jimmy89 0 Report post Posted July 2, 2007 Hi all,I have a friend who, for his extended IT project is interested in making a website partly out of php. When he asked for advice my first thought was here. I would like to know some good websites, tutorials etc that he can use to introduce himself to php (he hasn't done much before).He is interested in making a simple login/subscription service where you can signup and then login to a 'members only' page. Any ideas and code samples that you have to share would be greatly appreciated. Thanks,-jimmy Notice from BuffaloHELP: Jimmy, you need to work on making topic title very specific. Share this post Link to post Share on other sites
iGuest 3 Report post Posted July 2, 2007 I'm beginning to doubt the use of "simple".The languages/markup involved would be HTML, CSS, PHP and MySQL other languages can be used or alternatives can be used but this is probably the least you would need to know.Before you begin any project (and this is similar for starting business too), you should write down a plan of what you want to achieve. You have a fair idea on the concept, but you really need to set forth goals so write down exactly what you'd like to happen and take it from there. A lot of people jump straight into coding and it can get really messy if it hasn't been properly planned.Security should always be on your mind, but not in the back of your mind. If you know the risks and know ways to prevent them, then always ensure you have this. I could talk a lot on just security in itself, but to get your friend started sooner I'll leave that for another day. View what's already out there, try to understand what they do, test them in ways you've never thought of before and see if what you expected is what happened.Try to work out the flow, you can't have a login page if you don't have the ability to add users, so you'd want to work on the subscription/registration.You'll need, a registration form with all the required details you'd want to know about your member and also a database to store this information. Also look into using CAPTCHA which helps prevent spam registrations.The database is quite a tricky thing too, you want to do your best to make sure it's close to correct at the beginning than find out it's not quite correct and you have to switch all your members over to another database because the old one wasn't implemented correctly. So plan the tables you'll want, of course you'll have the members username, password and email address (important it is checked to see it exists).There's other things you may want to consider, the date they signed up, the date they last logged in. This way you can run checks against your members, and if they're inactive for a while, you may consider removing them or placing them in a holding pen where if their login does happen to appear after being inactive for so long, you may get them to reactivate their account. If it's in the pen for so long, it's probably safe to remove their account. There's so many places that have a large number of members, but in reality it's usually a case of poor clean up.When they fill out and send this form, the information goes on hold. You'll ask them to activate this either clicking a link in their email or getting them to enter an activation code they received in their email, this confirms the email address is theres. So once activated, you can put the information into the database, if not activated within say 7 days, lose that information, it's just waiting space in the database.Once you have the ability to add users into your database, you can then look at a login form, which is possibly the simplest form you'd ever need, just one that takes the username and password, the backend would be checking the database if it exists and if it does exist, then let the server know they are now logged in by using sessions.Things to consider here is definitely security. A topic that can't be talked indepth, but at least make sure that too many attempts at logging in, logs the IP of the user and also puts the account into lock for a while and if they do need sooner access give them a means to contact you where you can just send an activation code to their email address. Never allow administrator accounts to be locked out though, Yahoo did this years ago and for the admins it wasn't funny, but for everyone else it was.So now that they are logged in they're going to need a way to access this members area, how they are presented with the navigation is up to the designer, maybe if successfully logged in they now have a members page link/button on their page they can access. The members page needs to have the ability to check if they are logged in, and if not, not allow the contents to be viewed.Then you've got to work backwards and inbetween and have a reversal of what you did. So you can add members, how can members be removed, maybe this would be administrative only. Have they forgotten their password? How can they reset it and have it sent to their email address? How can they change their information in the registration page they entered if it's now different? How can they log out?There's actually quite a lot of things to consider, which is why I'm questioning "simple", because mosts tasks like these aren't simple and people have spent endless hours trying to make the "best" membership system they see fit.The PHP PEAR extensions have quite a few classes that you could use to speed up the coding process, but it does require an understanding of classes. You can find them at http://pear.php.net/There are some tutorials that could help, that you'd find at http://www.phpfreaks.com/ where I believe they actually have a tutorial on creating a membership system, this should help.There's a lot I missed out, but the reason for writing so much. If I ever get the urge to do a membership system, at least I can refer to some of my notes I've left here, and if possible, alter them as the ideas change.Cheers,MC Share this post Link to post Share on other sites
jimmy89 0 Report post Posted July 2, 2007 thanks heaps for this! I'll forward it all to my friend and see what he thinks - and if he thinks its a viable idea still! Ill get back to you if there is anything else he wants to know!if anyone else has good tutorials sites - I'd love to hear of them!Thanks-jimmy Share this post Link to post Share on other sites
Arbitrary 0 Report post Posted July 2, 2007 Before you begin any project (and this is similar for starting business too), you should write down a plan of what you want to achieve. You have a fair idea on the concept, but you really need to set forth goals so write down exactly what you'd like to happen and take it from there. A lot of people jump straight into coding and it can get really messy if it hasn't been properly planned. This is especially true. I learned this from experience (in a bad way). Most of my code turned out to be a major mess with repeat snippets everywhere. Later on, when I wanted to fix a mistake in the code, I found that it was nearly impossible to locate where the error was. Fixing it became an even greater nightmare as since it was already messy I thought it was fine just to stick a few patches here and there. This left the code even worse off. For security, always make sure you take care of sql injections (look here: http://www.unixwiz.net/techtips/sql-injection.html) PHP's addslashes function was made especially for that purpose, I'd think. If your friend loathes to take care of the nitty gritty aspects of security, then he could probably download one of the numerous PHP classes (if you Google) out there catered to security. The PHP PEAR extensions have quite a few classes that you could use to speed up the coding process, but it does require an understanding of classes. You can find them at http://pear.php.net/PEAR is definitely great. And while I'm at it, I might as well suggest using a PHP framework. I would recommend CakePHP -- it takes care of much of the issues that were mentioned earlier in a rather nice model-controller-view format. (The model is the object that accesses the database, so you could have a model like 'User'. The controller is like the verb of a sentence--it does most of the business logic. The view takes care of the design. ) For CakePHP, there is built-in validation specified by Perl regular expressions and security is taken care of by a class called 'sanitize'. With 'sanitize', you can specify different levels of security, from its paranoid function (which takes out all characters in a string besides those that are alphanumeric) to its sql function (which takes advantage of PHP's addslashes function). Share this post Link to post Share on other sites
iGuest 3 Report post Posted August 22, 2008 Database connectivity Basics Of Php For Beginners - Suggestion Dear friends, I am new to php,I want to know is thei any integrated software of server such as apache ,php and my sql.If yes please tell me the link to that else tell me how to do connectivity in php with server and databse. Waiting For Your response -question by Alim Khan --------- Your Web host will give you a Control Panel called PHPmyADMIN. Use it to access your Database -Shree Share this post Link to post Share on other sites
iGuest 3 Report post Posted August 24, 2008 Database connectivity Basics Of Php For Beginners - Suggestion Dear friends, I am new to php,I want to know is thei any integrated software of server such as apache ,php and my sql.If yes please tell me the link to that else tell me how to do connectivity in php with server and databse. Waiting For Your response -question by Alim Khan --------- Your Web host will give you a Control Panel called PHPmyADMIN. Use it to access your Database -Shree Google XAMPP for an integrated one-click installer of php, mysql, Apache and several other softwares that can allow you to run a Loacl server on your own machine for the purpose of testing scripts before publishing them onto your Hosting Server. Share this post Link to post Share on other sites