Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- main_login.php
- <table width="294" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#FFFFFF" bordercolor="#FFFFFF">
- <tr>
- <form name="form1" method="post" action="index.php?id=checklogin">
- <td>
- <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC" bordercolor="#66FF33">
- <tr>
- <td colspan="3"><center><strong>Geckoville Login</strong></center></td>
- </tr>
- <tr>
- <td width="78"><div align=right>Username: </align></td>
- <td width="294"><input name="myusername" type="text" id="myusername"></td>
- </tr>
- <tr>
- <td><div align=right>Password: </align></td>
- <td><input name="mypassword" type="password" id="mypassword"></td>
- </tr>
- <tr>
- <td colspan="3"><center><input type="submit" name="Submit" value="Login"></center></td>
- </tr>
- </table>
- </td>
- </form>
- </tr>
- </table>
- checklogin.php
- <?php
- session_start();
- require("db.php");
- $myusername=$_POST['myusername'];
- $mypassword=$_POST['mypassword'];
- // To protect MySQL injection (more detail about MySQL injection)
- $myusername = stripslashes($myusername);
- $mypassword = stripslashes($mypassword);
- $myusername = mysql_real_escape_string($myusername);
- $mypassword = mysql_real_escape_string($mypassword);
- $mypassword = md5($mypassword);
- $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
- $result=mysql_query($sql);
- // Mysql_num_row is counting table row
- $count=mysql_num_rows($result);
- // If result matched $myusername and $mypassword, table row must be 1 row
- if($count==1){
- $id = mysql_query("SELECT id FROM $tbl_name WHERE username='$myusername'");
- while($row = mysql_fetch_row($id))
- {
- $_SESSION['id'] = $row[0];
- }
- // Register $myusername, $mypassword and redirect to file "login_success.php"
- session_register("myusername");
- session_register("mypassword");
- header("location:index.php?id=login_success");
- }
- else {
- echo "Wrong Username or Password";
- }
- ?>
- login_success.php
- <?
- include('loginonly.php');
- if(!session_is_registered(myusername)) {
- header("location:index.php?id=main_login");
- }
- ?>
- Login Successful!
- loginonly.php
- <?php
- session_start();
- if($_SESSION['id'] == 0);
- {
- header('Location: index.php?id=main_login');
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement