<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.or

1. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
2. <html xmlns="http://www.w3.org/1999/xhtml">
3. <head>
4. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
5. <title>Basic UCP</title>
6. //here you can add your design (Remove this line)
7. <form action='login.php' method='POST'>
8. <input type="text" name="username" value='<?php echo $username?>'/>
9. <input type="password" name="password"/>
10. <input type='submit' name="submit" value='Login' />
11. </form>
12. </head>
13. </html>
14. <?php
15.  
16. include("config.php"); //including our config.php where is connecting to mysql...
17. session_start(); //starting session for profile.php (Dunno how to explain better) look little down
18. error_reporting(0); //without this we will always get some stupid notice that variable isn't defined....
19.  
20. $submit = $_POST['submit']; //variable for submit button, in this variable we save button that player press in <input type='submit' name="submit" value='Login' />....
21. $username = sanitize($_POST['username']); //variable for username, in this variable we save text that user type in <input type="text" name="username"....
22. $password = sanitize($_POST['password']); //variable for password, in this variable we save text that user type in <input type="password" name="password"....
23.  
24. if($submit) //if he press submit button
25. {
26. if($username && $password) //if he type both of username and password not just one of them
27. {
28. $query = mysql_query("SELECT username, password FROM users WHERE username = '$username'"); //selecting user name and password, change it to your field names, chage users to your table name, $username means username that he type...
29. if(mysql_num_rows($query) == 1) //if user exists
30. {
31. while($row = mysql_fetch_assoc($query)) //loop thought table that we select in mysql_query
32. {
33. $dbusername = $row['username']; //setting dbusername as variable from table, change 'username' to your field!
34. $dbpassword = $row['password']; //setting dbpassword as variable from table, change 'password' to your field!
35. }
36. if($username == $dbusername && $password == $dbpassword) //if username is same as one from table and if password is the same as one from table...
37. {
38. $_SESSION['username'] = $dbusername; //setting session username to one from table, this is useful if you login, that restart your browser and than you go in url where is your profile.php... Anyway this is useful :D
39. echo header('location: profile.php'); //redirecting user to his profile page (profile.php)
40. }
41. else echo "Wrong password!"; //else if user type wrong password he will get this...
42. }
43. else echo "Username doesn't exist!"; //if username doesn't exist in table user will get this
44. }
45. else echo "Type name and password!"; //else if user doesn't type all fields he will get this...
46. }
47.  
48. ?>