YA: Simple Login Processing 20130513042043AAQO7yN

1. <?php
2. // In response to http://answers.yahoo.com/question/index?qid=20130513042043AAQO7yN
3.  
4.  
5. // Variables
6. $html_header;
7. $message;
8. $user = (isset( $_POST['user'] ))? trim( $_POST['user'] ) : '';
9. $pass = (isset( $_POST['password'] ))? trim( $_POST['password'] ) : '';
10.  
11.  
12. // Check First For POST, no need to use a connection before needed.
13.  
14. if( strlen($user) > 0 && strlen($pass) > 0){
15.     // Database Connection ( You should be at least be using MySQLi )
16.     $conn = mysql_connect( 'localhost', 'username', 'passowrd' );
17.     if( !$conn ){ // Check For Connection
18.         if( !mysql_select_db( 'twa051', $conn ) ){
19.             $message = 'Cannot Select MySQL Database.<br /> Reason: ' . mysql_error($conn);
20.         }
21.     }else{
22.         $message = 'Cannot Connect To MySQL.<br /> Reason: ' . mysql_error($conn);
23.     }
24.    
25.     // If there's no message, then there's no problems
26.     if( is_null($message) ){
27.         // MySQL injection protection (look into PDO)
28.         $user = mysql_real_escape_string( $user );
29.         $pass = mysql_real_escape_string( $pass );
30.        
31.         // I'm using 'id' but substitute for whatevery key column you're using
32.         $query = "SELECT id FROM school_info WHERE username='{$user}' AND password='{$pass}' LIMIT 1";
33.        
34.         $results = mysql_query( $query );
35.        
36.         if( !$results ){
37.             $message = 'Malformed Query Statement, Or , Internal Error.<b' . 'r />' . mysql_error( $conn );
38.         }else if( mysql_num_rows( $results ) === 1){ // If it returns a row, then the username and password match.
39.             $html_header = '<meta http-equiv="refresh" content="0;URL=home.php">';
40.             header('Location: home.php');
41.         }else{
42.             $message = 'Incorrect Username/Password combo.';
43.         }
44.     }
45. }else if( $_SERVER[ 'REQUEST_METHOD' ] === 'POST'){
46.     $message = 'Please Enter Both Username and Password.';
47. }else{
48.     $message = 'Please Enter Username and Password.';
49. }
50. ?><!DOCTYPE html>
51. <html>
52.     <head>
53.         <title> Form </title>
54.         <link rel="Stylesheet" type="text/css" href="form.css" />
55.         <?php if( !is_null($html_header) ){ echo $html_header;} ?>
56.     </head>
57.     <body>
58.         <p>
59.             <a href="home2.html" >Back to homepage </a>
60.         </p>
61.         <img src="logo.png" width="150" height="80" alt="Logo" />
62.         <br />
63.         <br />
64.         <br />
65.         <br />
66.         <p>
67.             <?php echo $message; ?>
68.         </p>
69.         <p style="border: 1px solid #333;">
70.             <form method="post" action="login.php">
71.                 <label>
72.                     Username:
73.                 </label>
74.                 <input type="text" name="user" />
75.                 <br />
76.                 <label>
77.                     Password:
78.                 </label>
79.                 <input type="password" name="password"/>
80.                 <br />
81.                 <input type="submit" value="Login" />
82.                 <input type="reset" value="Reset" />
83.             </form>    
84.         </p>
85.     </body>
86. </html>