Home/ Questions/Q 8057753
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-05T09:08:15+00:00

I’ve created a login-form. How can I make so that when a user logs

  • 0

I’ve created a login-form. How can I make so that when a user logs in he/she redirects to a page where it displays his/her name? I’ve walked through many tutorials on how to do this, but nothing was pretty good…

main_login.php:

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>

login_success.php:

<?php
session_start();
if(!session_is_registered(myusername)){
header("location:http://main_login.php");
}
?>

<html>
<body>
Login Successful
</body>
</html>

checklogin.php:

<?php

$host="host"; // Host name 
$username="username"; // Mysql username 
$password="password"; // Mysql password 
$db_name="database"; // Database name 
$tbl_name="table"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    This example should help you a bit, but I recommend using mysqli and its a really bad idea to store your passwords in plain text. You should consider looking up mysqli, hashing passwords, and start familiarizing yourself with php 5.4 since many of the functions used here HAVE changed and are no longer supported.

    checklogin.php

    <?php

$host="host"; // Host name 
$username="username"; // Mysql username 
$password="password"; // Mysql password 
$db_name="database"; // Database name 
$tbl_name="table"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// Remove Magic Quotes
if (get_magic_quotes_gpc()){
  $myusername = stripslashes($myusername);
  $mypassword = stripslashes($mypassword);
}
$sql = sprintf(
  "SELECT * FROM $tbl_name WHERE username='%s' and password='%s' LIMIT 1;",
  mysql_real_escape_string($myusername),
  mysql_real_escape_string($mypassword)
);
$result = mysql_query($sql);

// MySQL count
$count = mysql_num_rows($result);

if ($count){
  $_SESSION['username'] = $myusername; // $_SESSION['loggedin'] = true or false would work too
  $_SESSION['mypassword'] = $mypassword; // Why store the password in session data?
  header("Location: login_success.php");
}else{
  header("Location: main_login.php?msg=Login_Failed");
}
?>

    login_success.php

    <?php
session_start();
if (!isset($_SESSION['username']) || empty($_SESSION['username']){
  header("Location: mail_login.php");
}

?>
<html>
<body>
Welcome <?php echo $_SESSION['username']; ?>
Login Successful
</body>
</html>

    main_login.php

    <?php
if (isset($_GET['msg']) && !empty($_GET['msg']) echo $_GET['msg'];
?>
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>

    Use at your own risk. 🙂

    • 0