Advanced Search

[PHP] OOP Login/Register script (with no HTML form)

/ Published in: PHP
Save to your folder(s)

Expand | Embed | Plain Text

Copy this code and paste it in your HTML 
  1. <?php
  2. session_start();
  3. DEFINE("USED_LOCALLY", "1");
  4. include("functions.php");
  5.  
  6. interface post_data {
  7.  
  8. 	// Create interface that the main class will rely on
  9.  
  10. 	function login_get_data();
  11. 	function login_clean_data();
  12. 	function login_check_data();
  13.  
  14. 	function register_get_clean_data();
  15. 	function register_add_data();
  16.  
  17. 	function logout();
  18. 	}
  19.  
  20. abstract class sql_server {
  21.  
  22. 	// Class that handles the SQL connection
  23.  
  24. 	public $cnx;
  25. 	public function __construct() {
  26. 		$this -> cnx = mysql_connect("localhost", "root", "password");
  27. 		mysql_select_db("login", $this -> cnx);
  28. 		}
  29. 	}
  30.  
  31. class post_data_class extends sql_server implements post_data {
  32. 	// Creating the main variables and setting them to private for security
  33.  
  34. 	private $login_vars = array("Username" => NULL,
  35. 			           "Password" => NULL);
  36. 	private $register_vars = array("Full Name" => NULL,
  37. 					"Country" => NULL,
  38. 					"Phone Number" => NULL,
  39. 					"Address" => NULL,
  40. 					"Email" => NULL,
  41. 					"User_Name" => NULL,
  42. 					"Pass_Word" => NULL);
  43.  
  44. 	// Getting the POST data automatically and setting them to the private variables.
  45.  
  46. 	public function __construct() {
  47. 		parent::__construct();
  48.  
  49. 		if(isset($_POST["login_submit"])) { 
  50.  
  51. 			// Stating the process by collecting data
  52.  
  53. 			$this -> login_get_data();
  54. 		}
  55.  
  56. 		else {
  57.  
  58. 		// Logging off if no form has been submitted and there's a GET in the URL
  59.  
  60. 			if(isset($_GET["logout"])) {
  61.  
  62. 				// Logging out 
  63.  
  64. 				$this -> logout();
  65.  
  66. 			}
  67.  
  68. 		}
  69.  
  70. 		if(isset($_POST["register_submit"])) {
  71.  
  72. 			// Working on the register script if the register form was submitted
  73.  
  74. 			$this -> register_get_clean_data();
  75. 		}
  76.  
  77. 		else {
  78. 			redirect("index.php");
  79. 			die();
  80. 		}
  81. 	}
  82.  
  83. 	public function login_get_data() {
  84.  
  85. 		// Giving error if any of the fields are empty
  86.  
  87. 		if(empty($_POST["username"]) || empty($_POST["password"])) {
  88. 			$_SESSION["login"]["error"] = "Make sure none of the fields are empty";
  89. 			redirect("index.php");
  90. 			die();
  91. 		}
  92.  
  93. 		// Else, processing
  94.  
  95. 		else {
  96. 			$this -> login_vars["Username"] = $_POST["username"];
  97. 			$this -> login_vars["Password"] = $_POST["password"]; 
  98.  
  99. 			$this -> login_clean_data();
  100. 		}
  101. 	}
  102.  
  103. 	public function register_get_clean_data() {
  104.  
  105. 		// Giving error in case any of the fields are empty
  106.  
  107. 		if(empty($_POST["full_name"]) || empty($_POST["phone_number"]) || empty($_POST["email"]) || empty($_POST["address"]) || empty($_POST["user_name"]) || empty($_POST["pass_word"]) || empty($_POST["pass_word_verification"])) {
  108. 			$_SESSION["register"]["error"] = "Make sure none of the fields are empty.";
  109. 			redirect("index.php");
  110. 			die();
  111. 		}
  112.  
  113. 		// Verifying information
  114.  
  115. 		// Full Name
  116.  
  117. 		if(!preg_match("/(.*)\\s(.*)/", $_POST["full_name"]) || strlen($_POST["full_name"]) < 5) {
  118. 			$_SESSION["register"]["error"] = "Make sure your full name is a valid one.";
  119. 		}
  120.  
  121. 		// Phone Number 
  122.  
  123. 		if(!is_numeric($_POST["phone_number"]) || strlen($_POST["phone_number"]) < 5) {
  124. 			$_SESSION["register"]["error"] .= "<br />" . "Make sure your phone number is a valid one.";
  125. 		}
  126.  
  127. 		// Email
  128.  
  129. 		if(!is_valid_email($_POST["email"])) {
  130. 			$_SESSION["register"]["error"] .= "<br />" . "Make sure your e-mail is a valid one.";
  131. 		}
  132.  
  133. 		else {
  134. 			$clean_email = sanitize($_POST["email"]);
  135. 			$clean_email_check = mysql_query("SELECT * FROM Users WHERE 'Email' = '" . $clean_email . "'");
  136. 			if(mysql_num_rows($clean_email_check) > 0) {
  137. 				$_SESSION["register"]["error"] .= "<br />" . "Your email is already taken.";
  138. 			}
  139. 		}
  140.  
  141. 		// Address
  142.  
  143. 		if(!preg_match("/(.*)\\s(.*)/", $_POST["address"]) || strlen($_POST["address"]) < 10) {
  144. 			$_SESSION["register"]["error"] .= "<br />" . "Make sure your address is a valid one.";
  145. 		}
  146.  
  147. 		// Username
  148.  
  149. 		if(strlen($_POST["user_name"]) > 15) {
  150. 			$_SESSION["register"]["error"] .= "<br />" . "Your username is too long.";
  151. 		}
  152.  
  153. 		else {
  154.  
  155. 			$clean_user_name = sanitize($_POST["user_name"]);
  156.  
  157. 			$user_name_check = mysql_query("SELECT * FROM Users WHERE 'Username' = '" . $clean_user_name . "'");
  158.  
  159. 			if(mysql_num_rows($user_name_check) > 0) {
  160. 				$_SESSION["register"]["error"] .= "<br />" . "Your username is already taken.";
  161. 			}
  162. 		}
  163. 		// Password
  164.  
  165. 		if($_POST["pass_word"] !== $_POST["pass_word_verification"]) {
  166. 			$_SESSION["register"]["error"] .= "<br />" . "Make sure your passwords match.";
  167. 		}
  168.  
  169. 		if(isset($_SESSION["register"]["error"])) {
  170.  
  171. 			redirect("index.php");
  172. 			die();
  173. 		}
  174.  
  175.  
  176.  		// Sanitizing the results
  177.  
  178. 		$temporary_register_array = array("Full Name" => $_POST["full_name"],
  179. 						"Country" => $_POST["country"],
  180. 						"Email" => $_POST["email"],
  181. 						"Address" => $_POST["address"],
  182.                                                 "Phone Number" => $_POST["phone_number"],
  183. 						"User_Name" => $_POST["user_name"],
  184. 						"Pass_Word" => hash('sha512', $_POST["pass_word"]));
  185.  
  186. 		$clean_register_results = array_map("sanitize", $temporary_register_array);
  187.  
  188. 		$this -> register_vars = $clean_register_results;
  189.  
  190. 		$this -> register_add_data();
  191.  
  192. 	}
  193.  
  194.  
  195. 	public function login_clean_data() {
  196.  
  197. 	// Function that sanitizes the POST data
  198.  
  199. 		$clean_results = array_map("sanitize", $this -> login_vars);
  200.  
  201. 		$this -> login_vars["Username"] = $clean_results["Username"];
  202. 		$this -> login_vars["Password"] = hash('sha512', $clean_results["Password"]);
  203.  
  204.  
  205. 		// Processing the last step which is checking to see if what is provided is correct
  206.  
  207. 		$this -> login_check_data();
  208. 	}
  209.  
  210. 	public function login_check_data() {
  211.  
  212. 		// Checking the database for the given information
  213.  
  214. 		$query = "SELECT * FROM Users
  215. 			WHERE `Username` = '" . $this -> login_vars["Username"] . "' && `Password` = '" . $this -> login_vars["Password"] . "'";
  216. 		$query = mysql_query($query);
  217.  
  218. 		if(mysql_num_rows($query) > 0) {
  219.  
  220. 			// If information is valid
  221.  
  222. 			$_SESSION["id"] = 1;
  223. 			$_SESSION["username"] = $this -> login_vars["Username"];
  224. 			$_SESSION["password"] = $this -> login_vars["Password"];
  225.  
  226. 			redirect("index.php");
  227. 			die();
  228. 		}
  229.  
  230. 		else {
  231. 			$_SESSION["login"]["error"] = "Username/Password combination is invalid.";
  232. 			redirect("index.php");
  233. 			die();
  234. 		}
  235. 	}
  236.  
  237. 	public function register_add_data() {
  238.  
  239. 		// Adding the values to the database
  240.  
  241. 		mysql_query("INSERT INTO Users
  242. 				(`Username`, `Password`, `Full Name`, `Phone Number`, `Address`, `Country`, `Email`)
  243. 				VALUES ('" . $this -> register_vars["User_Name"] . "', '" . $this -> register_vars["Pass_Word"] . "', '" . $this -> register_vars["Full Name"] . "', '00" . $this -> register_vars["Phone Number"] . "', '" . $this -> register_vars["Address"] . "', '" . $this -> register_vars["Country"] . "', '" . $this -> register_vars["Email"] . "')");
  244.         redirect("index.php");
  245. 	}
  246.  
  247.  
  248.  
  249.  
  250.  
  251.  
  252. 	public function logout() {
  253.  
  254. 		// Exiting if user is not logged in
  255.  
  256. 		if(!is_logged_in()) {
  257. 			die("You are not logged in.");
  258. 		}
  259.  
  260. 		else {
  261. 			$_SESSION = array();
  262. 			session_destroy();
  263. 			redirect("index.php");
  264. 			die();
  265. 		}
  266. 	}
  267.  
  268. }
  269.  
  270. 	$start = new post_data_class();
  271. ?>

Report this snippet


Comments

RSS Icon Subscribe to comments

You need to login to post a comment.