Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- the login script:
- <?php
- $host="localhost"; // Host name
- $username=""; // Mysql username
- $password=""; // Mysql password
- $db_name=""; // Database name
- $tbl_name="members"; // Table name
- // Connect to server and select databse.
- mysql_connect("$host", "$username", "$password")or die("cannot connect");
- mysql_select_db("$db_name")or die("cannot select DB");
- // username and password sent from form
- $myusername=$_POST['myusername'];
- $mypassword=$_POST['mypassword'];
- // To protect MySQL injection (more detail about MySQL injection)
- $myusername = stripslashes($myusername);
- $mypassword = stripslashes($mypassword);
- $myusername = mysql_real_escape_string($myusername);
- $mypassword = mysql_real_escape_string($mypassword);
- $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
- $result=mysql_query($sql);
- // Mysql_num_row is counting table row
- $count=mysql_num_rows($result);
- // If result matched $myusername and $mypassword, table row must be 1 row
- if($count){
- session_start();
- session_regenerate_id();
- $_SESSION['SESS_USERNAME'] = $myusername;
- $_SESSION['SESS_PASSWORD'] = $mypassword;
- session_write_close();
- header("location: login_success.php");
- }
- else
- {
- echo"<html>
- <head>
- <link href='styles.css' rel='stylesheet' type='text/css'/>
- </head>
- <body>
- <div id='main'>
- <div id='header'>
- </div>
- <div id='contentWrapper'>
- <div id='leftBox'>
- <div id='leftBoxContent'>
- <div id='lightBox'>
- </div>
- </div>
- </div>
- <div id='rightBox'>
- </div>
- <div id='content'>
- <p>Wrong Username or Bad Password.</p>
- <p><a href='./index.php'>Click Here</a> to try again.</p>
- </div>
- <br class='clearFloat'/>
- </div>
- <div id='footer'></div>
- </div>
- </body>
- </html>";
- }
- ?>
- check login script:
- <?php
- session_start();
- if(!isset($_SESSION['SESS_USERNAME']) || !isset($_SESSION['SESS_PASSWORD']) || (trim($_SESSION['SESS_USERNAME']) == '')) {
- //someone's not logged in
- header("location: index.php"); //it's suppose to actually be there
- exit();
- }
- ?>
- and whats on top of every page:
- <?php
- require_once("checklogin.php");
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement