First thing in a web app (or any other private application) is provide a login to the system. Users need to enter a correct username and a password in order to login. User and login details are stored in the database "users" table. Every user has a unique auto generated id (given by the users table primary key) and we use it to create and set a session for users.
Users MySQL Table
User_ID is the primary key of the table and it is set to auto increment field. User privileges are stored as a text (array) and we use search string PHP function to check for selected values in the form.
Source code of Login page (index.php)
<?php include("inc/page_header.php"); ?> <div class="wrapper"> <div class="login"> <div class="boxtitle">System Login</div> <?php /* ++++++++++++++++ PHP START ++++++++++++++++++++++++++ */ if(isset($_POST['submit'])){ $username = $_POST['username']; $password = $_POST['password']; // form validation if($username == '' || $password == ''){ $error = 'Please enter username and password!'; }else{ // check username in the database $q = mysql_query("SELECT * FROM users WHERE User_Name = '$username'"); if(mysql_num_rows($q) > 0){ $r = mysql_fetch_assoc($q); $db_password = $r['User_Password']; if($db_password === $password){ // login success $_SESSION['login'] = $r['User_ID']; $_SESSION['user'] = $r['User_Name']; header("Location: sys_home.php"); ob_end_flush(); }else{ // password error $error = 'Incorrect Password!'; } }else{ // username not found $error = 'Incorrect Username!'; } } // error handling if(isset($error)){ echo "<div class='errordiv'>{$error}</div>"; } } /* ++++++++++++++++ PHP END ++++++++++++++++++++++++++++ */ ?> <form action="index.php" method="post"> <table> <tr><td width="70px">Username:</td><td><input type="text" size="30" name="username" id="username"></td></tr> <tr><td>Password:</td><td><input type="password" size="30" name="password" id="password"></td></tr> <tr><td> </td><td><input class="btn" type="submit" name="submit" value="Login"></td></tr> </table> </form> <script type="text/javascript"> document.getElementById("username").focus(); </script> </div> </div> <?php include("inc/page_footer.php"); ?>
Comments
Post a Comment