CodingForums.com - View Single Post

Redcoder · 01-07-2013, 12:52 PM

Have a session_start() at the top of the login page too - and in general every page where you'll ever need to get, manipulate or destroy session variables - and asign $username to $)SESSION['myusername'].

PHP Code:


			
<?php

session_start();

$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="realestate"; // Database name
$tbl_name="registration"; // Table name

// Connect to server and select databse.
$db=mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name", $db)or die("cannot select DB");

// username and password sent from form
global $myusername;
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql= ("SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'");
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"
$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword'] = $mypassword;
header("location:../login/adproperties success.php");
}
else {
header("refresh: 1; URL=../login/adproperties fail.php");
}

?>

01-07-2013, 12:52 PM	PM User \| #2
Redcoder Regular Coder Join Date: May 2012 Location: /dev/couch Posts: 309 Thanks: 2 Thanked 46 Times in 45 Posts	Have a session_start() at the top of the login page too - and in general every page where you'll ever need to get, manipulate or destroy session variables - and asign $username to $)SESSION['myusername']. PHP Code: <?php session_start(); $host="localhost"; // Host name $username="root"; // Mysql username $password=""; // Mysql password $db_name="realestate"; // Database name $tbl_name="registration"; // Table name // Connect to server and select databse. $db=mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name", $db)or die("cannot select DB"); // username and password sent from form global $myusername; $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql= ("SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"); $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" $_SESSION['myusername'] = $myusername; $_SESSION['mypassword'] = $mypassword; header("location:../login/adproperties success.php"); } else { header("refresh: 1; URL=../login/adproperties fail.php"); } ?> __________________ For professional Hosting and Web design..... NetEssentials.co.uk