# login and registration form script



## kelzr1987 (May 10, 2007)

I am making a website at the moment and i want to add a registration form and a login section for the website. Does anyone know of any good scripts?

Thanks


----------



## KoosHopeloos (Nov 3, 2004)

@ kelzr1987: I have no experience at all with this, but here are some links to scripts and tutorials. to get you started. Notice that some are older and perhaps need updating to current safety standards.
Link 1
Link 2
Link 3
Link 4
Link 5
Link 6


----------



## Redcore (Aug 14, 2007)

When I got started in this, I used the About.com resource (link 6 above). It wasn't to my exact liking, so I ended up taking their script and simplifying it. By now I've done countless login systems...honestly they're not as difficult as one might think. For the registration, you're going to have to store all of the user information in a database (you probably have MySQL with your hosting) and the login just needs to store a cookie with their username, user ID, and maybe even their authorization level (like 1 would be the administrator, 2 would be a moderator, and 3 would be a registered user). Here's an example of storing cookies:

*STORING A COOKIE:*

```
<?
$hour = time() + 3600*4;
$userid = "1";
$username = "redcore";
$access = "1";

setcookie("userid", $userid, $hour, "/", "yourdomain.com", 0);
setcookie("username", $username, $hour, "/", "yourdomain.com", 0); 
setcookie("access", $access, $hour, "/", "yourdomain.com", 0);
?>
```
Obviously you'd want to verify the posted variables the user sent from the login form with the database information and if that all checks out THEN you would set the cookie. If you're unclear what each entry in "setcookie" means, here's an explanation:


```
<? setcookie("name", "value", "expire", "path", "domain", "secure"); ?>
```
*Name* - Name you give the cookie. Make it unique. If your site is "PenguinGiftBags.com" you might want to make it something like "PGB_username" and so on.
*Value* - What you want to store. If this is storing the username, it would be storing something like "redcore" (if this was a cookie stored on my computer).
*Expire* - The time you give it to expire. I usually tack on a few hours. It's not that hard to log into a site once in awhile when there is sensitive information being accessed.
*Path* - The server path the cookie has availability on. "/" is the default path and will allow the cookie to be used anywhere on your server.
*Domain* - What domain the cookie is available to.
*Secure* - Whether or not the cookie should only be used through a secure transmission, aka HTTPS. Chances are good you won't.
_*httponly* - I did not include this in the above examples because it's a fairly new addition (php version 5.2.0 +), but it would only allow the cookie to be used through the http transfer protocol and prevent malicious codes/scripts trying to steal the cookie's value._

Each page you want to make private just has to check if there is a cookie (when a cookie meets the expiration time, they automatically delete from the user's system) and verify that their cookie is correct. Here is an example:

*CHECK IF THERE IS A COOKIE:*

```
<? if(!isset($_COOKIE['yoursitecookie_username'])){die("You are not logged in.");} ?>
```
This just says "if there is no cookie set, then kill the page" but if they're logged in, it continues loading the rest of the page.

*CHECK IF THEY HAVE AUTHORIZATION TO VIEW THE PAGE:*

```
<? if($_COOKIE['yoursitecookie_level']!='1'){die("You don't have sufficient access to view this page."); ?>
```
So if you made "1" as the administrator in your site's settings and wanted to make this page only viewable to administrators - this basically says "if their cookie does not equal '1' then kill the page"

Both of these examples would be at the TOP of the pages that way nothing below them (the private data/information) can execute without them being allowed access. There are multiple ways of doing this stuff...killing off the page is just the most basic way. When you've developed your skills/code library, you can always make it as nifty and complicated as you want.

This is probably plenty of information for you to take in and absorb for now...let us know if you need any help down the road via posting in this thread


----------



## inneedofhelpnow (Oct 5, 2011)

I am still very clueless to what you have suggested, is there an easier way of explaining it for me. I am very new to this, and dumb to all of the tech talk...please help!


----------



## wmorri (May 29, 2008)

This is really old. This thread is closed!


----------

