i have a table named loginuser
its field names are
1.usrid
2.fname
3.lname
4.usrname
5.pass
6.conf pass
My main_login .php code is as follows
CODE
<html>
<body>
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="check_login.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Login Name</td>
<td width="6">:</td>
<td width="294"><input name="loginname" type="text" id="loginname"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="password" type="password" id="password"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
</body>
</html>
my check_login.php looks like this
CODE
<?php
$host="localhost"; // Host name
$username=""; // Mysql username
$userpassword=""; // Mysql password
$db_name="test"; // Database name
$tbl_name="loginuser"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$userpassword")or die("Cannot connect to the Data Base");
mysql_select_db("$db_name")or die("Cannot select DB");
// username and password sent from form
$loginname=$_POST['loginname'];
$password=$_POST['password'];
$enpassword=md5($password);
// To protect MySQL injection
$loginname = stripslashes($loginname);
$password = stripslashes($password);
$loginname = mysql_real_escape_string($loginname);
$password = mysql_real_escape_string($password);
//echo "$loginname";
//echo "$password";
//$sql="SELECT * FROM $tbl_name WHERE usrname ='$username' and pass='$pass'";
//$result=mysql_query($sql)or die(mysql_error());
$sql="SELECT usrid FROM loginuser WHERE usrname = '$username' AND pass ='$enpassword';";
$result=mysql_query($sql)or die(mysql_error());
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
//while ($row = mysql_fetch_array($result)) {
//$count=mysql_num_rows($result);
// $username = $row["username"];
//echo "$username";
//}
//echo "$count";
// If result matched $loginname and $password, table row must be 1 row
if($count==1){
// Register $loginname, $password and redirect to file "login_success.php"
session_register("txtLoginName");
session_register("txtPassWord");
header("location:./menu.php");
}
else {
echo "Wrong Username or Password";
}
?>
in the menu.php i have to display different screens to admin and users how could i do it??
24 Jul, 2008 - 09:31 AM
| 