PHP/MySQLi Creating a Forum - Part 14 - User Login and User Levels Theory

Submitted by Yorkiebar on Thursday, January 23, 2014 - 10:50.
PHP/MySQLi Creating a Forum - Part 13 - Users & Registering Introduction: This tutorial will be continuing my series of creating a forum in PHP/MySQLi/HTML. This part will be covering logging in for users and running over the theory of user levels. Pre-creation: First you will need a host for your PHP, either a web host or localhost is fine but you will need PHP and MySQL(i) capabilities. Also, this will not be covering creating users, or styling the pages. For the purpose of using the logged in users username, we will be using $_SESSION['username']; from my login script, you can find that tutorial on my profile page. Obviously you will also need to go through all the previous parts of this tutorial series which can all be found on my profile tracking page. login.php: First we will create the HTML form for the users to login to their account through, I am going to do this on a new login.php page...
  3. </head>
  5. <form action='login.php' method='POST'>
  6.         <table>
  7.                 <tbody>
  8.                         <tr>
  9.                                 <td>Username: </td>
  10.                                 <td><input type='text' name='user' /></td>
  11.                         </tr>
  12.                         <tr>
  13.                                 <td>Password: </td>
  14.                                 <td><input type='password' name='pass' /></td>
  15.                         </tr>
  16.                         <tr>
  17.                                 <td></td>
  18.                                 <td><input type='submit' value='Log in' name='login' /></td>
  19.                         </tr>
  20.                 </tbody>
  21.         </table>
  22. </form>
  23. </body>
  24. </html>
Again, just like the register form; this will need a username and password to be entered by the user. The action of the form goes back to itself on login.php so that is where we are going to place our PHP processing code (at the top of the document). Login: To process the login information, we first want to check all the information is there and validate it. If it is all ok, we will stored the entered information in our local user and pass variables and then encrypt the password to MD5 (Since it is encrypted within our database and we need to compare the two strings later on) adn store the encrypted password in our passMD5 variable. Next, we check if the username exists, and if it does we get the password in that row of the users table for the user account (md5 encrypted already). Finally we compare the two password strings and send the user to forumTutorial.php if they have logged in successfully. We also output any necessary information.
  1. <?php
  3. $con = mysqli_connect('localhost', 'root', '', 'forumTutorial');
  4. if (isSet($_POST['login']) && isSet($_POST['user']) && isSet($_POST['pass']) && $_POST['user'] != '' && $_POST['pass'] != '') {
  5.         $pass = $_POST['pass'];
  6.         $passMD5 = md5($pass);
  7.         $user = $_POST['user'];
  8.         $q = mysqli_query($con, "SELECT * FROM `users` WHERE `username`='$user'");
  9.         if (mysqli_num_rows($q) > 0) {
  10.                 $info = mysqli_fetch_array($q);
  11.                 $storedPassword = $info['password'];
  12.                 if ($storedPassword == $passMD5) {
  13.                         $_SESSION['username'] = $user;
  14.                         header("Location:forumTutorial.php");
  15.                         exit();
  16.                         echo 'Logged in!';
  17.                 }else
  18.                         echo 'Password was incorrect. Please try again.';
  19.         }else
  20.                 echo 'That username was not found. Please try again.';
  21. }
  22. ?>
User Levels Theory: Before I begin on the theory of User Levels, I am not currently planning on implementing this in to our forum, however if it is requested by enough people, I will do so (if you want the tutorial for the user levels, let me know through Private Message or by replying to this thread). So, what are User Levels? A user level is a way of defining how important a single user account is. The levels can be in any data type (string, integer, double, boolean, etc.), for example; (Admin, Moderator, Uploader), (1, 2, 3), or (true, false) - true or false could just be used to determine who can edit threads. User levels are fairly important for a full forum because without it, no one would be able to moderate the forum. However, depending on how detailed the user levels are, it could be a long sub-series of this series of forum creation.
Tags
php
MYSQL
MySQLi
Creating
Forum
User
login
Level
Theory

Comments

Submitted by liam (not verified) on Mon, 06/29/2015 - 21:43

hey, when i enter the correct username and password from my database i still get incorrect password any ideas?

Add new comment

About text formats