BleepingComputer.com: Username Password

how do I create a username/password login system, like on this site when you have to sign up then login to your account inorder to post messages ext., I want to do the same thing for my clothing company website that I am creating but I am not very sure on how to do that, any suggestions?

From what you say, most likely you don't know any language? JSP/PHP/ASP and so on..

The easy way out is to search on the net for a free script that has what you want.

well I know a little bit, of what I have taught myself, but thanks I will look into it thanks

I actually just wrote a login system in php/mysql. They are both free to use/create/distrubute but you must make sure your host will support them. A big thing though, alot of peeople new to any web developement languages will make something and it will work fine, but don't have any security measures. So with w/e you end up using make sure you read up several articles about security, an example would be if you use mysql protecting against sql injections that could potentially whipe out your whole database!. Good luck, there are alot of websites dedicated to this sort of thing.

What you will need
A language
A database that can interface with the language
A host that supports your language and database
Free Time to expiriment and fix wrongs

I'm sure you might be able to get a login system pre built, but if your looking for some tutorials for mysql/php login system P.M. me and I can give you a few links.

Happy hunting.

Why not share the links here? So that everyone can benefit from it.

ok so I finally think I have everything situated here is what I have created in php format: login, register, verify, admin, profiles, and a file called conn. I used a help forum to setup these files. Ok know where do I go? I uploaded the login and register php's in my index, and register pages on my website and they appear just fine. Now do I add all those other files to my index and subpages? and how do I get these on the database system so people can actually register?? I use godaddy.com for my hosting and they have mysql servers and ext. Sorry if I sound knieve but everything I have done so far on my website and ext. is just by messing around and haven't had any proper help. again any help would be greatly appreciated :-)

I need to back you up a bit.... First of all, why do you need a database? Passwords and such can be saved in a flat file, and is much easier than trying to learn SQL on top of what you are already trying to do. What is the file 'conn' supposed to do?

First thing's first though. What is the first page your users will see? A login page? Can you access the login page on GoDaddy's server?

There are several logical steps to follow. First, make sure that the login page shows up first. Then make sure that when a person logs in that the information is being submitted to the server properly. Then you can worry about SQL stuff.

So I guess my question is, what do you have that works so far?

ok so far I have a login.php verify.php ext. the conn.php I don't know what it was for I got these files off another help forum. To breafly explain: My website is a clothing company that I am starting up I want the login to be for people who want to shop online, making it easier for me to track orders and ext. The login and registration.php, that I put on my index page show up fine, however they don't work yet because I don't know how to link them to the server, sorry if I sound knieve, I am very new at html css php ext. I am pretty much trying to teach all this stuff to myself.

Ok, at least I know where you stand. First off though, I am going to make a recommendation that will simplify your life a little. Google has a merchant's program where they provide an API for a shopping cart scenario. Users that want to purchase clothing from your web site use their google account, and Google handles all of the order tracking, order processing, and maybe most important, all of the security issues. E-Commerce websites are unique in that they need to appropriately handle sensitive personal and financial data, and as a novice user, you do not possess the skill set necessary to protect yourself or your customers. Google has a sandbox so that you can test your applications before making it go live.

Now with that out of the way, you need a php script on the server to get the form information. Here is an example of a form (http://www.w3schools.com/php/php_post.asp):

<form action="welcome.php" method="post">
Enter your name: <input type="text" name="name" />
Enter your age: <input type="text" name="age" />
<input type="submit" />
</form>

This uses a POST method to send data to a php page called Welcome.php. (I'll let you research the difference between using a POST and GET method).

On the server, your php script has to get the form data. PHP uses $_REQUEST["some_string_name"]; to get the form information. So for example:

Welcome <?php echo $_REQUEST["name"]; ?>.<br />
You are <?php echo $_REQUEST["age"]; ?> years old!

This code would be in the Welcome.php file. In your case, you would want to do something else with the strings, but this is a good test to see if you can pass the form data to the .php file. The Welcome.php file should be in the same directory as your login page.

ok thanks!, I am doing homework right now haha but I will take you advice and examples into effect, thanks again I will post if not today in a couple days with my final results :-)

Take a look at this free and easy PHP script:

http://hypersilence.net/silentum_loginsys.php

ok I am still having a little bit of trouble: I but a file on the database so the registered users and passwords appear and that works fine and I have this file:

<?
/
 * Constants.php
 /
 

define("DB_SERVER", "10.8.11.162");
define("DB_USER", "something");
define("DB_PASS", "mypassword");
define("DB_NAME", "something");


define("TBL_USERS", "users");
define("TBL_ACTIVE_USERS",  "active_users");
define("TBL_ACTIVE_GUESTS", "active_guests");
define("TBL_BANNED_USERS",  "banned_users");


define("ADMIN_NAME", "admin");
define("GUEST_NAME", "Guest");
define("ADMIN_LEVEL", 9);
define("USER_LEVEL",  1);
define("GUEST_LEVEL", 0);


define("TRACK_VISITORS", true);


define("USER_TIMEOUT", 10);
define("GUEST_TIMEOUT", 5);

define("COOKIE_EXPIRE", 60*60*24*100);  //100 days by default
define("COOKIE_PATH", "/");  //Avaible in whole domain


define("EMAIL_FROM_NAME", "YourName");
define("EMAIL_FROM_ADDR", "youremail@address.com");
define("EMAIL_WELCOME", false);


define("ALL_LOWERCASE", false);
?>

and I uploaded all the other neccessary files now I tried typing in http://www.mywebsitepageeee/register.php and I get this message: Client does not support authentication protocol requested by server; consider upgrading MySQL client

what am I doing wrong??

btw the website that I put mywebsitepageeee isn't really a website I didn't expect the text to be linked sorry :-)

Have you tried Googling the error message?

Yes I did and the answer was to

mysql> UPDATE mysql.user SET Password = OLD_PASSWORD('newpwd')
	-> WHERE Host = 'some_host' AND User = 'some_user';
mysql> FLUSH PRIVILEGES;

and I have to put that in my Command line Interface, the only issue is that godaddy.com doesn't allow shell access to the sever. So that option is out any other suggestions?