '.$redirect_page );

exit();
// login complete, we stop script with exit

?>