-3

first sorry for my bad english, i live in Germany.

I want create a User Control Panel. First, i have created the Login Page with HTML and CSS.

<?php
 require_once("./config/config.php");
 session_start();   
?>

<!DOCTYPE html>
<html lang="de">
    <head>
        <!-- | Titel | -->
        <title>Virtual Reallife - Control Panel</title>
        
        <!-- | Meta Tag | --->
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        
        <!-- | Styles | -->
        <link rel="stylesheet" href="style/css/bootstrap.min.css"/>
        <link rel="stylesheet" href="style/css/login.css">
 <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css">     
 </head>

 <body>
 <div id="logo"></div>
        <div class="top-content">
            <div class="inner-bg">
                <div class="container">
                    <div class="row">
                        <div class="col-sm-6 col-sm-offset-3 form-box">
                            <div class="form-top">
                             <div class="form-top-left"><p><b>Bitte melde dich mit deinen In-Game Daten an</b></p>
                         </div>
                        </div>
                        <div class="form-bottom">
                   <form role="form" action="" method="post" class="login-form">
                       <div class="form-group">
                           <label class="sr-only" for="form-username">Username</label>
                           <input type="text" name="form-username" placeholder="Name.." class="form-username form-control" id="form-username">
                       </div>
                       <div class="form-group">
                           <label class="sr-only" for="form-password">Password</label>
                           <input type="password" name="form-password" placeholder="Passwort.." class="form-password form-control" id="form-password">
                       </div>
                       <button type="button" name="anmelden" class="btn btn-success">Anmelden</button>
                   </form>
                  </div>
                    </div>
                </div>
            </div>
        </div>
   </div>
   <script scr="https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script>
   <script scr="style/js/bootstrap.min.js"></script>
   </body>
</html>

Now my Problem is, how to login with my In-Game Account in the User Control Panel? I know, that i must create a function for the Login Button and for the 2 Fields (Name, Password)

limsha
  • 128
  • 6
Juan_Alva
  • 1
  • 1
    "*..I know, that i must create a function for the Login Button and for the 2 Fields (Name, Password)..*" Then, What Is The Problem? You Know. Go Ahead. Face The Challenges. And, If Issues Come, Feel Free To Ask In SO. – Nana Partykar Jul 31 '17 at 10:40
  • Php login form tutorial https://www.formget.com/login-form-in-php/ – Saravana Jul 31 '17 at 10:56
  • @saravana Please don't link to that tutorial. It is dangerous to use as an example due to the inadequate database security, and outdated mysql-functions. Since most users copy paste the code, it's always good to post examples using best practises from the start. See here about prepared statements: [link](https://stackoverflow.com/questions/2353666/php-is-mysql-real-escape-string-sufficient-for-cleaning-user-input) – Canis Jul 31 '17 at 11:16

1 Answers1

0

Since you mark this as a PHP question, I will assume you want to know how to handle users signups and logins on a server running PHP.

You need to set up a server with a webserver like Apache, NginX or MS IIS, a database like MySQL, PostgreSQL or MS SQL Server Express, and of course PHP.

Using the HTML you posted, the easiest way to get that to PHP is to simply POST it, i.e. use the submit button to send the form data. In your form-tag set the method to POST and actionto your PHP-scripts URL. Remember to always send user data such as credentials over SSL (using https://)

In the PHP-script you access the form-data using the $_POST array, for example:

$username = $_POST["form-username"];

Using the PDO (PHP Data Object) driver for your chosen database, set up a prepared statement matching against the username provided and, hashing the provided password in the same way as when the password was securely stored in the database, see if the password hashes matches. If it matches, then the user provided the correct password for that username.

Store the info you need to remember about the user, like display name, username etc. in session variables, so your script can detect that the user is logged in.

For the process of storing the users during sign up, you do basically the same, except that you insert the users into the database, rather than selecting them from it.

I know this is a high level breakdown of the process, but given the sheer number of existing tutorials on doing each part of this, for example here on the site under Documentation, I will leave it up to you to google each part, but at least now you know which parts to google for. Remember to validate input, always use prepared statements, and even validate data from your database before writing it to a web-page. The validation helps protect your site against XSS and SQL Injections, which are well knows ways to attack either your site, or your sites users.

Canis
  • 4,130
  • 1
  • 23
  • 27