Hi. I'm a newbie to php and have created a login form that does not use an sql database. After inputing all the code I've tested it in IE and it doesn't work properly. If I leave the username and password blank but hit the submit button, it takes me to the page that is suppose to be restricted to those who put in the correct username and password. Even if I put in the wrong username and password, it takes me to the restricted page. I can't figure out if i've left out something or if I should just give up and go with using the sql database. Below is my code. Please help.
Thanks

<?php
?>
$username = "admin";
$password = "adminpass";
if(isset($_post['user'])&&isset($_post['password']))
{
if($username == $_post['user'] && $password == $_post['password'])
{
?>
<form name="form" action="membersonly-content.html" method="post">
<?php
}
else
{
die("your login information was incorrect");
}
}
else
?>
<h1>Login</h1>
<label for="txtusername">Username:</label>
<input type="text" title="enter your username" name="textusername"/> </p>
<label for="txtpassword">Password:</label>
<input type="password" title="enter your password" name="txtpassword"/> </p>
<input type="submit" name="submit" value="login"/></p>
</form>
<?php
}
else {
?>
</php>

accha tell me u have done the whole coding in one page only....in the same page u have post the form and there u r accessing the value .....
1) first make the login page with form and post , post it to some php page
2) in the php page then access the value of the textboxes(login name and password) from the php page and do the necessary query.

3) make the button as button type only not submit type and on clicking the button write one function in javascript which will check the field checking like empty or characters....there in the function use one FLAG which will prevent the page when there is some validation problem from submission......

reply me with all the details.

Thanks for the reply. I understand number 3 and will work on that, and i have already saved my login page as a php. Number 2 though is a little confusing. What are you talking about in number 2? How do you do a query if you are NOT using the sql database?

sorry, i have taken that point by mistake, since you are not using any database then you dont need toh follow the instruction in line 2. you can simply follow number 3.
but in case of login page why dont u use a database, because if you are not using any databases how the login name and password values are verified?

please give me the update regularly

thanks

This article has been dead for over six months. Start a new discussion instead.