XML Login System
videos

Build a Login and Registration System with XML

on Feb 12th 2009 with 106 comments

Building an entire membership system can be a tedious, and time-consuming task. Tim Cooper is going to show us how to build the ENTIRE thing in roughly thirty minutes. Rather than using MYSQL as our database, Tim will instead demonstrate an alternate approach: using an XML file. We’ll be reviewing PHP, .htaccess files, sessions, and more!


  • Subscribe to the NETTUTS RSS Feed for more daily web development tuts and articles.


Tags: Videos
 
Enjoyed this Post?

Subscribe to our RSS Feed, Follow us on Twitter or simply recommend us to friends and colleagues!

By

Rollover to read this author's bio or click through to see a full list of posts by this author.

Hi, I'm Tim Cooper, aka techietim. I am currently a high school student in Nova Scotia, Canada with a lot of free time on my hands. I have been doing PHP work for about 4 years and I'm not planning on stopping.  

Plus Premium
 
 
Note: Want to add some source code? Type <pre><code> before it and </code></pre> after it. Find out more
Newer Comments
  • http://iamgp.com Gareth

    Interesting article: I will always would rather use MySQL though..

  • http://www.pcbymp.nl/mennopietersen ThaClown

    Pff… man you are fast!
    Alot to learn from this vid, I guess I should first finish the “Diving into PHP” series!

    Thanks alot man.

  • Pingback: Turulcsirip - Tamas Bogdan

  • http://yoosuf.awardspace.com/ M.A.Yoosuf

    ha, its great, but how fat its practical, because its like flat file system

  • http://www.van-ess.nl Groningen

    Damm nice tutorial, you also worked it out realy fine.

    Greetings from the netherlands

  • Eduardo

    I thought nothing could be faster than the speed of light…. I was wrong! LOL

  • http://www.webkitstudio.com Some Funky Dude

    I think this is a great tutorial on using the SimpleXMLElement object

    one thing I didn’t understand why preg_replace() was necessary on the username field but not the email input field

  • http://www.instantshift.com DKumar M.

    Impressive Tut Cooper… Nice and fast !!

  • Alessandro

    Thank you, maybe it’s not a perfect solution for a login system, but for some other data it can be very useful.

  • http://iamoneman.com Paul Davis

    This is BRILLIANT! O think, the best tutorial I’ve seen on NetTuts, for me anyway.

    Thanks Tim!

  • http://blog.insicdesigns.com insic

    very nice! well explained.

  • Dean

    Is it just me or can we not jump ahead in the video?

  • http://jeffhui.net/ Jeff Hui

    Nice tutorial! :)

    I’ll have to agree that using an file to store your login information isn’t the best implementation for user auth. I wasn’t aware of PHP’s support for xml manipulation. thanks

  • http://www.patternhead.com Patternhead

    Nice tut but I wonder how this would scale for systems with thousnads of users.

  • http://techietim.ca/ Tim Cooper
    Author

    Thanks for the comments!

    @Yoosuf, @Alessandro, @Jeff, @Patternhead: You’ve raised some valid questions. This solution would not be great for a large traffic site, as you said. The objective of the tutorial was to familiarize the users about the XML functions that are in PHP.

  • mokin

    Very nice tutorial! :)

  • http://www.indev.nl Matthijn

    Didnt see the movie to be honest, but I would never use a xml file to store my users in. A database is made for things like that, much faster.

    XML in my opinion is more on its place in RSS (so generated xml files, not static) and api’s.

  • noam

    Thumbs up for the speed! i loved the tut!!

    every time i watch a screencast i fast forward boring stuff… but in this one i didnt have to do it even once!! i think we should name those casts differently… like QUICKCAST :D

    *thumbs up*

  • Bharat

    Excellent tutorial! :)

  • Ryan Hickman

    Iffy Post — SimpleXML doesnt work in all environments — If someone were using 1and1 they would be screwed.

    I think this should have provided all 3 ways to access XML in php (simplexml, domDocument, xmlparser) and it would have been much more userful as a post.

    I will give a thumbs up thou… its not bad.

  • http://www.BigCode.com Nat

    Great Tut Tim. I agree with you: there are instances where apps based on flat xml data sources can be a simpler, more elegant solution than using a relational db – not necessarily for registration system – but cases do exist.

    And I agree with noam: the speed was refreshingly quick.

  • http://www.pushingbuttons.net Timothy

    Nice. Thanks

  • Rik Girbes

    thank you very much, i very much like it!!

    im making a small cms system for my school (hehe xD im about the only one in my school that knows about programming stuff)

    and this was perfect for a small group of users so thanks again!

    *thumbs up* <<== everybothy says that so why should I?!..

    bb

    Rik

  • http://jasonwilsondesign.com Jason

    To address both sides of the field here.

    No this is absolutely not a good solution for a site with anything more than a handful of users (or other data). However, XML is both smaller and faster, in certain situations, than the similar data transfer and query process of a database especially for situations where you will be accessing rarely changing data over and over again.

    Right tools for the right job.

  • Ryan Stubbs

    That was a really good tutorial. Might not be best for the login/registration but I’d never really understood how flat file systems were made until this. Thanks a lot!

  • rachid

    Why creating an XML file for every user instead of putting them all in one file :
    it will be very helpful if you want to check if the email does not already exist, or may be to get some user statistics !

    login
    exemple@exemple.com
    1234

    login
    exemple@exemple.com
    1234

    nice tut !!

  • http://blog.brenelz.com Brenelz

    Yeah… excellent screencast! Wish I was as good at them as you.

    On the other hand, I do think a seperate xml file for each is not very manageable. You could either put them all in one file:

    Or even preferably use PHP/MySQL, but I know you wanted to show XML :)

  • http://techietim.ca/ Tim Cooper
    Author

    Here is a modified version that uses a single XML file:

    http://techietim.ca/files/xml_user_system_singlefile.zip

  • http://monofonicos.net fugazi

    thank you so much for this amazing tutorial :)

  • Valuediz

    One of the most useful tutorial on Nettuts!

  • ericb

    man this tut is awesome! good job! tim! ei, jeffrey more on xml tutorials please!

  • Merxhan

    Great Tutorial, good explanation, very useful.

    Thank you

  • http://windesignwrold.com monaye

    Great tut!!
    You didn’t mention anything about security, and wondering how secure is this?
    just like the sql injection, is there xml injection??
    I am sure there should be prevention for the session jack.

    Anywhere great tut, and good for you that you’re still high school student. when i was high school…

  • http://techietim.ca/ Tim Cooper
    Author

    @monaye: You can add more security if you desire. There’s only so much I can explain in 30 minutes ;)
    As for injection, I just realised I should have ran htmlentities on the user input. Without it, the user can insert their own XML nodes and cause problems.

    So please, htmlentities user input!

  • http://marislabs.org Rashaud Teague

    Hmm… you can also use SQLite if you don’t want to use a large platform like MySQL, Oracle, MS SQL, or PostgresSQL

    That way you don’t have to stray to far from using SQL code…

    http://sqlite.org

  • http://www.jorgebucaran.com Jorge Bucaran

    Love fast paced tutorials like this one.

  • http://titel.ro Constantin TOVISI

    Interesting idea to be using XML for storage of the login information, though I think I’ll stick to mySQL for the momment.

    Nice tutorial anyways, and I’m looking forward to more of this screencasts.

  • yassir

    xml -> IO problems , unsafe !! if someone knows the username he can get the password even with the md5 !
    and you can’t do roles easly or profile …

    i ll stick to ms sql ! even with small projects

  • dev

    tht’s the second good thing to come out of nova scotia in recent times,

    1. The lovely Ellen Page
    2. Talented Tim Cooper

    ;-)

    nice tutorial

  • yassir

    @Tim Cooper — what if two users want to login at the same time ? or what if your file is getting large ?

  • http://www.benblogged.com Ben Blogged

    Great Tut… thanks

  • http://ramaboo.com/ David Singer

    When will people stop using MD5. It was broken years ago. Might as well just use plain text if your going to use unsalted MD5′s.

    p.s There is a label tag.

  • http://www.alessiopiazza.it Pix

    well this is a great introduction to xml function in php
    but i think would be better check if an email already exists instead of checking the username

    by the way nice job

  • http://eneza.wordpress.com Eneza

    nicely done!!! Good Job

  • sx

    better password method, stored different locations.

    $user_salt=sha1(microtime());
    $salt=”slfjlfljsdlfjsl;fjlsdfj;asdfj”;
    $password=”passwordsample”;
    md5($salt. $user_salt . $password);

  • Clemens

    I’m not enirely sure about this, but shouldn’t you use === and !== to compare strings? Otherwise, you could cheat it with 0. If Strings are compared to Ints, they are converted to the first number, or 0 instead.

    Test this:
    < ?php
    $string = “password or name or anything”;
    $string2 = “password or name or anything”;
    $int = 0;
    if($string === $int) echo “I cheated ;-)”;
    else echo “I failed to cheat :-(“;
    echo “”;
    if($string === $string2) echo “Strings equal”;
    else echo “Strings not equal”;
    ?>

  • Clemens

    I want to add that this states that I failed to cheat, whereas a comparison with == instead of === would allow me to cheat.

  • Reader

    Shouldn’t you verify the user’s password instead of username? If this was made into something with an admin area, all youd have to do is edit the cookie to say ‘admin’

  • http://www.rizqtech.net rizq

    Good Post !!!

  • Pingback: Inspiring Design Links for Creatives for 2009-02-12 | This Inspires Me

Newer Comments