Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Simple example of registration/login and sessions.

Options
  • 19-08-2012 5:42pm
    #1
    arleitiss
    Registered Users Posts: 3,515 ✭✭✭


    Hey, I was just playing around in notepad++ and decided to see how long will it take me to make a simple basic login/registration system with sessions.
    So if anyone is interested here are the files:
    by the way, I am just 100% sure it's not the pro way, but I am not a pro anyways, I am just a guy who's in college and we do web dev but don't do php so I went ahead and started learning it on my own, so if you are learning on your own, you might be interested in this. Also would be great for feedback and suggestions of what to improve in this code for my and others future reference.
    It's just 7 files but technically all this could be done in 1 long file.
    I didn't bother with styling up it fancy and so, just made rough.

    index.php - main homepage.
    process.php - all processing and actions.
    css/main.css - obvious crappy style.
    includes/sql.php - sql connection (I removed my details)
    includes/menu.php - menu bar
    includes/sessions.php - sessions file.
    includes/functions.php - contains some functions.

    Hopefully someone will find it useful.

    Index.php: http://pastebin.com/hYhAqkzU
    Process.php: http://pastebin.com/JwSm9J1s
    Sessions.php: http://pastebin.com/xZswaa3F
    Menu.php: http://pastebin.com/cWR2N07h
    Functions.php: http://pastebin.com/QcAQgwAW
    sql.php: http://pastebin.com/BZF7s2FC


    in live example:

    www.arleitiss.com/example/index.php


Comments

  • Options
    #2
    philologos
    Closed Accounts Posts: 22,479 ✭✭✭✭philologos


    I think as a start this is really good. As for where you could go further with PHP is making use of object orientation both in respect to entities, and in respect to the database itself. PHP has come a long way in terms of object orientation since version 4.

    For example, you could have one class to handle the database. You could have user objects returned when you want to select users rather than a result set. You could have thread objects returned when you want to see the number of threads in a forum and so on. You could have an authentication class to ensure that the user is a valid one.

    What a lot of people do with databases is to use some abstraction. Whether that is to have an interface (entirely abstract) or an abstract class (partially abstract, partially must be implemented). For example IDataProvider with common functions / methods, and MYSQLDataProvider which implements IDataProvider. This means at any point in the future, you can implement a class which implements IDataProvider and replace the other without changing functionality. Or you could make it so you can pick between different sources like MySQL, Oracle, SQL Server, SOAP webservice and so on.

    I think getting a good grip on object oriented principles will help you out both in PHP and in other languages which are more strictly object oriented. You'll find that you write code quicker, and that you can reuse more of it when you take an Object Oriented approach rather than flat out scripting.


  • Options
    #3
    arleitiss
    Registered Users Posts: 3,515 ✭✭✭arleitiss


    yeah I am trying to learn about object orientation now, as it seems more efficient


  • Options
    #4
    fcrossen
    Registered Users Posts: 241 ✭✭fcrossen


    Like philologos says - you're off to an excellent start. When you start using libraries, PHP frameworks for example, or Wordpress, you don't want to be using them like black boxes. These kind of exercises are very useful for developing your understanding of basic processes.

    Just a couple of pointers:

    If you store the user id in $_SESSION you can avoid the SQL call. SQL calls are computationally expensive, so avoid whenever you can.

    [PHP]if(!function_exists('crypter')){[/PHP] - Better to ensure the file is only included once rather than use something like this... Errors like 'function already defined' can indicate a weakness in your design pattern, and are better fixed by reorganising your code than using function_exists()

    [PHP]$crypted = sha1(md5(sha1(sha1(md5(md5(md5(sha1(sha1(md5(crypt('$pass', 'la')))))))))));[/PHP] this is redundant. Use one hashing function with salt. See http://php.net/manual/en/function.crypt.php - example 1.

    Nice to see you getting stuck in - it brings me back a while! Have a look at design patterns too - MVC is very common. You could try implementing a basic MVC pattern using objects.


  • Options
    #5
    Creamy Goodness
    Registered Users Posts: 26,571 ✭✭✭✭Creamy Goodness


    arleitiss wrote: »
    yeah I am trying to learn about object orientation now, as it seems more efficient

    Depends what you mean by efficient.

    OO code isn't by any means more efficient computationally per se, but it's more efficient in the way you can re-use classes and objects in 1, 2 or 100 different projects.

    This is a good start, I would as fcrossen says use one hashing function with a user unique salt.

    If you haven't heard of coding horror blog i suggest you follow it, it's a gem and specificially read this post - http://www.codinghorror.com/blog/2010/12/the-dirty-truth-about-web-passwords.html

    Best of luck.


Advertisement