I find a bug into your class.login.php. if you use a development server and enabled the php errors and warnings you will get a undefined token error. Because in the constructor you define the token : $this->_token = $_POST['token']; So if your creating a new file and initialise the login class you will get the post error because it's not existing var... so what I did to fix this little bug is change the token definition to :

$this->_token = isset($_POST['token']);

@domentarion Thank you for the comment. I think you might have misunderstood what the POST variable token does. The POST token variable is a randomly generated value used to validate if a form submission is unique during the current session. Your code suggestion only checks if any token value has been submitted. You actually need to generate a unique value during the current session and then validate that it came from the same session.

@domentarion $this->_token = isset($_POST['token']); actually gives you a TRUE or FALSE value. This is flawed because I can easily submit data from a form on another domain and your code will accept it. The code that I put for download didn't have any bugs when I tested it. So it should be fine. Let me know if you still have trouble. Thanks.

@domentarion Try using this line of code

$this->_token = isset($_POST['token'])? $_POST['token'] : 0;

while ERROR like this

Warning: Invalid argument supplied for foreach() in class.login.php on line xxx

how do you log out?

i was wondering that too.......

I downloaded the example and is not working.

i see all the videos bt in end i got result

"Forbidden You don't have permission to access /user(its folder name)/< on this server."

so wht's the problem.

i see the videos again and again but show again same error. totaly confuss.

tnx

WoW man ur really awesome ur scripts are amazing big rating and I was wondering if you could make a video about "making comments on websites" like these on youtube cheers much appreciated

I downloaded this script, it doesnt work. I called the Database example and the table users, but I cant login. Phpmyadmin showed me this:

1 row(s) inserted.

Warning: #1265 Data truncated for column 'password' at row 1

I hope anyone can help me

its not woring promblem arround mysql_num_rows($data)

its not working

How would you do redirect the person to a webpage instead of were it say members area

I got an error about the undifined index token. Solved by putting an isset($_POST['token']) arround the token variable in the login class.

@Grumbkow

So, to simplify to all noobs, like me, replace:

$this->_token = $_POST['token'];

by:

$this->_token = isset($_POST['token']);

Thanks, man, for the solution :)

works fine for mine. Few problems but solved with the help of the posts here so thanks to all including the author. Now how do I add a logout button or link on the members area?

And a final question: how secure is this? (found so any with google but they are either incomplete or simple systems) Can i trust to put this on my website without any worries? I don't want it to be hacked by any idiot or amateur hacker.

Great tutorials btw. Thanks!

Hello! hey, when i try to execute the same code it shows me ERRORS as Invalid argument supplied for foreach()...How to rectify?

I got all the way to the end of the tutorial and everything seems to be working ok. However, I am unable to successfully log in. I am thinking it may have something to do with the way I set up the username and password in phpmyadmin, but I'm not sure. Any suggestions? Thanks and good tutorial ty.

Thank you for this tutorial, great job!!!!!! Realy helpful!

Realy helpful ! Thanks !

So I guess this is the object-oriented programming I often hear about... I like it a lot. Gonna try to do it this way from now on. Great tutorial.

Great tutorial. I've been having trouble grasping OOP but for some reason things made sense after listening to this (well at least a little more sense anyway!). Thanks and keep em coming!

what i must do, to save a site? visible only for logged in users ?

great tut! :)

Hi

I've created a virtual host, used the sql you posted to create a table and set the database connection string in class.login.php. But when I submit the login form I just get a completely blank page (address still at login.php). I've stared at this for a while but can't figure it out (I'm a noob). Could you advise me please?

Thank you for this tut!

i get redirected to my index.php file but "frontpage" is what is being displayed i need help

Great tutorial! Although I don't understand why your using isDataValid to check if the data is valid! Haven't you already used filter to replace any invalid data?

This is great tutorial. Thanks for that and hope will be more

I have the same probleme when i try to log in it gave me: "Undefined index: token in \....\class.login.php on line 20

Members Area"

Can someone HELP me pls!

I've the same issue ... has anyone solved this problem ?

thnx aloot:)

Good tut, thx but what about loggedOut function ? And, when I including login.php in my index.php I have notice: Notice: Undefined index: token ... :/

@GreenMerlin

I have the same probleme!

@mooke4you

on line 20 replace : $this->_token = $_POST['token'];

by : $this->_token = ($this->_login) ? $_POST['token'] : $_SESSION['token'];

this should resolve the problem!

best regards

Hi, I have a problem when I try to log in it gives me "Parse error: parse error in C:\wamp..." Can someone help me? Pls ;-)

when i try to login PHP_SELF is not working. what seems to be the problem??

Can you give me more details about your problem. This script should be working properly.

Good System

Hi, I was following your tutorial but I am not able to get the same result. The shortcut echo doesn't work on me ( <?=$variableName  ).

I can see that you changed the shortcut echo on your uploaded tutorial file. But I still have a problem. I have already changed the database name in class.login.php but the thing is I cannot login to the database. In your example database, in the phpmyadmin, the password is encrypted. how did it happen? How can I encrypt it so that the script will work. Thanks for the good tutorial.

You can generate your own md5 password manually by doing the following:

echo md5("newpass");

then insert it, along with your username, into your table to test out the login system. If you have any more problems, let me know. I am happy to help =)

@binnie67

Hello. It looks like your php "short_open_tag" option set to "Off". To enable it, find the php.ini file inside your php directory, open it, and then find "short_open_tag" (without the quotes) and then set it to "On" (without the quotes). So it should look like this:

short_open_tag = On

Then you must restart your apache server for this to take effect. This only seems to be a problem for personal web-servers. Most hosting companies have this setting set to 'On' by default.

Really great, BTW you tought some OOP, too. :-)

Thanks and keep on! :-)