 |
| A Complete Membership System |
pages (4): 1 2 3 [4] |
|
 |
 |
Logout Script (logout.php)
Well, this is one
of the simplest scripts ever, and doesn’t involve much work:
<?php
session_start();
$_SESSION['s_logged_n'] = '';
$_SESSION['s_name'] = '';
$_SESSION['s_username'] = '';
session_destroy();
header("Location: login.php");
?>
|
It starts sessions, sets all the sessions
our scripts use to null, calls session_destroy() to kill the session,
and then
redirects to the login form. What else can I say?
Processing Member Commands (process.php)
This is the file that processes the member page options, allowing us to change
the password/email and shut accounts.
<?php
include 'config.php';
if(isset($_POST['changepassword']))
{
$current = trim($_POST['current']);
$new = trim($_POST['new']);
$confirm = trim($_POST['confirm']);
$pw = md5($current);
$query = mysql_query("SELECT * FROM Users WHERE Password = '$pw'
LIMIT 1") or die(mysql_error());
if(mysql_num_rows($query) > 0)
{
while($row = mysql_fetch_array($query))
{
if ( $_POST['new'] == $_POST['confirm'] )
{}else{
echo '<script>alert("Your passwords were not the same, please enter
the same password in each field.");</script>';
echo '<script>history.back(1);</script>';
exit;
}
$password = md5($new);
$do = mysql_query("UPDATE Users SET Password = '$password' WHERE
Password = '$pw' LIMIT 1") or die(mysql_error());
$dotwo = mysql_query("UPDATE Users SET Activated = 0 WHERE Password
= '$password' LIMIT 1") or die(mysql_error());
$send = mail($row['Email'] , "Password changed" , "Your password has
been changed to: ".trim($_POST['new'])."\n\nYou can change it again
via the members only panel, but first you must re-activate your
account:\nhttp://CHANGETHISURL.COM/activate.php?id=".$row['Actkey']."\n\nDo
not reply to this email, it is automated. Thanks." , "From: auto@mailer.com");
if((($do)&&($dotwo)&&($send)))
{
echo '<script>alert("Password changed. You will now be logged out
and you must re-activate your account, check your email, a
confirmation email has been sent.");</script>';
echo '<script>location.replace("logout.php");</script>';
exit;
} else {
echo '<script>alert("There appears to have been an error in the
script. 1 or 2 of 3 things may have happened:\n\n• Your
password could have been reset/changed\n• Your account could
have been deactivated, see the resend validation email page\n•
Your email may not have been sent.\n\nYou will now be logged out, if
you are not able to login, reset your password using the form, or
resend the validation email to activate your account again.\n\nWe
are sorry for the inconvenience.");</script>';
echo '<script>location.replace("logout.php");</script>';
exit;
}
}
} else {
echo '<script>alert("Incorrect password.");</script>';
echo '<script>history.back(1);</script>';
exit;
}
}
if(isset($_POST['changeemail']))
{
$current = trim($_POST['current']);
$new = trim($_POST['new']);
$confirm = trim($_POST['confirm']);
$query = mysql_query("SELECT * FROM Users WHERE Email = '$current'
LIMIT 1") or die(mysql_error());
if(mysql_num_rows($query) > 0)
{
while($row = mysql_fetch_array($query))
{
if ( $_POST['new'] == $_POST['confirm'] )
{}else{
echo '<script>alert("Your email addresses were not the same, please
enter the same email to confirm.");</script>';
echo '<script>history.back(1);</script>';
exit;
}
$do = mysql_query("UPDATE Users SET Email = '$new' WHERE Email =
'$current' LIMIT 1") or die(mysql_error());
$dotwo = mysql_query("UPDATE Users SET Activated = 0 WHERE Email =
'$new' LIMIT 1") or die(mysql_error());
$send = mail($row['Email'] , "Email changed" , "Your email has been
changed to: ".trim($_POST['new'])."\n\nYou can change it again via
the members only panel, but first you must re-activate your
account:\nhttp://CHANGETHISURL.COM/activate.php?id=".$row['Actkey']."\n\nDo
not reply to this email, it is automated. Thanks." , "From: auto@mailer.com");
if((($do)&&($dotwo)&&($send)))
{
echo '<script>alert("Email changed. You will now be logged out and
you must re-activate your account, check your email, a confirmation
email has been sent.");</script>';
echo '<script>location.replace("logout.php");</script>';
exit;
} else {
echo '<script>alert("There appears to have been an error in the
script. 1 or 2 of 3 things may have happened:\n\n• Your email
could have been reset/changed\n• Your account could have been
deactivated, see the resend validation email page\n• Your email
may not have been sent.\n\nYou will now be logged out, if you are
unable to login or cannot resend the validation email to either
addresses, please contact the administrator.\n\nWe are sorry for the
inconvenience.");</script>';
echo '<script>location.replace("logout.php");</script>';
exit;
}
}
} else {
echo '<script>alert("Incorrect email.");</script>';
echo '<script>history.back(1);</script>';
exit;
}
}
if(isset($_POST['closeaccount']))
{
$username = $_SESSION['s_username'];
$do = mysql_query("DELETE FROM Users WHERE Username = '$username'
LIMIT 1") or die(mysql_error());
if($do){
echo '<script>alert("Your account has now been closed, thank you for
being with us. You will now be logged out.");</script>';
echo '<script>location.replace("logout.php");</script>';
exit;
} else {
echo '<script>alert("Your account has NOT been closed, there was an
error in the processing of this script, you will now be redirected
back, please try again.");</script>';
echo '<script>history.back(1);</script>';
exit;
}
}
?>
|
This looks like a pretty huge script, but actually consists
of three main IF statements. This file gets included in the member.php page, so if one of the forms gets submitted this script detects it,
processes the correct code, and then dies peacefully so that unwanted code does
not get executed. The first two IF statements are very similar indeed - The first checks
that the
current password is correct, that the new and confirmed passwords are the same,
updates the database, deactivates the users account then gives the user a
message & redirects to be logged out. The second is the same except for e-mail
addresses, and sends an e-mail to the new e-mail address.
Once again, you must change the URL in the first and second mail() functions to
your URL. This is a stupid place to mention it (right at the end of the
tutorial) but you may want to define a variable that holds this URL, and just
include the variable each time instead of the URL. This can be done in under
five minutes.
Well, after numerous pages of code and explanations, we’re finished! If you have any
questions or comments, feel free to contact me on the
Creative Forums or click my name below to visit my profile where you can Private
Message or Email me. Registration may be required.
If you wish to download the source code files for this tutorial, click
here
to download a .ZIP file containing all of the files used above and a style.css
file to make your website look even snazzier. I hope this tutorial has helped
you!
- Tutorial written by Scrowler
| |  | |  | | Last 5 User Comments | | |
There are no comments for this tutorial yet.
You can place a comment by clicking here. |
|
|
|
|
|
|
Forum Threads
|
|
|
 Deactivate Account
Author: jerinian
Posted: Oct 02nd, 11:16am
Activity: 1 replies, 887 views
|  |  changes....
Author: supertackyman
Posted: Sep 12th, 2:56am
Activity: 2 replies, 1052 views
| |
| | |
