Login Example with validation
you can use minimum validation shown validation is more then enough
<?php
$usernameError="";
$passwordError="";
$loginError="";
if(isset($_POST['login'])){
$username=$_POST['username'];
$password=$_POST['password'];
if(empty($username)){
$username="Username is required";
}else if(empty($password)){
$username="password is required";
}
else{
$username=filter_input($username);
$password=filter_input($password);
$con=mysql_connect("localhost","root","");
if(!$con){
echo "Unable To connect Database. ";
die();
}
mysql_select_db("dbname");
$result=mysql_query("select * from users where username='{$username}'");
if(mysql_num_rows($result)==0){
$loginError="User do not exist.";
}else{
$row=mysql_fetch_array($result);
if($row['password'] == md5($password)){
$_SESSION['userLogged']=TRUE;
$_SESSION['loggedUsername']=$row['username'];
header("Location: homepage.php");
exit();
}
else{
$loginError="You have Entered Wrong password";
}
}
}
}
function filter_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<html>
<head><title>Login </title></head>
<body>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="POST">
Username:<input type="text" name="username">
<span style="color:red"><?php echo $usernameError;?></span>
<br>
Password: <input type="password" name="password">
<span style="color:red"><?php echo $passwordError;?></span>
<br>
<input type="submit" name="login" value="submit">
<br>
<span style="color:red"><?php echo $loginError;?></span>
</form>
</body>
</html>
<?php
$usernameError="";
$passwordError="";
$loginError="";
if(isset($_POST['login'])){
$username=$_POST['username'];
$password=$_POST['password'];
if(empty($username)){
$username="Username is required";
}else if(empty($password)){
$username="password is required";
}
else{
$username=filter_input($username);
$password=filter_input($password);
$con=mysql_connect("localhost","root","");
if(!$con){
echo "Unable To connect Database. ";
die();
}
mysql_select_db("dbname");
$result=mysql_query("select * from users where username='{$username}'");
if(mysql_num_rows($result)==0){
$loginError="User do not exist.";
}else{
$row=mysql_fetch_array($result);
if($row['password'] == md5($password)){
$_SESSION['userLogged']=TRUE;
$_SESSION['loggedUsername']=$row['username'];
header("Location: homepage.php");
exit();
}
else{
$loginError="You have Entered Wrong password";
}
}
}
}
function filter_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<html>
<head><title>Login </title></head>
<body>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="POST">
Username:<input type="text" name="username">
<span style="color:red"><?php echo $usernameError;?></span>
<br>
Password: <input type="password" name="password">
<span style="color:red"><?php echo $passwordError;?></span>
<br>
<input type="submit" name="login" value="submit">
<br>
<span style="color:red"><?php echo $loginError;?></span>
</form>
</body>
</html>
Comments
Post a Comment