Social Networking Site: Improving of Login System using Advance PHP

Submitted by: 
Language: 
Visitors have accessed this post 1436 times.

In this tutorial, we will focus on how to improve our PHP code in more dynamic ways using Object Oriented Programming. To start with this application, open first our web directories then look for the index.php file and make a copy of it, and name the old “index.php” into” index_basic.php”.
Then inside the includes folder, look for the “member.php” and open it because we’re going to add another static function that will be used during the user authentication. And I will name this function as “AuthenticateMember”, and this function will accept an argument such as email address and user password. And here’s the following code:

  1. static function AuthenticateMember($email="", $h_upass=""){
  2. global $mydb;
  3. $res=$mydb->setQuery("SELECT * FROM `user_info` WHERE `email`='" . $email . "' and `pword`='" . $h_upass ."' LIMIT 1");
  4. $found_user = $mydb->loadSingleResult();
  5. $_SESSION['member_id'] = $found_user->member_id;
  6. $_SESSION['fName'] = $found_user->fName;
  7. $_SESSION['lName'] = $found_user->lName;
  8. $_SESSION['email'] = $found_user->email;
  9. $_SESSION['pword'] = $found_user->pword;
  10. $_SESSION['mm'] = $found_user->mm;
  11. $_SESSION['dd'] = $found_user->dd;
  12. $_SESSION['yy'] = $found_user->yy;
  13. $_SESSION['gender'] = $found_user->gender;
  14. return $found_user;
  15. }

The code above will accept a two parameter based on the user input and will be passed into a query. Then, since we’re using an Object-Oriented programming, the result is an object not an array. Then all the results will be stored in our session variables. And finally, the result will return to true.
And here’s the whole code for “member.php”.

  1. <?php
  2. /**
  3. * Description: This is a class for member.
  4. * Author: Joken Villanueva
  5. * Date Created: Nov. 2, 2013
  6. * Revised By:
  7. */
  8. require_once(LIB_PATH.DS.'database.php');
  9. class member {
  10.  
  11. protected static $tbl_name = "user_info";
  12. function db_fields(){
  13. global $mydb;
  14. return $mydb->getFieldsOnOneTable(self::$tbl_name);
  15. }
  16. function listOfmembers(){
  17. global $mydb;
  18. $mydb->setQuery("Select * from ".self::$tbl_name);
  19. $cur = $mydb->loadResultList();
  20. return $cur;
  21.  
  22. }
  23. static function AuthenticateMember($email="", $h_upass=""){
  24. global $mydb;
  25. $res=$mydb->setQuery("SELECT * FROM `user_info` WHERE `email`='" . $email . "' and `pword`='" . $h_upass ."' LIMIT 1");
  26. $found_user = $mydb->loadSingleResult();
  27. $_SESSION['member_id'] = $found_user->member_id;
  28. $_SESSION['fName'] = $found_user->fName;
  29. $_SESSION['lName'] = $found_user->lName;
  30. $_SESSION['email'] = $found_user->email;
  31. $_SESSION['pword'] = $found_user->pword;
  32. $_SESSION['mm'] = $found_user->mm;
  33. $_SESSION['dd'] = $found_user->dd;
  34. $_SESSION['yy'] = $found_user->yy;
  35. $_SESSION['gender'] = $found_user->gender;
  36. return $found_user;
  37. }
  38. static function bPrimary($id=0){
  39. global $mydb;
  40. $mydb->setQuery("SELECT * FROM ".self::$tbl_name." WHERE auto_id={$id} LIMIT 1");
  41. $row = $mydb->loadSingleResult();
  42. $s = $row->autostart + $row->incval;
  43. $a = $row->appenchar;
  44. return $a.$s;
  45. }
  46. static function bPrimaryUpdate($id=0){
  47. global $mydb;
  48. $mydb->setQuery("SELECT * FROM ".self::$tbl_name." WHERE auto_id={$id} LIMIT 1");
  49. $row = $mydb->loadSingleResult();
  50. $s = $row->autostart + $row->incval;
  51.  
  52. return $s;
  53. }
  54. /*---Instantiation of Object dynamically---*/
  55. static function instantiate($record) {
  56. $object = new self;
  57.  
  58. foreach($record as $attribute=>$value){
  59. if($object->has_attribute($attribute)) {
  60. $object->$attribute = $value;
  61. }
  62. }
  63. return $object;
  64. }
  65.  
  66.  
  67. /*--Cleaning the raw data before submitting to Database--*/
  68. private function has_attribute($attribute) {
  69. // We don't care about the value, we just want to know if the key exists
  70. // Will return true or false
  71. return array_key_exists($attribute, $this->attributes());
  72. }
  73.  
  74. protected function attributes() {
  75. // return an array of attribute names and their values
  76. global $mydb;
  77. $attributes = array();
  78. foreach($this->db_fields() as $field) {
  79. if(property_exists($this, $field)) {
  80. $attributes[$field] = $this->$field;
  81. }
  82. }
  83. return $attributes;
  84. }
  85.  
  86. protected function sanitized_attributes() {
  87. global $mydb;
  88. $clean_attributes = array();
  89. // sanitize the values before submitting
  90. // Note: does not alter the actual value of each attribute
  91. foreach($this->attributes() as $key => $value){
  92. $clean_attributes[$key] = $mydb->escape_value($value);
  93. }
  94. return $clean_attributes;
  95. }
  96.  
  97.  
  98. /*--Create,Update and Delete methods--*/
  99. public function save() {
  100. // A new record won't have an id yet.
  101. return isset($this->id) ? $this->update() : $this->create();
  102. }
  103.  
  104. public function create() {
  105. global $mydb;
  106. // Don't forget your SQL syntax and good habits:
  107. // - INSERT INTO table (key, key) VALUES ('value', 'value')
  108. // - single-quotes around all values
  109. // - escape all values to prevent SQL injection
  110. $attributes = $this->sanitized_attributes();
  111. $sql = "INSERT INTO ".self::$tbl_name." (";
  112. $sql .= join(", ", array_keys($attributes));
  113. $sql .= ") VALUES ('";
  114. $sql .= join("', '", array_values($attributes));
  115. $sql .= "')";
  116. echo $mydb->setQuery($sql);
  117.  
  118. if($mydb->executeQuery()) {
  119. $this->id = $mydb->insert_id();
  120. return true;
  121. } else {
  122. return false;
  123. }
  124. }
  125.  
  126. public function update($id=0) {
  127. global $mydb;
  128. $attributes = $this->sanitized_attributes();
  129. $attribute_pairs = array();
  130. foreach($attributes as $key => $value) {
  131. $attribute_pairs[] = "{$key}='{$value}'";
  132. }
  133. $sql = "UPDATE ".self::$tbl_name." SET ";
  134. $sql .= join(", ", $attribute_pairs);
  135. $sql .= " WHERE auto_id=". $id;
  136. $mydb->setQuery($sql);
  137. if(!$mydb->executeQuery()) return false;
  138.  
  139. }
  140.  
  141. public function delete($id=0) {
  142. global $mydb;
  143. $sql = "DELETE FROM ".self::$tbl_name;
  144. $sql .= " WHERE auto_id=". $id;
  145. $sql .= " LIMIT 1 ";
  146. $mydb->setQuery($sql);
  147.  
  148. if(!$mydb->executeQuery()) return false;
  149.  
  150. }
  151.  
  152. }
  153. ?>

This time, let’s make use of our "member" class for user login. To do this, open the "index.php" file. And between the end of the head and start of the body tag, change all the code to this new bit of code:

  1. <?php
  2. if (isset($_POST['btnlogin'])) {
  3. //form has been submitted1
  4.  
  5. $email = trim($_POST['log_email']);
  6. $upass = trim($_POST['log_pword']);
  7.  
  8. $h_upass = sha1($upass);
  9. //check if the email and password is equal to nothing or null then it will show message box
  10. if ($email == '') {
  11. ?> <script type="text/javascript">
  12. alert("Username or Password Not Registered! Contact Your administrator.");
  13. </script>
  14. <?php
  15.  
  16. } elseif ($upass == '') {
  17. ?> <script type="text/javascript">
  18. alert("Username or Password Not Registered! Contact Your administrator.");
  19. </script>
  20. <?php
  21. } else {
  22. //it creates a new objects of member
  23. $member = new member();
  24. //Make use of the static function, and we passed two parameters
  25. $res = $member::AuthenticateMember($email, $h_upass);
  26. //then it check if the function return to true
  27. if ($res == true) {
  28. ?> <script type="text/javascript">
  29. //then it will be redirected to home.php
  30. window.location = "home.php";
  31. </script>
  32. <?php
  33.  
  34.  
  35. } else {
  36. ?> <script type="text/javascript">
  37. alert("Username or Password Not Registered! Contact Your administrator.");
  38. window.location = "home.php";
  39. </script>
  40. <?php
  41. }
  42.  
  43. }
  44. } else {
  45.  
  46. $email = "";
  47. $upass = "";
  48.  
  49. }
  50.  
  51. ?>

And on the “home.php”, the “Logout" menu is found under the “Account” menu.And it look like as shown below:
logout
And this time, we're going to create a new PHP file named “logout.php” and add the following code:

  1. <?php
  2. // Four steps to closing a session
  3. // (i.e. logging out)
  4.  
  5. // 1. Find the session
  6.  
  7. // 2. Unset all the session variables
  8. $_SESSION = array();
  9.  
  10. // 3. Destroy the session cookie
  11. if(isset($_COOKIE[session_name()])) {
  12. setcookie(session_name(), '', time()-42000, '/');
  13. }
  14.  
  15. // 4. Destroy the session
  16. <script type="text/javascript">
  17. window.location = "index.php?logout=1";
  18. </script>
  19. <?php
  20. ?>

And here's all the code for "index.php" file.

  1. <?php
  2. require_once("includes/initialize.php");
  3. ?>
  4. <!DOCTYPE html>
  5.  
  6. <html lang="en">
  7. <head>
  8. <meta charset="utf-8">
  9. <meta content="width=device-width, initial-scale=1.0" name="viewport">
  10. <meta content="" name="description">
  11. <meta content="" name="author">
  12. <link href="#" rel="shortcut icon">
  13.  
  14. <title>Philsocial</title><!-- Bootstrap core CSS -->
  15. <link href="css/bootstrap.css" rel="stylesheet"><!-- Custom styles for this template -->
  16. <link href="jumbotron.css" rel="stylesheet">
  17. <script type="text/javascript" src="js/registrationformValidation.js"> </script>
  18. <?php
  19. if (logged_in()) {
  20. ?>
  21. <script type="text/javascript">
  22. window.location = "home.php";
  23. </script>
  24. <?php
  25. }
  26.  
  27. ?>
  28. </head>
  29. <?php
  30. if (isset($_POST['btnlogin'])) {
  31. //form has been submitted1
  32.  
  33. $email = trim($_POST['log_email']);
  34. $upass = trim($_POST['log_pword']);
  35.  
  36. $h_upass = sha1($upass);
  37. //check if the email and password is equal to nothing or null then it will show message box
  38. if ($email == '') {
  39. ?> <script type="text/javascript">
  40. alert("Username or Password Not Registered! Contact Your administrator.");
  41. </script>
  42. <?php
  43.  
  44. } elseif ($upass == '') {
  45. ?> <script type="text/javascript">
  46. alert("Username or Password Not Registered! Contact Your administrator.");
  47. </script>
  48. <?php
  49. } else {
  50. //it creates a new objects of member
  51. $member = new member();
  52. //make use of the static function, and we passed to parameters
  53. $res = $member::AuthenticateMember($email, $h_upass);
  54. //then it check if the function return to true
  55. if($res == true){
  56. ?> <script type="text/javascript">
  57. //then it will be redirected to home.php
  58. window.location = "home.php";
  59. </script>
  60. <?php
  61.  
  62.  
  63. } else {
  64. ?> <script type="text/javascript">
  65. alert("Username or Password Not Registered! Contact Your administrator.");
  66. window.location = "home.php";
  67. </script>
  68. <?php
  69. }
  70.  
  71. }
  72. } else {
  73.  
  74. $email = "";
  75. $upass = "";
  76.  
  77. }
  78.  
  79. ?>
  80. <body>
  81. <div class="navbar navbar-inverse navbar-fixed-top">
  82. <div class="container">
  83. <div class="navbar-header">
  84. <button class="navbar-toggle" data-target=".navbar-collapse" data-toggle="collapse" type=
  85. "button"><span class="icon-bar"></span> <span class="icon-bar"></span> <span class=
  86. "icon-bar"></span></button> <a class="navbar-brand" href="#" style=
  87. "font-weight: bold">Philsocial</a>
  88. </div>
  89.  
  90. <div class="navbar-collapse collapse">
  91. <form class="navbar-form navbar-right" method="POST" action="index.php">
  92. <div class="form-group">
  93. <input type="text" placeholder="Email" class="form-control" name="log_email">
  94. </div>
  95. <div class="form-group">
  96. <input type="password" placeholder="Password" class="form-control" name="log_pword">
  97. </div>
  98. <button type="submit" class="btn btn-success" name="btnlogin">Sign in</button>
  99. </form>
  100. </div><!--/.navbar-collapse -->
  101. </div>
  102. </div><!-- Main jumbotron for a primary marketing message or call to action -->
  103.  
  104.  
  105. <div class="container">
  106. <div class="rows">
  107. <div class="col-xs-6">
  108. <h3>Philsocial helps you connected and share with the other people in your
  109. life</h3><img src="img/background.png" width="500px"></div>
  110.  
  111. <div class="col-xs-6">
  112. <!--action="register.php" onsubmit="return checkRegistration();"-->
  113. <form action="register.php" class="form-horizontal" id="register" method="post" onSubmit="return checkRegistration();" >
  114. <fieldset>
  115. <legend>Sign Up</legend>
  116.  
  117. <h4>It’s free and always will be.</h4>
  118.  
  119. <div class="rows">
  120. <div class="col-xs-12">
  121. <div class="form-group">
  122. <div class="rows">
  123. <div class="col-md-12">
  124. <div class="col-lg-6" id="divfname">
  125. <input class="form-control input-lg" id="fName" name="fName" placeholder=
  126. "First Name" type="text" >
  127. </div>
  128.  
  129. <div class="col-lg-6">
  130. <input class="form-control input-lg" id="lName" name="lName" placeholder=
  131. "Last Name" type="text">
  132. </div>
  133. </div>
  134. </div>
  135. </div>
  136.  
  137. <div class="form-group" id="divemail">
  138. <div class="rows">
  139. <div class="col-md-12">
  140. <div class="col-lg-12">
  141. <input class="form-control input-lg" id="email" name="email"
  142. placeholder="Your Email" type="text" onblur="checkEmail();">
  143. </div>
  144. </div>
  145. </div>
  146. </div>
  147.  
  148. <div class="form-group" id="divremail">
  149. <div class="rows">
  150. <div class="col-md-12">
  151. <div class="col-lg-12">
  152. <input class="form-control input-lg" id="reemail" name="reemail"
  153. placeholder="Re-enter Email" type="text" onblur="checkEmail2();">
  154. </div>
  155. </div>
  156. </div>
  157. </div>
  158.  
  159. <div class="form-group" id="divpass">
  160. <div class="rows">
  161. <div class="col-md-12">
  162. <div class="col-lg-12">
  163. <input class="form-control input-lg" id="password" name="password"
  164. placeholder="New Password" type="password">
  165. </div>
  166. </div>
  167. </div>
  168. </div>
  169.  
  170. <div class="form-inline">
  171. <div class="rows">
  172. <div class="col-md-12">
  173. <div class="col-md-3">
  174. <label>Birthday</label>
  175. </div>
  176.  
  177. <div class="col-lg-3">
  178. <select class="form-control input-sm" name="month" id="month">
  179.  
  180. <option value="">Month</option>
  181. <?php
  182. $m = array("Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec");
  183. foreach ($m as $month) {
  184. echo '<option value='.$month.'>'.$month.'</option>';
  185. }
  186. ?>
  187. </select>
  188. </div>
  189.  
  190. <div class="col-lg-3">
  191. <select class="form-control input-sm" name="day" id="day">
  192.  
  193. <option value="">Day</option>
  194. <?php
  195. $d = range(31, 1);
  196. foreach ($d as $day) {
  197. echo '<option value='.$day.'>'.$day.'</option>';
  198. }
  199.  
  200. ?>
  201. </select>
  202. </div>
  203.  
  204. <div class="col-lg-3">
  205. <select class="form-control input-sm" name="yr" id="yr">
  206. <option value="">Year</option>
  207. <?php
  208. $years = range(2010, 1900);
  209. foreach ($years as $yr) {
  210. echo '<option value='.$yr.'>'.$yr.'</option>';
  211. }
  212.  
  213. ?>
  214. </select>
  215. </div>
  216. </div>
  217. </div>
  218. </div>
  219.  
  220. <div class="form-group">
  221. <div class="rows">
  222. <div class="col-md-12" style="text-align: left">
  223.  
  224. <div class="col-lg-3">
  225. <div class="radio">
  226. <label><input checked id="optionsRadios1" name="gender" type=
  227. "radio" value="Female">Female</label>
  228. </div>
  229. </div>
  230. <div class="col-lg-3">
  231.  
  232. <div class="radio">
  233. <label><input id="optionsRadios2" name="gender" type="radio"
  234. value="Male"> Male</label>
  235. </div>
  236. </div>
  237. </div>
  238. </div>
  239. </div>
  240. <div class="form-inline">
  241. <div class="rows">
  242. <div class="col-md-12">
  243. <p> By clicking Sign Up, you agree to our Terms and that you have
  244. read our Data Use Policy, including our Cookie Use.</p>
  245. </div>
  246. </div>
  247. </div>
  248. <div class="form-group">
  249. <div class="rows">
  250. <div class="col-md-8">
  251. <div class="col-lg-12">
  252. <button class="btn btn-success btn-lg" type="submit" name="Submit">Sign Up</button>
  253. </div>
  254. </div>
  255. </div>
  256. </div>
  257.  
  258.  
  259. </div>
  260. </div>
  261. </fieldset>
  262. </form>
  263. </div>
  264. </div><!--rows-->
  265. </div><!--container-->
  266.  
  267. <hr>
  268.  
  269. <footer>
  270. <p style="text-align: center">© Philsocial 2013</p>
  271. </footer><!-- /container -->
  272. <!-- Bootstrap core JavaScript
  273. ================================================== -->
  274. <!-- Placed at the end of the document so the pages load faster -->
  275. <script src="assets/js/jquery.js"></script>
  276. <script src="js/bootstrap.min.js"></script>
  277.  
  278. </body>
  279. </html>

If you want to see more of my works, new Source Code or Application and Tutorials Just click here.


Comments

Parse error: syntax error, unexpected T_PAAMAYIM_NEKUDOTAYIM in C:\AppServ\www\Script\Test\index.php on line 53

Add new comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • You may insert videos with [video:URL]
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <th> <img> <h1> <h2> <h3> <iframe> [video]
  • You can enable syntax highlighting of source code with the following tags: <code>, <blockcode>, <asp>, <c>, <cpp>, <csharp>, <css>, <html4strict>, <java>, <javascript>, <mysql>, <php>, <python>, <sql>, <vb>, <vbnet>. The supported tag styles are: <foo>, [foo].
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.