hi all

what is the best possible way i can create a members view page (profile page) I am doing ths assignment where i have to create two pages, one is a members view page and a members edit page.

the members view page page(profile page is like when u sign up with a website and when u login, your profile page is what you can see. ths members view page(profile page) is where also will display the user personal information which will be stored in the database.


the member edit page will display a populated xhtml form with the user information and to which they should be able to edit their information which will not be the same as re-entering data.

will this codes that I have is enough to give me the required results. This is just the beginning as i have now started it.


        $dbhost = "localhost"; 
        $dbname = "database"; 
        $dbuser = "username"; 
        $dbpass = "password";

        mysql_connect($dbhost, $dbuser, $dbpass) or die("MySQL Error: " . mysql_error());//this function connects the script to the db server
        mysql_select_db($dbname) or die("MySQL Error: " . mysql_error());//this function chooses which database to use with the script


        mysql_connect($db_host, $db_username, $db_password) or die("MySQL Error: " . mysql_error());
        mysql_select_db($dbname) or die("MySQL Error: " . mysql_error());

if(!empty($_SESSION['LoggedIn']) && !empty($_SESSION['Username']))

     <h1>Member Area</h1>

     <p'Welcome!!!!!! firstname lastname, you are now a member of theCaribbean Culinary Institue Network (CCIN), Your monthly newsletter will be emailed to."Thanks for logging in! You are <code><?=$_SESSION['Username']?></code> and your email address is <code><?=$_SESSION['EmailAddress']?></code>.</p>

elseif(!empty($_POST['username']) && !empty($_POST['password']))
    $username = mysql_real_escape_string($_POST['username']);
    $password = md5(mysql_real_escape_string($_POST['password']));

    $checklogin = mysql_query("SELECT * FROM users WHERE Username = '".$username."' AND Password = '".$password."'");

    if(mysql_num_rows($checklogin) == 1)
        $row = mysql_fetch_array($checklogin);
        $email = $row['EmailAddress'];

        $_SESSION['Username'] = $username;
        $_SESSION['EmailAddress'] = $email;
        $_SESSION['LoggedIn'] = 1;

        echo "<h1>Success</h1>";
        echo "<p>We are now redirecting you to the member area.</p>";
        echo "<meta http-equiv='refresh' content='=2;index.php' />";
        echo "<h1>Error</h1>";
        echo "<p>Sorry, your account could not be found. Please <a href=\"index.php\">click here to try again</a>.</p>";

   <h1>Member Login</h1>

   <p>Thanks for visiting! Please either login below, or <a href="register.php">click here to register</a>.</p>

    <form method="post" action="index.php" name="loginform" id="loginform">
        <label for="username">Username:</label><input type="text" name="username" id="username" /><br />
        <label for="password">Password:</label><input type="password" name="password" id="password" /><br />
        <input type="submit" name="login" id="login" value="Login" />

5 Months
Discussion Span
Last Post by rproffitt

sorry about that but beside the password thingy, is that the best way or is it not, having ah hard time figuring this thing out inno.


@divinity02. "Best" is achieved by stating what is best. The above fails one of the criteria of user login systems on a very basic item. Since you are asking for best but didn't detail what best is, I think you have changed your question from your first post to something else.

It's an assignment so for this round you are under the gun to get anything that works. My view is that if this is what is being taught today then you see the genesis of why we see so many data breaches today. Folk are being taught an incorrect system and unlearning is harding than learning.

Votes + Comments
First achieve sufficiency and then ask about “best”
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.