main_login.php<table width="294" border="0" align="center" cellpadding="0" c

1. main_login.php
2.  
3. <table width="294" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#FFFFFF" bordercolor="#FFFFFF">
4. <tr>
5. <form name="form1" method="post" action="index.php?id=checklogin">
6. <td>
7. <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC" bordercolor="#66FF33">
8. <tr>
9. <td colspan="3"><center><strong>Geckoville Login</strong></center></td>
10. </tr>
11. <tr>
12. <td width="78"><div align=right>Username: </align></td>
13. <td width="294"><input name="myusername" type="text" id="myusername"></td>
14. </tr>
15. <tr>
16. <td><div align=right>Password: </align></td>
17. <td><input name="mypassword" type="password" id="mypassword"></td>
18. </tr>
19. <tr>
20. <td colspan="3"><center><input type="submit" name="Submit" value="Login"></center></td>
21. </tr>
22. </table>
23. </td>
24. </form>
25. </tr>
26. </table>
27.  
28. checklogin.php
29.  
30. <?php
31. session_start();
32. require("db.php");
33. $myusername=$_POST['myusername'];
34. $mypassword=$_POST['mypassword'];
35.  
36. // To protect MySQL injection (more detail about MySQL injection)
37. $myusername = stripslashes($myusername);
38. $mypassword = stripslashes($mypassword);
39. $myusername = mysql_real_escape_string($myusername);
40. $mypassword = mysql_real_escape_string($mypassword);
41. $mypassword = md5($mypassword);
42.  
43. $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
44. $result=mysql_query($sql);
45.  
46. // Mysql_num_row is counting table row
47. $count=mysql_num_rows($result);
48. // If result matched $myusername and $mypassword, table row must be 1 row
49.  
50. if($count==1){
51. $id = mysql_query("SELECT id FROM $tbl_name WHERE username='$myusername'");
52. while($row = mysql_fetch_row($id))
53. {
54. $_SESSION['id'] = $row[0];
55. }
56. // Register $myusername, $mypassword and redirect to file "login_success.php"
57. session_register("myusername");
58. session_register("mypassword");
59. header("location:index.php?id=login_success");
60. }
61. else {
62. echo "Wrong Username or Password";
63. }
64. ?>
65.  
66.  login_success.php
67.  
68. <?
69. include('loginonly.php');
70. if(!session_is_registered(myusername)) {
71. header("location:index.php?id=main_login");
72. }
73. ?>
74.  
75. Login Successful!
76.  
77. loginonly.php
78.  
79. <?php
80. session_start();
81. if($_SESSION['id'] == 0);
82. {
83. header('Location: index.php?id=main_login');
84. }
85. ?>