hi, does anyone know a secure way to login to another page with username and password. i found numerous on google but i don't know which one is good. if anyone has any good source codes please help.

What do you mean another page?

It would help if you learned some PHP yourself so you could tell which ones are "good" or not. Most of them use a basic structure of storing login info in session variables, but more advanced ones will use database features to log user activity and/or provide protection against session fixation, etc.

hi..... dont worry ..... i give some codings with form. if you worked with that codings you got some idea....

<?
//include "include/session.php";

$dbservertype='mysql';
$servername='';

$dbusername='';
$dbpassword='';

$dbname='';

$link=mysql_connect ("$servername","$dbusername","");
if(!$link){die("Could not connect to MySQL");}
mysql_select_db("$dbname",$link) or die ("could not open db".mysql_error());

$userid=$_REQUEST['username'];

$password=$_REQUEST['password'];

if($rec=mysql_fetch_array(mysql_query("SELECT * FROM table WHERE username='$userid' AND password = '$password'"))){

if(($rec['username']==$userid)&&($rec['password']==$password)){

include "include/newsession.php";
print "";
}
}

?>

username


password

This is a very minimal login script, but it should work.
This:

if(($rec['username']==$userid)&&($rec['password']==$password)){

is a strange way of checking a result; if there is a result, of course username is going to be equal to $userid.
Better done by (in my opinion):

if($rec && mysql_num_rows($rec) == 1){

Set session variables on login, and then on "members only" pages, check to see if the variable exists. If not, deny access.

In short:

<?php

if(empty($_SESSION['username'])) {
	echo "Please login.";
	}
	else {
		echo "You are logged in as: " . $_SESSION['username'];
		//members only content...
		//members only content...
	}
?>

wrote this really quick for yah hope this helps. hope i didnt make any errors

<?php
session_start();
function make_safe($string){
return mysql_real_escape_string(trim($string));
}

//check to see if they pressed the button
if(isset($_POST['submit'])){

//get input data
$username = make_safe($_POST['username']);
$password = make_safe($_POST['password']);

//check to see if the fields are filled in
if(!empty($username) && !empty($password)){

//look for a match in the database 
$search = mysql_query("SELECT * FROM table_name WHERE 
username='$username' AND password = '$password'");

//the number of matches is = $found
$found = mysql_num_rows($search);

//comparing the matches and taking the correct action
if($found > 1){

echo "we have more than one member with that name";

}elseif($found == 1){

//$result is only one so it logs the person in with those credentials

$row = mysql_fetch_array($search);

$_SESSION['user'] = $row['user'];

echo "Logged in";

}elseif($found < 1){

echo "Nobody with these credentials exists";

}else{

echo "please fill in the blanks";

}

}

?>

This is a very minimal login script, but it should work. This:

if(($rec['username']==$userid)&&($rec['password']==$password)){

is a strange way of checking a result; if there is a result, of course username is going to be equal to $userid. Better done by (in my opinion):

if($rec && mysql_num_rows($rec) == 1){

For small and CAPITAL letters in PassWord we need to check Password. No need to check username though. username is not case sensitive, but Password is. Thanks.