Php Website Help

[King Aldrin]

Helli Guys!

I want to create a website that has login and register and.for every user...they have coins (just facebook but its not what I want I just want the login with credits feature...)

I think I would use Php because I want it to access from my mysql database. But I dont know how to start...

Deep explanation example:
Example, I'm selling or giving stuffs for free so members who are registered has an ability to add credits in able to get or purchased those stuff. They can get credits by: (1)activating theyre email as they register or by following steps etc. (2)they will purchase or donate


So anyone please help me...either give me resource link or help me what to search to google

I'm doing this for nothing but learning. Im start learning php and I know the basics. I thinked for a huge project and by doing this, im learning by doing (this is what I do while learning c++ and c#)

All answers would be appreciated!

[atom0s]

Google for php login systems / session management. It'll help you find good resources on building a login system.
Also be sure to research MySQL injection, you will want to ensure all your user-input variables are secure and non-injectable.

If you have a Windows host, you can always code your site in ASP.NET as well since you are already familiar with C#/VB.NET from what you said and your signature. You can still use a MySQL database with it as well.

[King Aldrin]

Google for php login systems / session management. It'll help you find good resources on building a login system.
Also be sure to research MySQL injection, you will want to ensure all your user-input variables are secure and non-injectable.

If you have a Windows host, you can always code your site in ASP.NET as well since you are already familiar with C#/VB.NET from what you said and your signature. You can still use a MySQL database with it as well.

Thanks for this! I tried googling php login and I found lots of useful staffs! I learned from it but I want it comes with credits just for another example, When I login, my username will shown and the credits in the index page (e.g Welcome back, King Aldrin! Your current Credits is: 400).

I know how to prevent mysql injcetion by using Mysql Real Escape! I used it everytime

[atom0s]

Look into using session information on the server side. It'll be able to do all of this for you.
Just be careful with how you handle the sessions / cookies because you can do session and cookie injection too if you do not do things securely.

[Dreadedfear]

Thanks for this! I tried googling php login and I found lots of useful staffs! I learned from it but I want it comes with credits just for another example, When I login, my username will shown and the credits in the index page (e.g Welcome back, King Aldrin! Your current Credits is: 400).

I know how to prevent mysql injcetion by using Mysql Real Escape! I used it everytime

If you are using a MySQL Database, add a `credits` column, and when the person logs in, all you need to do is use the session username to construct your query to find their credit amount. For example "$credits = mysql_query("SELECT `credits` FROM `accounts` WHERE `Username` = '" . $_SESSION['Username'] . "'")"

If you don't understand the above, I'd suggest working on an easier project before getting into a bigger, more difficult project.

[King Aldrin]

If you are using a MySQL Database, add a `credits` column, and when the person logs in, all you need to do is use the session username to construct your query to find their credit amount. For example "$credits = mysql_query("SELECT `credits` FROM `accounts` WHERE `Username` = '" . $_SESSION['Username'] . "'")"

If you don't understand the above, I'd suggest working on an easier project before getting into a bigger, more difficult project.

I did ! I understand what it does...also I tried accesing cookies for a reason. I am having a trouble when I login, I dont know how to echo it in my index.php (basically I have 3 php, login, register and index) so if the user login success, it will then redirect to index and echo out username and credits...and I created a button that can lessen the credits I used if statement and compared the current credits and then update the table with the value that have lessen. Im think im doing it right im about half of my project and I cant figure out how to do these:

Echo the username and credits from register.php to index.php

Logout (I have tried killing all the session and cookies, but when I tried login another account with different credit value it doesnt change only the username have changed)

Any help?

[Dreadedfear]

I did ! I understand what it does...also I tried accesing cookies for a reason. I am having a trouble when I login, I dont know how to echo it in my index.php (basically I have 3 php, login, register and index) so if the user login success, it will then redirect to index and echo out username and credits...and I created a button that can lessen the credits I used if statement and compared the current credits and then update the table with the value that have lessen. Im think im doing it right im about half of my project and I cant figure out how to do these:

Echo the username and credits from register.php to index.php

Logout (I have tried killing all the session and cookies, but when I tried login another account with different credit value it doesnt change only the username have changed)

Any help?

To display the data from the query, the code would be;

Code:

$result = mysql_fetch_array($credits); // Gets the credit amount from the database, and places it in an array which is placed into 'result' variable.
$my_credits = $result['credits']; // $result['COLUMN NAME'] to get the raw information from the array, variable 'my_credits' is just to simplify the result.
echo "Welcome back, " . $_SESSION['Username'] . "! Your current credits are " . $my_credits; // Result: "Welcome back, King Aldrin! Your current credits are 400"

[atom0s]

Using session variables straight from the PHP $_SESSION object can lead to injections and unwanted access on your site. You are better off storing session information in a database and only giving users a session token in a cookie. Have the session information in the database store who owns the session and so on server sided so users do not have access to edit the session vars locally.

Sending them a cookie with a user id, user name, etc. is just asking to get hacked.

[King Aldrin]

To display the data from the query, the code would be;

Code:

$result = mysql_fetch_array($credits); // Gets the credit amount from the database, and places it in an array which is placed into 'result' variable.
$my_credits = $result['credits']; // $result['COLUMN NAME'] to get the raw information from the array, variable 'my_credits' is just to simplify the result.
echo "Welcome back, " . $_SESSION['Username'] . "! Your current credits are " . $my_credits; // Result: "Welcome back, King Aldrin! Your current credits are 400"

Actually,... This is what I already have in my code (not same but the function is same) my question's are:

How'd I echo it in the Index.php because these code will be put in login.php and I want them to redirect to index.php Thank You for Helping me! I appreciate it!

[Dreadedfear]

Actually,... This is what I already have in my code (not same but the function is same) my question's are:

How'd I echo it in the Index.php because these code will be put in login.php and I want them to redirect to index.php Thank You for Helping me! I appreciate it!

The code for the login page would include a <form> within that form is an attribute called 'action' all you need to do is set the action to index.php and your information will get sent there. Example:

Code:

<!-- Login.php -->
<form action='index.php' method='POST'>
<input type='text' name='username' />
<input type='password' name='password' />
</form>

When you set the session, you use the POST data from the form. i.e; $_SESSION['username'] = $_POST['username'];