Please Help Me With This Sign In Code

<?php
// Login Routine and Logout Routine
//
// VARS:
// $user
// $password
// zcommon.php for std set of vars and message text

// Include common variables and message text
// include 'zcommon.php';
// Normally these would come from an include file. Since this is
// an example, we'll just put them here:
// db login parameters
$dbhost = "YOURHOSTHERE";
$dbuser = "YOURUSERHERE";
$dbpassword = "YOURPASSHERE";
$db = "YOURDBHERE";
$sysadminemail = "sjohnson@fuzzygroup.com";

switch ($action) {
case login:
process_login();
die();
case logout:
//null out cookies at start of login routine
// note on using cookies.
// MUST BE SET before ANY http output.
// They TRAVEL in the http HEADER so have to go first.
setcookie ("ck_username", "");
setcookie("ck_password", "");
setcookie("ck_user_id", "");
die();
}

function process_login() {
global $dbhost;
global $dbuser;
global $dbpassword;
global $db;

// define homepage and text variables
global $homepage;
global $homedir;
global $sysadminemail;
global $userstable;

//form vars
global $username;
global $password;

// Connecting, selecting database
$link = mysql_connect("$dbhost", "$dbuser", "$dbpassword")
or die("Could not connect");

mysql_select_db("$db")
or die("Could not select database");

//Check that the user exists in the db and if not, create an
// error page
$query = "SELECT user_id FROM imsaver_users WHERE "
. "username='$username'";
$result = mysql_query($query)
or die("Query failed at userid retrieval stage.");

//Logic concept: if the user_id doesn't exist, an empty string
// or "" will be returned with the $user_id call below.
// We can test this to see if the user has entered the username
// correctly
$num_rows = mysql_num_rows($result);
$row = mysql_fetch_array($result);
$user_id = $row[0];

//very important for user friendliness -- tell them
// what the login error was -- incorrect
// username or incorrect password
// first test -- did the username exist
if ($user_id == "") {
print "<HTML>";
print "<HEAD>";
print "<TITLE>";
print "Incorrect username";
print "</TITLE>";
print "<BODY>";
print "<CENTER>";
print "<B><CENTER>We're sorry but the username that you";
print "entered doesn't seem to exist in our database.<BR>";
print "Perhaps you entered it in error. Press the back button ";
print "to try again.";
}
else {
//this means that there was 1 result from the query so that
// username exists in the database

//now have to verify password. Basically same code.

$query = "SELECT password "
. " FROM imsaver_users "
. " WHERE username='$username'";

$result = mysql_query($query)
or die("Query failed at userid retrieval stage.");

//Encrypt the password the user entered since our
// database stores it in encrypted fashion and we need to
// compare it this way
$encryptedpassword = md5($password);

$row = mysql_fetch_array($result);

//grab the password from the row array, 0th element
// since only 1 column selected
// have to use a variable $passwordfromdb so we don't
// overwrite our $password variable from the form var
$passwordfromdb = $row[0];

if ($encryptedpassword == $passwordfromdb) {
//set our cookies for our future security checks
setcookie ("ck_username", $username);
setcookie("ck_password", $password);
setcookie("ck_user_id", $user_id);

// Create our results page showing them they are logged in
print "<HTML>";
print "<HEAD>";
print "<TITLE>";
print "You're Logged In!";
print "</TITLE>";
print "<BODY>";
print "You're Logged In";
//This needs to have a link added of course
//If you wanted to automatically take them to the main screen
// then use the header function to redirect them
print "Click Here to Continue";
print "</BODY>";
print "</HTML>";

//close the database
// Closing connection
mysql_close($link);
}
else {
//passwords didn't match so make an error page
print "<HTML>";
print "<HEAD>";
print "<TITLE>";
print "Incorrect password";
print "</TITLE>";
print "<BODY>";
print "<CENTER>";
print "<B><CENTER>We're sorry but the password that you entered";
print "doesn't match with the one in our database.<BR>";
print "Press the back button to try again.";
print "</CENTER>";
print "</BODY>";
print "</HTML>";

// Closing connection
mysql_close($link);
}
}
}

?>

PLEASE HELP ME WITH THIS CODE. each time i try to use it, firstly, it doesn't mask the user name and id, and secondly, it gives me a blank page. this is the form i'm suppose to use with it.


<form name=registration action="logme.php" method="get">
Username:
<input name="username" type="text" width="10"><BR>
Password:
<input name="password" type="password" width="10"><BR>
<INPUT TYPE=SUBMIT VALUE="Log In">
</form>

this is the sign up code. some things like 'user id' and stuff doesn't seem to match at all.


<?
// User Sign Up PHP Script
//
// This script validates information, saves it to the database
// displays it to them
// and sends it to them via email
//
// vars:
// $signupusername
// $signuppassword
// $signuppasswordverify
// $signupemailaddress
//
// Note have to use signup* vars initially to make it
// clear to ourselves that
// we're dealing with signupotherwise

// Include common variables and message text
// include 'zcommon.php';
// Normally these would come from an include file. Since this is
// an example, we'll just put them here:
// db login parameters

$dbhost = "YOURHOSTHERE";
$dbuser = "YOURUSERHERE";
$dbpassword = "YOURPASSHERE";
$db = "YOURDBHERE";
$sysadminemail = "sjohnson@fuzzygroup.com";


// null out cookies if new user
// null out cookies at start of sign in routine
// all cookies begin with "ck_" to indicate that they are a cookie
// helps troubleshoot mysterious cookie errors
// note on using cookies.
// MUST BE SET before ANY http output.
// They TRAVEL in the http HEADER so have to go first.
setcookie ("ck_user", "");
setcookie ("ck_password", "");
setcookie ("ck_user_id", "");

// 0th check that passwords match
if($signuppassword!=$signuppasswordverify) {
create_error_page_passwordsnotmatch();
}
else {
// their passwords match so enter next validation stage
// first test that their username isn't already in use

// Connecting, selecting database
$link = mysql_connect("$dbhost", "$dbuser", "$dbpassword")
or die("Could not connect");
// select the database
mysql_select_db("$db")
or die("Could not select database");
// try and select the username that the user entered to see if
// it is already in the db
$query = "SELECT username "
. " FROM users "
. " WHERE username='$signupusername'";

$result = mysql_query($query)
or die("Query failed at username unique testing stage.");

// logic -- if the num_rows is 1 then the username is already
// in use and they have to choose another
$num_rows = mysql_num_rows($result);
// don't need to get it -- its the same as what we already have

// num_rows can't ever be >= to 1 since unique constraint
// on the column of data
if ($num_rows == 1) {
create_error_page_usernameinuse();
}
else {
// NOTE -- Depending on how you want to define
// a valid password (5 chars, 6 chars
// plus a number, etc), that would go here

//Capture the ipaddress and call MD5
$ipaddress = getenv ("REMOTE_ADDR");
$encryptedpassword = md5($signuppassword);

//try and add them to the database
$query = "INSERT INTO users "
. " ( username, password, date, ipaddress ) "
. " VALUES ('$signupusername','$encryptedpassword', "
. " NOW(), '$ipaddress')";

//execute the query
$result = mysql_query($query)
or die("Query failed at user insertion stage.");

//now query the db back for the user_id variable
$query = "SELECT user_id "
. " FROM users "
. " WHERE username='$signupusername'";

// get the result
$result = mysql_query($query)
or die("Query failed at userid retrieval stage.");

//get the user_id from the result
$num_rows = mysql_num_rows($result);
$row = mysql_fetch_array($result);
$user_id = $row[0];

// send the cookies now. MUST BE FIRST THING OUTPUT
setcookie ("ck_username", "$signupusername");
setcookie ("ck_password", "$signuppassword");
setcookie ("ck_user_id", "$user_id");

//Define the $title variable for the page title
$title = "Thanks for Signing Up!";

//Set up the page header
PrintPageHeader("$title");

//Print out the body of the page
// Note that some basic html formatting is used
// here to make it look better

print "<TABLE WIDTH=728 BGCOLOR=WHITE><TR><TD>";
print "<H1>Thank You...</H1>";
print "<HR>";
print "<CENTER>Thanks for playing! ";
print "Seriously, we appreciate your signing";
print "up.</CENTER><BR><BR>";
print "Here is the information that you entered:";
print "<UL>";
print "<LI>Username: $signupusername</LI>";
print "<LI>Password: $signuppassword</LI>";
print "<LI>Email Address: $emailaddress</LI>";
print "</UL>";
print "<BR>We have also emailed this to the email ";
print "address you gave us.<BR>";
print "</TD>";
print "</TR>";
print "<TABLE>";

//Usually you want to add a link to your
// application's home page here.
// Left as an exercise for the reader.

//handle sending out the email if we got an email address!
if ($emailaddress != "") {
// compose the email
$to = $emailaddress;
$subject = "Your IMSaver Account";
$message = "Hi there, "
. "Your account has been created and is ready for use."
. ""
. ""
. "Your username is: $signupusername"
. "Your password is: $signuppassword"
. ""
. "Thanks for signing up for YOURNAMEHERE."
. "http://YOURURLHERE/"
. ""
. "YOURNAMEHERE";
// send the email
mail($to, $subject, $message, "From: YOU@YOU.COM", "YOU@YOU.COM");
}

//Set up the footer of the page
PrintPageFooter("");
}
}

// start of functions

function PrintPageHeader ($title) {
print "<HTML>";
print "<HEAD>";
print "<TITLE>";
print "$title";
print "</TITLE>";
print "</HEAD>";
print "<BODY>";
}

function PrintPageFooter ($title) {
print "</BODY>";
print "</HTML>";
}


function create_error_page_passwordsnotmatch() {
//Define the $title variable for the page title
$title = "We're Sorry But You're Passwords Don't Match!";

//Set up the page header
PrintPageHeader("$title");

print "<TABLE WIDTH=728 BGCOLOR=WHITE><TR><TD>";
print "<H1>We're Sorry...</H1>";
print "<HR>";
print "<BR>";
print "We're sorry but You didn't enter matching passwords. ";
print "&nbsp;Please make sure that you enter your password ";
print "in the Password field and the Verify Password fields ";
print "and that both are the same.<BR><BR>";
print "Please press the back button and make sure that the ";
print "passwords match.";

// close container table
print "</TD></TR></TABLE>";

//Set up the footer of the page
PrintPageFooter("");
}


function create_error_page_usernameinuse() {
//Define the $title variable for the page title
$title = "We're Sorry But that Username is Already in Use...";

//Set up the page header
PrintPageHeader("$title");

print "<TABLE WIDTH=728 BGCOLOR=WHITE><TR><TD>";

print "<H1>We're Sorry...</H1>";
print "<HR>";
print "<BR>You entered a Username that another person is using";
print "<BR>Press Back to try again.";
// close container table
print "</TD></TR></TABLE>";

//Set up the footer of the page
PrintPageFooter("");
}

?>

this is the table


create table users (
user_id INT NOT NULL PRIMARY KEY AUTO_INCREMENT,
username CHAR(30) NOT NULL UNIQUE,
password CHAR(40) NOT NULL,
email char(75),
hintquestion CHAR(50),
hintanswer CHAR(50),
date DATETIME

is that a script from a tutorial site? if so, where?

http://www.phpbeginner.com/columns/scott/authentication/1


i got the sign up to work. seems it was missing a field, but i need a code that checks to make sure that all pages that are 'member' pages, have been logged in.