index.php

1. <?php
2.     session_start();
3.  
4.     if(isset($_POST['submit'])) {
5.         $dbCon = mysqli_connect("localhost", "root", "-------", "Login");
6.  
7.         $username = $_POST['name'];
8.         $password = $_POST['password'];
9.  
10.         $sql = "SELECT id, username, password FROM users WHERE username = '$username' AND active = '1'";
11.  
12.         $query = mysqli_query($dbCon, $sql);
13.         if($query) {
14.             $row = mysqli_fetch_row($query);
15.             $userId = $row[0];
16.             $dbUsername = $row[1];
17.             $dbPassword = $row[2];
18.         }
19.  
20.         if($username == $dbUsername && $password == $dbPassword) {
21.                 $_SESSION['username'] = $username;
22.                 $_SESSION['id'] = $userId;
23.                 header('Location: page.php');
24.             } else {
25.                 $error = "Incorrect Username/Password!";
26.         }
27.     }
28. ?>
29.  
30. <!DOCTYPE html>
31. <html>
32. <head>
33.  
34.     <!-- Title -->
35.     <title> Login </title>
36.  
37.     <!-- Google Font -->
38.     <link href="https://fonts.googleapis.com/css?family=PT+Sans+Caption" rel="stylesheet">
39.  
40.     <!-- CSS -->
41.     <link rel="stylesheet" href="css/main.css">
42.  
43. </head>
44. <body>
45.  
46.     <form method="POST" action="index.php">
47.         <div id="loginContainer">
48.             <h2>LOGIN</h2>
49.             <input type="text" placeholder="USERNAME" name="name" />
50.             <input type="password" placeholder="PASSWORD" name="password" />
51.  
52.             <div id="error"><?php echo $error; ?></div>
53.  
54.             <input type="submit" name="submit" value="LOGIN" />
55.         </div>
56.     </form>
57.    
58.     <h3>username = username<br />password = password</h3>
59.  
60. </body>
61. </html>