how to set a login page

[RaRa3]

hello so i created a registration page in html and a php code to connect to a database and enter the information to the database that all works. Now i want to ask if the user wants to log in would they need a separate php code to have a sort of certification that the account is valid? i made a html page for login but i need it to look back to the database to see if the user is registered so they can log in, not just anyone can log in...any ideas? or advice where i can find information about this? i see a lot of tutorials for making a log in page, making a registration page but how about when someone registers and wants to log in but to make sure the database can also check to see if the user is registered.

[Burton]

You could start out with an if statement to see if the user exists on a separate page then another if to check for the user... then something like this

$validate = new Validate();	$validation = $validate->check($_POST, array(		'username' => array(			'required' => true,			'min' => 0, /* Whatever you have as the mininum for a username */			'max' => 0, /* Whatever you have as the max */			'unique' => 'users'		),

& so on with password and whatever else.... It'd be similar to this so watch tutorials on if statements and arrays if you're not already good with them

 

 

EDIT: Sorry I thought you was talking about a register page, the login page would be similar without the DB info you made with min and max letters/numbers

Edited April 19, 2015 by Burton

[davej]

The way you word this question seems very confusing to me. Registration commonly means that the user has provided some information and an e-mail address. Your website verifies the e-mail address by sending a random number to that e-mail which the user must then provide to become "verified." Once the user has proven that they received the random number the account is considered "validated." Once validated the user is allowed certain privileges.

 

Obviously the random number would need to be stored in the database for a period of time -- but you might have a time limit after which it is deleted or rendered invalid.

 

Each user in the database is going to have a status field (probably an integer). The status value will indicate their current privilege level and the lowest level will indicate that they have not yet validated their e-mail.

 

When a user logs in you would set up their session variables and one of those session variables would be the privilege level of the user. For example unvalidated users may be allowed to log in and read their personal messages but not allowed to post public messages.

[RaRa3]

thanks for your comments well its actual for a project im working on its not offical im running it on a local host it just has to prove that the user exists and can log in after he or she registers

Edited April 19, 2015 by RaRa3