[PHP] Scripts & Tutorials

[killermickle]

Index

1. Contact form

2. Shoutbox

3. User system


I may also make a series of CSS tutorials :]



All of these scripts are made by me alone.
If you find any Bugs or errors Don't hesistate to tell me.


You can also edit any of these scripts to you're liking... Aslong as when or if you re-post them, you give me some credit... Which seems fair to me.





Contact form

Okay, This is a really simple contact form, Using PHP for verification.


So let's start.

Name this as contact.php

HTML Code:

<form method="POST" action="process.php">
<!-- This is the start of the form. You'll notice the action is set to process.php you'll find out more about that later in the tutorial -->
<div align="center">
<table border="0" cellpadding="0" width="400">
<!-- Start of the table that contains the form fields -->
<tr
<td width="117">Name:</td>
<td><input type="text" name="name" size="30" /></td>
</tr>
<tr>
<td width="117">Email Address:</td>
<td><input type="text" name="email" size="30" /></td>
</tr>
<tr>
<td width="117">Subject:</td>
<td><select size="1" name="subject">
<option>Please Select</option>
<option>Option 2</option>
<option>Option 3</option>
<!-- To add more options just use the option tags and put whatever you like.. -->
</select></td>
</tr>
<tr>
<td width="117">Message:</td>
<td><textarea rows="7" name="message" cols="30"></textarea></td>
</tr>
<tr>
<td colspan="2" align="center">
<input type="submit" value="Submit Form" name="send" /></td>
</tr>
</table>
<!-- End of the table -->
</div>
</form>
<!-- End of the form -->

I've left some comments in there for newbies :]




Now the form action, it's named as process.php... and will be the file that will processes the form input and sends it to your email address. Let's make this file now.

PHP Code:

<?php
//Open PHP Tags
if($_SERVER['REQUEST_METHOD'] != "GET")
//If the form has been submitted and the method isn't GET
{
    $name = $_POST['name'];
    $email = $_POST['email'];
    $sub = $_POST['sub'];
    $message = $_POST['message'];
    //Create variables for each of the form fields
    $ip = $_SERVER['REMOTE_ADDR'];
    //Create a variable for the users IP address
}
//Now we start validating the form so there's no blank entries.
if (!$name || !$email || !$message || $sub == "Please Select")
//If any of the fields above are blank
{    
    echo("Error, you left all or some of the fields blank! They are listed below:<p>");
    //Output an error message
    //Now we start validating each field
    if (!$name)
    {
        echo("- The Name field was left blank!<br />");
    }
    if (!$email)
    {
        echo("- The Email field was left blank!<br >");
    }
    if ($sub == "Please Select")
    {
        echo("- You didn't choose a subject!<br />");
    }
    if (!$message)
    {
        echo("- The Message field was left blank!</p>");
    } 
    die("<p>Form not submitted!</p>");
    //Kill the process so it doesn't submit blanks.
}
$msg = "
Name:
$name
Email Address: 
$email
Message:
$message
";
//Create a variable for the message sent to your email address.
$subject = "Contact form submission ($sub) From $name";
//Create a variable for the message subject.
mail("you@email.com", $subject, $msg);
//mail the form to your email address, edit the address above!
?>
<html>
Thanks or whatever here..
</html>

And that's it...
For some help on PHP, i recommend visiting:
http://www.w3schools.com/php/default.asp

I've put some comments in, To make it easier to understand for newbies...
















Shoutbox




Okay, This is a basic shoutbox that uses, PHP and MySQL.

Anyway,

Firstly you need to create a database...
Then run this query in PHPMyAdmin

Code:

CREATE TABLE `shout`(
`id` int(10) NOT NULL auto_increment,
`name` varchar(100) NOT NULL, 
`shout` varchar(255) NOT NULL,
`ip` varchar(15) NOT NULL,
PRIMARY KEY(`id`)
);

Now to make shoutbox.php

PHP Code:

<?php
$host = "localhost";
//Database host, normally localhost
$dbname = "EDIT";
//Database Name
$dbuser = "EDIT";
//Database Username
$dbpass = "EDIT";
//Database Password.
mysql_connect("$host", "$dbuser", "$dbpass");
mysql_select_db($dbname);
//Connects to your Database.

function secure($value)
{
$value = strip_tags($value);
$value = addslashes($value);
$value = stripslashes($value);
$value = htmlspecialchars($value);
$value = mysql_escape_string($value);
return($value);
}
//Secure function to help support SQL Server injection.

if(isset($_POST['shout']))
//Checks if the form has been submitted.
{
    $name = secure($_POST['name']);
    //Variable for the Name field
    $shout = secure(nl2br($_POST['msg']));
    //Variable for the Shout field
    $ip = $_SERVER['REMOTE_ADDR'];
    //Varaible for the Users IP address
    mysql_query("INSERT INTO `shout` (`name`, `shout`, `ip`) VALUES ('$name', '$shout', '$ip')");
    //Inserts the shout into the database.
}
//End the if statement.
$shouts = mysql_query("SELECT * FROM `shout` ORDER BY `id` DESC LIMIT 5");
//Gets the shouts from the database.
echo("<p>");
while($s = mysql_fetch_array($shouts))
{
    echo("<strong>" . stripslashes(secure($s[name])) . "</strong><br />" . stripslashes(nl2br($s[shout])) . "<br />");
}
//Displays the shouts
echo("</p>");
echo("<form method=\"post\">
    Name:<br />
    <input type=\"text\" name=\"name\" /><br />
    Shout: <br />
    <textarea cols=\"30\" rows=\"5\" name=\"msg\"></textarea><br />
    <input type=\"submit\" value=\"Shout!\" name=\"shout\" />");
    //The Shout form.
?>

You should save this as shoutbox.php.
Also, Remember to change the settings... Which i have write as "EDIT".

And I've commented almost every line, for the newbies.








I'm putting the user system in a new post, As i don't have enough room.

[killermickle]

User system



This is my own user system script, i'd say it's fairly safe, anyway here it is..

First, you need to create your database.
Then go into PHPMyAdmin and run this query:

Code:

CREATE TABLE `users` (
`id` int(10) NOT NULL auto_increment,
`username` varchar(30) NOT NULL default '',
`password` varchar(255) NOT NULL default '',
`email` varchar(60) NOT NULL default '',
`level` int(1) NOT NULL default '5',
PRIMARY KEY (`id`)
) TYPE=MyISAM;

Now we need our config file. This will contain the stuff we use alot throughout the script - Database connection for example.

PHP Code:

<?php
ob_start();
//Enables Cookies.

$host = "localhost";
//Databse Host..
$username = "DBUSER";
//Databse User..
$password = "PASSWORD";
//Databse Password..
$dbname = "DBNAME";
//Databse Name..
$connect = mysql_connect("$host", "$username", "$password");
$connection = mysql_select_db($dbname);
//Databse Connection.. edit the parts in capitals with your details

function secure($value)
{
$value = mysql_real_escape_string($value);
$value = strip_tags($value);
$value = addslashes($value);
$value = htmlspecialchars($value);
$value = mysql_escape_string($value);
return($value);
}
//Function i've created to secure form fields and make the system more secure.

$user = mysql_query("SELECT * FROM `users` WHERE `id` = '" . secure($_COOKIE['id']) . "' AND `password` = '" . secure($_COOKIE['pass']) . "'");
$user = mysql_fetch_array($user);
//Fetch array for later use..
?>

Save that as config.php.





Now for the register page:

PHP Code:

<?php
include("config.php");
//Includes your config file.
if(isset($_POST['register']))
//Checks if the form's been submitted.
{
$username = secure($_POST['username']);
$pass = secure($_POST['pass']);
$confpass = secure($_POST['confpass']);
$email = secure($_POST['email']);
$rules = $_POST['rules'];
//Creates variabes for the form output. Notice they're protected by the function we created.
if(strlen($username) < 3 || strlen($username) > 30)
//Checks if the username is long enough or too long
{
    echo("Your Username is Too short or too long. Minumum length 3 Max length 30.");
    //Tell the user
}
else
{
    if(strlen($pass) < 6)
    //Checks if the password is long enough.
    {
        echo("Your password is too short, minumum lenght is 6 characters.");
        //Tell the user
    }
    else
    {
        if($pass != $confpass)
        //Checks if the passwords match.
        {
            echo("Your passwords do not match");
            //Tell the user.
        }
        else
        {
            $check = mysql_query("SELECT * FROM `users` WHERE `username` = '$username'");
            $check = mysql_num_rows($check);
            //checking if the username exists in the database
            if($check > 0)
            {
                echo("This username already exists in our database, please choose another.");
                //Tell the user.
            }
            else
            {
                $check2 = mysql_query("SELECT * FROM `users` WHERE `email` = '$email'");
                $check2 = mysql_num_rows($check2);
                //Checking if the email address exists in the database
                if($check2 > 0)
                {
                    echo("This email already exists in our database, please use another one.");
                    //Tell the user
                }
                else
                {
                    if(!$rules)
                    {
                        echo("You must agree to the rules before you can register!");
                    }
                    else
                    {
                        $pass = md5($pass);
                        //Encrypt the password
                        mysql_query("INSERT INTO `users` (`username`, `password`, `email`) VALUES('$username', '$pass', '$email')") or die(mysql_error());
                        //Isert the details into the database
                        echo("Thank you for registering, you may now login!");
                        //Tell the user
                    }
                }
            }
        }
    }
}
}
else
//If the form's not posted
{
echo("<p align=\"center\"><strong>Register</strong></p>
<p>Please use the form below to register your account.</p>
<p>
<form method=\"post\" action=\"register.php?do=register\">
<table width=\"400\" border=\"0\" cellspacing=\"2\" cellpadding=\"0\">
  <tr>
    <td width=\"150\">Username:</td>
    <td width=\"244\"><input type=\"text\" name=\"username\" size=\"30\" /></td>
  </tr>
  <tr>
    <td>Password:</td>
    <td><input type=\"password\" name=\"pass\" size=\"30\" /></td>
  </tr>
  <tr>
    <td>Confirm Password: </td>
    <td><input type=\"password\" name=\"confpass\" size=\"30\" /></td>
  </tr>
  <tr>
    <td>Email Address: </td>
    <td><input type=\"text\" name=\"email\" size=\"30\" /></td>
  </tr>
  <tr>
    <td colspan=\"2\"><textarea readonly=\"readonly\" name=\"textarea\" cols=\"60\" rows=\"6\">Site rules

1. Blahhhhh
2. Blahhhhh
3. Blahhhhh
4. Blahhhhh
5. Blahhhhh
6. Blahhhhh
7. Blahhhhh</textarea></td>
  </tr>
  <tr>
    <td colspan=\"2\"><input name=\"rules\" type=\"checkbox\" id=\"rules\" value=\"rules\" />
      I agree to the rules.. </td>
  </tr>
  <tr>
    <td colspan=\"2\"><div align=\"center\">
      <input name=\"register\" type=\"submit\" id=\"register\" value=\"Sign Up\" />
    </div></td>
  </tr>
</table>
</form></p>");
//The registration form.
}
?>

save as register.php



Now we need our login page:

PHP Code:

<?php
include("config.php");
//includes our config page
if(!$user[username])
{
if(isset($_POST['login']))
{
$username = secure($_POST['username']);
$pass = secure(md5($_POST['pass']));
$check = mysql_query("SELECT * FROM `users` WHERE `username` = '$username'");
$fetch = mysql_fetch_array($check);
if($fetch[password] != $pass)
{
    echo("Error! Incorrect username or password, please try again.");
}
else
{
    $cookie = mysql_query("SELECT * FROM `users` WHERE `username` = '$username'");
    $cookie = mysql_fetch_assoc($cookie);
    
    setcookie("id", $cookie[id], time()+3600);
    //Sets a cookie to keep the user logged in for an hour (3600 seconds)
    echo("<meta http-equiv=\"Refresh\" content=\"1;\"/>Login successfull, please wait!");
}
}
else
{
    echo("<form method=\"post\">
<table width=\"200\" border=\"0\" cellspacing=\"2\" cellpadding=\"0\">
  <tr>
    <td width=\"90\">Username:</td>
    <td align=\"left\"><input name=\"username\" type=\"text\" size=\"20\" /></td>
  </tr>
  <tr>
    <td width=\"90\">Password:</td>
    <td align=\"left\"><input name=\"pass\" type=\"password\" size=\"20\" /></td>
  </tr>
  <tr>
    <td colspan=\"2\"><div align=\"center\">
      <input name=\"login\" type=\"submit\" value=\"Login\" />
    </div></td>
  </tr>
  <tr>
  <td colspan=\"2\" align=\"center\"><a href=\"register.php\">Register</a></td></tr>
</table>
</form>");
}
}
else
{
    echo("Welcome, $user[username],
    <p><strong>User Menu</strong><br />
    - Blah<br />
    - Blah<br />
    - Blah<br />
    </p>");
}
?>

Save as logout.php



Anyway, there may be a few errors... Its been tested though.
I've put alot of comments in this script, to help newbies :]

[DPS Computing]

Are there supposed to be links in there because if there is I can't find them .

EDIT: Sorry they have appeared now in the post just above this one!

[killermickle]

Hehe, Yes...


I was just finishing the post :>

[paul]

I would recommend killerphp.com ( php video tutorial ) & in2.php.net/tut.php nice tutorial for beginners.

[DPS Computing]

Quote:

Originally Posted by killermickle

Hehe, Yes...


I was just finishing the post :>

hehe, none of the code showed up when I made my post so I thought there was some links missing or something. The a minute or so later the code appeared .

[Mohsen32]

thanq!!
really useful tutorials