|
|||
|
|
|||
|
|
Making a login form using PHPThis is in continuation of the tutorial on making a membership based web site. Please see the previous page PHP registration form for more details.
In order to identify a user as authorized, we are going to check the database for his combination of username/password, and if a correct combination was entered, we set a session variable. Then, on top of pages we want to protect, we check for the variable. If user is authorized, we show him the protected content, otherwise we direct him to the login form.
if ($_SESSION['authorized'] != true) {
Now create a simple login form (in a file called login_form.php), and let's make it post to login.php file.
<form method="POST" action="login.php">
In the login.php file, include the database connection string again. Now that we connected to the database, let's check if the user entered correct data. Again, we have our data available in the $_POST array.
$select_user = mysql_query('select * from users where username = "' . $_POST['username'] . '" and password = "' . md5($_POST['password'] . '"'));
What we do is run a query on the database and select a row with the correct username and password, if it exists. Please notice that we must compare the value for the password from the database with the MD5 encrypted value of the password entered by the user. If the query returns a result, we set the "authorized" session variable, and then redirect to the protected content {in our example protected_content.php). If there are no rows with the entered data, we just redirect the user to the login form again.
Related pages
|
| Copyright © 2008 html-form-guide.com . All rights reserved. | ||||