user registration and log in

Allowing users to register their own profiles on your site.

The main element of any ‘open to users to contribute by uploading thing and commenting’ type of site is allowing users to register for the site and have their own profile. Not only does this mean that your users feel more involved with and part of the site, it allows you to maintain a certain level of control over who can use your beloved piece of work. It’s essential to a ‘user-generated’ collaborative site. And thankfully, it’s rather straightforward to do.

Before starting, you’ll need to create a new table in your database which will be used to hold information about your users. Call it something like ‘users’ and (at the very least) have columns for ‘user_id’, ‘username’, ‘password’, ‘email’ and ‘access’. You may choose to add extra fields to store extra user information such as date joined, age, personal site, profile info etc.. but for the time being, ensure you have the crucial basics.

Users table

Then create a new page in Dreamweaver and save it as ‘register.php’. This will be the page that users utilise to create an account on your site and as such, will need a form on it to capture their information. Give your form a name of ‘register’ and place textfields called ‘username’, ‘password’ and ‘email’ into it. You can change the input type of the password field to ‘password’ which will turn anything typed into that box to ‘******’ symbols. Also place a hiddenfield in the form called ‘access’, with the value of ‘user’. This will be used to determine the level of access each user will have (so it will eventually be set up like ‘user’ / ‘moderator’ / ‘admin’ etc..).

Registration form

Then use the server behaviors tab in Dreamweaver (in the Applications panel) to set up an ‘insert record’ behavior and make sure that all the values match up accordingly. For the ‘after inserting..’ option, type in ‘register-confirm.php’.

Insert user information

That’s basically all you need for the registration page although do be aware that this form contains no validation or anything like password checking. All it does it take information from the form and place it into your users table.

If you now create a simple page called ‘register-confirm.php’ with some ‘Thanks for registering’ type of text on it, possibly also with a link to a page called ‘login.php’ somewhere, then you’ll have a friendly welcome to your newly registered users!

Many thanks!

Check new user
Returning to the register page in Dreamweaver, you can apply the server behavior of ‘Check New Username’ to do exactly what it sounds like it might do. It’ll ensure that any new applicants wont be able to register unless they have chosen a unique username. If they attempt to register with a name that’s already been taken, then they’ll be taken to a page of your choice, with a parameter in the URL of ‘requsername=WHATEVER NAME THEY ENTERED’. If you enter ‘register.php’ as the page to go to, then place somewhere near the form (in your code), the following:

<?
$desired = $_GET['requsername'];
if (isset($desired)) {
echo ("<p>Sorry, the username $desired has been taken.</p>");
}
?>

this will check whether that parameter has been defined, and if so, display an appropriate message.

Now create a new page called ‘login.php’ and place a form on it with the name of, cunningly, ‘login’. In that form, you’ll need a ‘username’ and a ‘password’ textfield (and a submit button).

Login form code

With the form in place, you can goto the server behaviors tab, then to the User Authentication option, and finally to the Log In User behavior. This will use the form on your login page to check whether the details match ones which exist in your database (checking the entered username against the corresponding password) and based on the results, will take the user wherever you specify.

Log in user

The really good thing about this behavior is that if the login is successful, the PHP code will create and assign two session variables which you can then use across your site. A session variable is as it sounds, a variable (which can store a piece of information) which will be present and available for as long as the user is on your site (one full ’session’ of browsing). This is perfect for carrying bits of information from page to page, without having to resort to the much less secure option of encoding within the URL string. This particular action includes the line;

$_SESSION['MM_Username'] = $loginUsername;

which creates a session variable called ‘MM_Username’ and assigns it the value from the login form. You can ‘pick up’ the current session on any page you like and access any session variables that have been created, but to do so, you must include the following at the very top of any page you wish to use sessions on.

<? session_start(); ?>

Crucial.

So, with that in mind, let’s return to our original ‘gallery’ page in Dreamweaver, and add the session_start on the very first line of code.

Session start

Then, to actually do something with the logged in user, add this inside your page body, under any page heading you may have.

<? if (isset($_SESSION['MM_Username'])) {
$name = $_SESSION['MM_Username'];
echo ("<p>Hi $name! Welcome back to the gallery.</p>");
} else {
echo ("<p>Please login</p>");
}
?>

This will check if the MM_Username has been registered, and if so, give a personalised welcome message.

Hello matt!

How nice :).

Finally, you can create a logout page (new PHP page, save it as ‘logout.php’) and strip it of all code. Then add the Log Out User behavior via the Server Behaviors tab > User Authentication. Set it so that the user will get logged out when the page loads, and put in a page to redirect to.

Log out user

To allow your users to logout then, you can merely create a link from anywhere on your site and point to this ‘logout.php’ page. Easy-peasy.

Stuff.