/    Sign up×
Community /Pin to ProfileBookmark

Members Zone

Copy linkTweet thisAlerts:
Jun 18.2011

Sorry to be posting so many questions but I find this a great forum for information, and I have done a quick search first before posting.

I have my website, but I want a members area for paid members which will then have a few extra links in my nav which are not seen by the public.
So a user would get on my site, click members area, either sign in if they have already paid and reg’d or go through a payment process then register their own log in details.

What do I need to have/do in order for this to do what I want, I am totally new to this members stuff (As I said in a previous topic, this is my biggest project to date) so I would need a step by step dummies guide please.

Cheers ?

Adey

to post a comment
PHP

2 Comments(s)

Copy linkTweet thisAlerts:
@NvenomJun 19.2011 — well i cant really give you a step by step guide as im short on time but i can give you a general direction.

the way i would do it is have a seperate table for members although you can also just assign a 0, 1 and check that but sticking with the whole seperate table we will do it like this.

you will need a table called members in your DB with the coulmns

username -TEXT- and pass -TEXT-

memberlogin.php
[code=php]
 // First we connect to the database

mysql_connect("127.0.0.1", "root", "pass") or die(mysql_error());

mysql_select_db("database") or die(mysql_error());

//than we check if there is a login cookie

if(isset($_COOKIE['ID_my_site']))


//if there is, it logs you in and directes you to the members page

{
$username = $_COOKIE['my_site_member_Login'];

$pass = $_COOKIE['my_site_member_Pass'];


$check = mysql_query("SELECT * FROM members WHERE username = '$username'")or die(mysql_error());

while($info = mysql_fetch_array( $check ))

{

if ($pass != $info['password'])

{

}

else

{

header("Location: memberonly.php");



}

}

}


//if the login form is submitted

if (isset($_POST['submit'])) { // if form has been submitted



// makes sure they filled it in

if(!$_POST['username'] | !$_POST['pass']) {

die('You did not fill in a required field.');

}

// checks it against the database



if (!get_magic_quotes_gpc()) {

$_POST['email'] = addslashes($_POST['email']);


}

$check = mysql_query("SELECT * FROM members WHERE username = '".$_POST['username']."'")or die(mysql_error());




//Gives error if user dosen't exist

$check2 = mysql_num_rows($check);

if ($check2 == 0) {

die('That user does not exist in our database. <a href=register page if you want it.php>Click Here to Register</a>');

}

while($info = mysql_fetch_array( $check ))

{

$_POST['pass'] = stripslashes($_POST['pass']);

$info['password'] = stripslashes($info['password']);

$_POST['pass'] = md5($_POST['pass']);

//gives error if the password is wrong

if ($_POST['pass'] != $info['password']) {

die('Incorrect password, please try again.');

}
else

{


// if login is ok then we add a cookie

$_POST['username'] = stripslashes($_POST['username']);

$hour = time() + 50400; //14 hours it expires

setcookie(my_site_member_Login, $_POST['username'], $hour);

setcookie(my_site_member_Pass, $_POST['pass'], $hour);

//then redirect them to the members area

header("Location: memberonly.php");
}

}

}

else

{



// if they are not logged in
//We display the login page
?>
[/code]

[code=html]
<body>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">

<tr><td align="Center">Username:</td><td></br>

<input type="text" name="username">

</td></tr> </br>

<tr><td align="Center">Password:</td><td></br>

<input type="password" name="pass">

</td></tr></br>

<tr><td colspan="2" align="Center"> </br>

<input type="submit" name="submit" value="Login">

</td></tr>
</form>
</body>
[/code]

Than on your memberonly page we simply add this at the top or include it in external .php file so you can easly add it to all your member pages

memberonly.php
[code=php]
<?php

// Connects to your Database

mysql_connect("127.0.0.1", "root", "pass") or die(mysql_error());

mysql_select_db("data") or die(mysql_error());

//checks cookies to make sure they are logged in

if(isset($_COOKIE['ID_my_site']))

{

$username = $_COOKIE['my_site_member_Login'];

$pass = $_COOKIE['my_site_member_Pass'];

$check = mysql_query("SELECT * FROM members WHERE username = '$username'")or die(mysql_error());

while($info = mysql_fetch_array( $check ))

{



//if the cookie has the wrong password, they are taken to the login page

if ($pass != $info['password'])

{ header("Location: memberlogin.php");

}



//otherwise they are shown the admin area (this just allows them to stay on the same page)

else

{


}

}

}

else



//if the cookie does not exist, they are taken to the login screen

{

header("Location: memberlogin.php");

}

?>

[/code]

and than of course you finish of memberonly.php with what ever page content you want
Copy linkTweet thisAlerts:
@NogDogJun 19.2011 — I'd recommend using PHP sessions rather than cookies, as cookies can easily be forged by a hacker.
×

Success!

Help @djadejones spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.18,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...