[Tutorial] Creating a registration, login, activation (c#, php, sql)

Timmeh Dec 30, 2013

  1. Timmeh

    Timmeh Trve Kvlt
    85/94

    Joined:
    Jan 18, 2013
    Messages:
    468
    Likes Received:
    155
    Trophy Points:
    25
    Gender:
    Male
    Occupation:
    Drummer
    Location:
    Michigan
    Console:
    Xbox
    Here's a cool little tutorial I found for you guys :D

    .​
    You can use "system.threading" to ease off the lag when sending a webrequest or Backgroundworker (its the same thing as system.threading)​
    Save this as "table.sql" and import it into the sql database​
    -- phpMyAdmin SQL Dump
    -- version 2.11.4
    -- http://www.phpmyadmin.net
    --
    -- Host: localhost
    -- Generation Time: Jul 31, 2013 at 08:14 PM
    -- Server version: 5.1.57
    -- PHP Version: 5.2.17

    SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";

    --
    -- Database: `Mr Smithy x`
    --

    -- --------------------------------------------------------

    --
    -- Table structure for table `accounts`
    --

    CREATE TABLE `accounts` (
    `user_id` int(11) NOT NULL AUTO_INCREMENT,
    `user_name` longtext COLLATE latin1_general_ci NOT NULL,
    `user_pass` longtext COLLATE latin1_general_ci NOT NULL,
    `user_ip` mediumtext COLLATE latin1_general_ci NOT NULL,
    `user_email` longtext COLLATE latin1_general_ci NOT NULL,
    `user_activated` mediumtext COLLATE latin1_general_ci NOT NULL,
    `user_active_link` longtext COLLATE latin1_general_ci NOT NULL,
    PRIMARY KEY (`user_id`)
    ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=10 ;

    --
    -- Dumping data for table `accounts`
    --

    Save this as register.php

    Code:
    <?php
    //DB
    $mysql_host = "000webhost";
    $mysql_database = "000webhost";
    $mysql_user = "000webhost";
    $mysql_password = "000webhost";
    $account_table = "accounts";
    //Link Info
    $user_ip = $_SERVER['REMOTE_ADDR'];
    $user_name = $_GET['u'];
    $user_pass = $_GET['p'];
    $user_email = $_GET['e'];
    $user_activated = "not active";
    $activation_link = $_GET['tmp'];
    //Connecting
    $con = mysql_connect($mysql_host, $mysql_user, $mysql_password);
    if(!con){
        die('could not connect: '. mysql_error());
    }
    //Selecting and Queries to send to db
    $db_selected = mysql_select_db("$mysql_database") or die('could not connect: '. mysql_error());
    $sql = "INSERT INTO `$mysql_database`.`$account_table` (`user_id`,`user_name`,`user_pass`,`user_ip`,`user_email`,`user_activated`,`user_active_link`) VALUES('','$user_name','$user_pass','$user_ip','$user_email','$user_activated','$activation_link');";
    $active = "SELECT * FROM $account_table WHERE user_ip='$user_ip';";
    $value = mysql_query($active);
    while($names = mysql_fetch_assoc($value)){
    $check_ip = $names['user_ip'];
    }
    $active2 = "SELECT * FROM $account_table WHERE user_name='$user_name';";
    $value2 = mysql_query($active2);
    while($names2 = mysql_fetch_assoc($value2)){
    $check_name = $names2['user_name'];
    }
     
    if($check_ip != $user_ip && $check_name != $user_name){// if ip and username not the same - create account
    mysql_query($sql) or die(mysql_error());
    echo 1;
    }
    else{
    echo error;
    }
    mysql_close($con);
    //the actual work
     
    ?>

    save this as activation.php​
    Code:
    <?php
    //DB
    $mysql_host = "000webhost";
    $mysql_database = "000webhost";
    $mysql_user = "000webhost";
    $mysql_password = "000webhost";
    $account_table = "accounts";
    //Link Info
    $user_ip = $_SERVER['REMOTE_ADDR'];
    $user_name = $_GET['un'];
    $user_pass = $_GET['up'];
    $user_email = $_GET['ue'];
    $user_activated = "not active";
    $activation_link = $_GET['al'];
    //Connecting
    $con = mysql_connect($mysql_host, $mysql_user, $mysql_password);
    if(!con){
        die('could not connect: '. mysql_error());
    }
    //Selecting and Queries to send to db
    $db_selected = mysql_select_db("$mysql_database") or die('could not connect: '. mysql_error());
    $update = "UPDATE `$mysql_database`.`$account_table` SET user_activated='active' WHERE user_name='$user_name' AND user_active_link='$activation_link';";
    $active = "SELECT * FROM `$mysql_database`.`$account_table` WHERE user_name='$user_name' AND user_active_link='$activation_link';";
    $value = mysql_query($active);
    while($names = mysql_fetch_assoc($value)){
    $check_link = $names['user_active_link'];
    $check_ip = $names['user_ip'];
    $check_name = $names['user_name'];
    $check_pass = $names['user_pass'];
    }
    if( $check_name == $user_name && $check_pass == $user_pass && $check_link == $activation_link){// if ip and username are the same - login
    mysql_query($update) or die(mysql_error());
    echo 1;
    }
    else{
    echo error;
    }
    mysql_close($con);
    //the actual work
    ?>

    Save this as login.php​
    Code:
    <?php
    //DB
    $mysql_host = "000webhost";
    $mysql_database = "000webhost";
    $mysql_user = "000webhost";
    $mysql_password = "000webhost";
    $account_table = "accounts";
    //Link Info
    $user_ip = $_SERVER['REMOTE_ADDR'];
    $user_name = $_GET['sn'];
    $user_pass = $_GET['sp'];
    $user_email = $_GET['se'];
    $user_activated = "not active";
    $activation_link = $_GET['sal'];
    //Connecting
    $con = mysql_connect($mysql_host, $mysql_user, $mysql_password);
    if(!con){
        die('could not connect: '. mysql_error());
    }
    //Selecting and Queries to send to db
    $db_selected = mysql_select_db("$mysql_database") or die('could not connect: '. mysql_error());
    $update = "UPDATE `$mysql_database`.`$account_table` SET user_activated='active' WHERE user_name='$user_name' AND user_active_link='$activation_link';";
    $active = "SELECT * FROM `$mysql_database`.`$account_table` WHERE user_name='$user_name' AND user_ip='$user_ip';";
    $value = mysql_query($active);
    while($names = mysql_fetch_assoc($value)){
    $check_ip = $names['user_ip'];
    $check_name = $names['user_name'];
    $check_pass = $names['user_pass'];
    }
    if(check_name == $user_name && $check_pass == $user_pass){// if ip and username are the same - login
    mysql_query($update) or die(mysql_error());
    echo 1;
    }
    else{
    echo error;
    }
    mysql_close($con);
    //the actual work
    ?>


    Make this a db class and include it into form1 or what ever.​

    remember:
    textBox1.text = username
    textBox2.text = pass
    textBox3.text = email

    Code:
    using System.Security.Cryptography;
    using System.Net;
    using System.IO;
    class db
        {
            public static string user;
            public static string sha1(string originalPassword)
            {
     
                Byte[] originalBytes;
                Byte[] encodedBytes;
     
                SHA1 sha1;
                originalPassword = originalPassword.ToLower();
                sha1 = new SHA1CryptoServiceProvider();
                originalBytes = ASCIIEncoding.Default.GetBytes(originalPassword);
                encodedBytes = sha1.ComputeHash(originalBytes);
                originalPassword = BitConverter.ToString(encodedBytes);
                originalPassword = originalPassword.Replace("-", "");
                originalPassword = originalPassword.ToLower();
     
                return originalPassword;
     
            }
            string site = "http://yoursite.com/";
            public static string register(string username, string password, string email, string act_link)
            {
                string s = string.Empty;
                try
                {
                    HttpWebRequest wr = (HttpWebRequest)WebRequest.Create(site+"register.php?u="+username+"&p="+sha1(password)+"&e="+email+"&tmp="+sha1(act_link));
                    StreamReader sr = new StreamReader(wr.GetResponse().GetResponseStream());
                    s = sr.ReadToEnd();
                }
                catch (Exception ex) { }
                return s;
            }
     
            public static string activate(string username, string password,string act_link)
            {
                string s = string.Empty;
                try
                {
                    HttpWebRequest wr = (HttpWebRequest)WebRequest.Create(site+ "activate.php?un=" + username + "&up=" + sha1(password) + "&al=" + sha1(act_link));
                    StreamReader sr = new StreamReader(wr.GetResponse().GetResponseStream());
                    s = sr.ReadToEnd();
                }
                catch (Exception ex) { }
                return s;
            }
     
            public static string login(string username, string password)
            {
                string s = string.Empty;
                try
                {
                    HttpWebRequest wr = (HttpWebRequest)WebRequest.Create(site+ "login.php?sn=" + username + "&sp=" + sha1(password));
                    StreamReader sr = new StreamReader(wr.GetResponse().GetResponseStream());
                    s = sr.ReadToEnd();
           
                }
                catch (Exception ex) { }
                return s;
            }
        }
    Code:
    //You can split it where it says else(for login) and put that in button 1
    //As for button2 you can use the above code before the login code and input that into button1
    if (/* Boolean for Register */)
                {
                    if (MessageBox.Show("Do You Want To Register?", "Registration", MessageBoxButtons.YesNo, MessageBoxIcon.Information) == DialogResult.Yes)
                    {
                        if (db.register(textBox1.Text, textBox2.Text, textBox3.text, textBox3.text + textBox2.Text).Contains("1"))
                        {
                            if (MessageBox.Show("Registered! Do you want to active your account", "Do You?", MessageBoxButtons.YesNo, MessageBoxIcon.Exclamation) == DialogResult.Yes)
                            {
                                if (db.activate(textBox1.Text, textBox2.Text, textBox3.text + textBox2.Text).Contains("1"))
                                {
                                    MessageBox.Show("Account Activated.", "Successfull", MessageBoxButtons.OK, MessageBoxIcon.Information);
                                }
                            }
                        }
                        else
                        {
                            if (MessageBox.Show("Not sure if you created an account before, but do you wanna try to activate it?", "Do You?", MessageBoxButtons.YesNo, MessageBoxIcon.Exclamation) == DialogResult.Yes)
                            {
                                if (db.activate(textBox1.Text, textBox2.Text, textBox3.text + textBox2.Text).Contains("1"))
                                {
                                    MessageBox.Show("Account Activated.", "Successfull", MessageBoxButtons.OK, MessageBoxIcon.Information);
                                }
                                else
                                {
                                    MessageBox.Show("Error", "Wrong Login Info", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
                                }
                            }
                        }
                    }
                    else
                    {
     
                    }
                }
                else
                {
                    if (db.login(textBox1.text, textBox2.text).Contains("1"))
                    {
                        MessageBox.Show("Logged In!", "Successfull Login", MessageBoxButtons.OK, MessageBoxIcon.Information);
           
                    }
                    else
                    {
                        MessageBox.Show("Unsuccessful", "UnSuccessfull Login", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
                    }
                }
     
  2. AAW

    AAW Developer XPG Developer Lifetime Gold
    85/94

    Joined:
    Aug 6, 2012
    Messages:
    652
    Likes Received:
    690
    Trophy Points:
    85
    Gender:
    Male
    Location:
    Inside XPG
    Console:
    Xbox
    hmm storing database information in the .php files are dangerous, make it read them from another file and then have the permissions so noone can read that "Connections.php", better security ;)

    You'll thank me later :p
     

Share This Page

Close