0

I have been trying to find a simple name and password tutorial that works and is easy to follow. Not having much luck.
The name and password will be in a text file or mysql database which the user will be given, i do not need forgot password or email address etc. ( I can add later if need be)
I want members to log-in which will then give them a form to fill in and send. (About 5 members so not a lot)
PHP5 and MySql 5 and apache installed and hopefully working correctly this end.
I have managed to make a form and use php to extract and send the form data to an e-mail address with a thank-you going to the actual persons e-mail address on the form they filled in so I am hoping this will be quite easy to do.
Take it slowly with me as still green at coding all this.

3
Contributors
2
Replies
3
Views
9 Years
Discussion Span
Last Post by PomonaGrange
0

Hopefully this should get you started. I've commented the code to make understanding easier, let me know if you've any questions; I'm here to help!

<?php
session_start();

if (isset($_POST['submit'])) {
  // Connect to the database or die.
  $connection = mysql_connect("DB-ADDRESS", "USERNAME", "PASSWORD");
  if (!$connection) { die("The Database connection failed. " . "<br />" . mysql_error()); }
  
  // Select the table within the database or die.
  $database_select = mysql_select_db("TABLENAME", $connection);
  if (!$database_select) { die("The Database selection failed. " . "<br />" . mysql_error()); }

  // Get the POST variables.
  $myusername = $_POST['myusername'];
  $mypassword = $_POST['mypassword'];

  // To protect MySQL injection, we stripslashes and use mysql_real_escape_string.
  $myusername = stripslashes($myusername);
  $mypassword = stripslashes($mypassword);
  $myusername = mysql_real_escape_string($myusername);
  $mypassword = mysql_real_escape_string($mypassword);

  // Run a query to bring back the users' record from the database.
  $result = mysql_query("SELECT * FROM TABLENAME WHERE username = '$myusername' AND password = '$mypassword' LIMIT 1", $connection);

  // If the query is not set meaning it failed, then die.
  if (!$result) { die("The Database query failed. " . "<br />" . mysql_error()); }

  // If it successfully returned one row...
  if (mysql_num_rows($result) == 1) {
    // Bind the returned results to an array.
    $row = mysql_fetch_array($result);

    // Register $_SESSION variables and redirect to "success.php".
	$_SESSION["myusername"] = $myusername;
	$_SESSION["firstname"] = $firstname;

    // Redirect the person to the new page.
    header("location:success.php");
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>PHP: Login</title>
</head>

<body>
<form name="loginForm" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
  <label for="myusername">Username</label> <br />
  <input name="myusername" id="myusername" type="text" /> <br /> <br />
  <label for="mypassword">Password</label> <br />
  <input name="mypassword" id="mypassword" type="text" /> <br /> <br />
  <input name="submit" id="submit" type="submit" value="Login" />
</form>
</body>
</html>
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.