In this tutorial, we create 3 php files for testing our code.
1. index.php
2. logincheck.php
3. success.php
4 Steps to create login page
1. Create table "userlist" in database "demo".
2. Create file index.php.
3. Create file logincheck.php.
4. Create file success.php.
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form" method="post" action="logincheck.php">
<td>
<table width="100%" border="0" cellpadding="2" cellspacing="2" bgcolor="#000">
<tr>
<td colspan="3"><strong>Login Page</strong></td>
</tr>
<tr>
<td width="78">Userid / Email id</td>
<td width="6">:</td>
<td width="294"><input name="txtusername" type="text" id="txtusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="txtpassword" type="text" id="txtpassword"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
CREATE TABLE `userlist` (
`id` int(4) NOT NULL auto_increment,
`username` varchar(65) NOT NULL default '',
`password` varchar(65) NOT NULL default '',
PRIMARY KEY (`id`)
) TYPE=MyISAM AUTO_INCREMENT=2 ;
INSERT INTO `userlist` VALUES (1, 'admin', 'admin123');
$host="localhost"; // Host name
$username=""; // username
$password=""; // password
$dbname="demo"; // Database name
$tblname="userlist"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$dbname")or die("cannot select DB");
// username and password sent from form
$txtusername=$_POST['txtusername'];
$txtusername=$_POST['txtpassword'];
// To protect MySQL injection (more detail about MySQL injection)
$txtusername= stripslashes($txtusername);
$txtusername= stripslashes($txtusername);
$txtusername= mysql_real_escape_string($txtusername);
$txtusername= mysql_real_escape_string($txtusername);
$sql="SELECT * FROM $tblname WHERE username='$txtusername' and password='$txtusername'";
$result=mysql_query($sql);
// Counting table row
$row=mysql_num_rows($result);
// If matched $txtusernameand $txtusername, table row must be 1 row
if($row==1){
// Register redirect to file "success.php"
session("txtusername");
session("txtusername");
header("location:success.php");
}
else {
echo "Invalid Username or Password";
}
?>
<?php
session_start();
if(!session_is_registered(txtusername)){
header("location:index.php");
}
?>
<html>
<body>
Login Successful
</body>
</html>
1. index.php
2. logincheck.php
3. success.php
4 Steps to create login page
1. Create table "userlist" in database "demo".
2. Create file index.php.
3. Create file logincheck.php.
4. Create file success.php.
Create file index.php.
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form" method="post" action="logincheck.php">
<td>
<table width="100%" border="0" cellpadding="2" cellspacing="2" bgcolor="#000">
<tr>
<td colspan="3"><strong>Login Page</strong></td>
</tr>
<tr>
<td width="78">Userid / Email id</td>
<td width="6">:</td>
<td width="294"><input name="txtusername" type="text" id="txtusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="txtpassword" type="text" id="txtpassword"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
Creating database with table and data
CREATE TABLE `userlist` (
`id` int(4) NOT NULL auto_increment,
`username` varchar(65) NOT NULL default '',
`password` varchar(65) NOT NULL default '',
PRIMARY KEY (`id`)
) TYPE=MyISAM AUTO_INCREMENT=2 ;
INSERT INTO `userlist` VALUES (1, 'admin', 'admin123');
Create logincheck.php page
<?php$host="localhost"; // Host name
$username=""; // username
$password=""; // password
$dbname="demo"; // Database name
$tblname="userlist"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$dbname")or die("cannot select DB");
// username and password sent from form
$txtusername=$_POST['txtusername'];
$txtusername=$_POST['txtpassword'];
// To protect MySQL injection (more detail about MySQL injection)
$txtusername= stripslashes($txtusername);
$txtusername= stripslashes($txtusername);
$txtusername= mysql_real_escape_string($txtusername);
$txtusername= mysql_real_escape_string($txtusername);
$sql="SELECT * FROM $tblname WHERE username='$txtusername' and password='$txtusername'";
$result=mysql_query($sql);
// Counting table row
$row=mysql_num_rows($result);
// If matched $txtusernameand $txtusername, table row must be 1 row
if($row==1){
// Register redirect to file "success.php"
session("txtusername");
session("txtusername");
header("location:success.php");
}
else {
echo "Invalid Username or Password";
}
?>
Create Success Page
<?php
session_start();
if(!session_is_registered(txtusername)){
header("location:index.php");
}
?>
<html>
<body>
Login Successful
</body>
</html>
No comments:
Post a Comment