Tutorial: PHP/mySQL Membership System

Hi, today I am going to show you how to make a simple membership system. This included, registering for an account, logging in, security for pages, and logging out.

Now shall we begin? I say yes!

Our database will be setup like the following:

1
2
3
4
5
6
7

CREATE TABLE IF NOT EXISTS `users` (
  `user_id` int(11) NOT NULL auto_increment,
  `username` varchar(225) NOT NULL default '',
  `password` varchar(225) NOT NULL default '',
  `email` varchar(225) NOT NULL default '',
  PRIMARY KEY  (`user_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

Breakdown:
user_id is the default value that keeps track of users.
username is the users log in name.
password is the users log in password.
email is the users email, so in later versions of the member system, a forgot password can be added.

Our 1st bit of code will be a file named conf.inc.php. This file holds all of our mysql and function data, so we don’t have to enter it over and over .

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

< ?php
$db_user = ""; // Username
$db_pass = ""; // Password
$db_database = ""; // Database Name
$db_host = ""; // Server Hostname
$db_connect = mysql_connect ($db_host, $db_user, $db_pass); // Connects to the database.
$db_select = mysql_select_db ($db_database); // Selects the database.
 
function form($data) { // Prevents SQL Injection
   global $db_connect;
   $data = ereg_replace("[\'\")(;|`,<>]", "", $data);
   $data = mysql_real_escape_string(trim($data), $db_connect);
   return stripslashes($data);
}
?>

Breakdown:
The 1st part is all the mySQL information in order to view and insert data.
The 2nd part prevents SQL injection, so people cant gain unauthorized access.
(more…)