Php login script help

Website Building
#1

hi…Everyone
These day i’m trying to create login page i’m using these code but not sucess because after entering username and password it is directed on my index page no doubt i’m entering correct username and password please help!!!
config.inc

<?php

$hostname = 'XXXXXX';        // Your MySQL hostname. Usualy named as 'localhost', so you're NOT necessary to change this even this script has already online on the internet.
$dbname   = 'xxxx'; // Your database name.
$username = 'rxxxx';             // Your database username.
$password = 'xxxx';                 // Your database password. If your database has no password, leave it empty.

// Let's connect to host
mysql_connect($hostname, $username, $password) or DIE('Connection to host is failed, perhaps the service is down!');
// Select the database
mysql_select_db($dbname) or DIE('Database name is not available!');

?>

indexpage.(index.php)

<?php

// Inialize session
session_start();

// Check, if user is already login, then jump to secured page
if (isset($_SESSION['username'])) {
header('Location: securedpage.php');
}

?>
<html>

<head>
<title>PHPMySimpleLogin 0.3</title>
</head>

<body>

<h3>User Login</h3>

<table border="0">
<form method="POST" action="loginproc.php">
<tr><td>Username</td><td>:</td><td><input type="text" name="username" size="20"></td></tr>
<tr><td>Password</td><td>:</td><td><input type="password" name="password" size="20"></td></tr>
<tr><td>&nbsp;</td><td>&nbsp;</td><td><input type="submit" value="Login"></td></tr>
</form>
</table>

</body>

</html>

loginproc.php

<?php

// Inialize session
session_start();

// Include database connection settings
include('config.inc');

// Retrieve username and password from database according to user's input
$login = mysql_query("SELECT * FROM user WHERE (username = '" . mysql_real_escape_string($_POST['username']) . "') and (password = '" . mysql_real_escape_string(md5($_POST['password'])) . "')");

// Check username and password match
if (mysql_num_rows($login) == 1) {
// Set username session variable
$_SESSION['username'] = $_POST['username'];
// Jump to secured page
header('Location: securedpage.php');
}
else {
// Jump to login page
header('Location: index.php');
}

?>

logout.php

<?php

// Inialize session
session_start();

// Delete certain session
unset($_SESSION['username']);
// Delete all session variables
// session_destroy();

// Jump to login page
header('Location: index.php');

?>

securedpage.php

<?php

// Inialize session
session_start();

// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['username'])) {
header('Location: index.php');
}

?>
<html>

<head>
<title>Secured Page</title>
</head>

<body>

<p>This is secured page with session: <b><?php echo $_SESSION['username']; ?></b>
<br>You can put your restricted information here.</p>
<p><a href="logout.php">Logout</a></p>

</body>

</html>
#2

I am very very new about PHP so i cant help you this time but i am also interested to know how to creat a website. So which site is best to learn it. car donation I am really love to learn it and i alread got admited in a office and they are offering me a good course about PHP.

#3

Google For it

[3 minutes later]

Shitt!!! No one here to help me…

#4

I had the same issue with a login script that worked on my local machine, but not when uploaded. This was because my local machine was not configured the same as 000webhsot, so I added the following lines into the “.htaccess” file in my website’s root directory, and issue was resolved.

php_flag session.use_trans_sid off
php_flag session.use_cookies on
php_flag session.use_only_cookies on
php_flag session.auto_start on
php_flag session.cookie_lifetime off
php_flag session.cookie_path /
php_flag session.cache_limiter nocache
php_flag session.cache_expire 180

I used the only use cookies option so that google does not get an ugly PHPSESSID=8324jk3kj4khjh2jk34h234k at the end of my pages and gives my webiste low ranking.

Depending on your local server’s configuration you will want to duplicate it in the .htaccess file. Feel free to modify the suggestion above, add or remove as need be. Hope it helps.

Regards,
Juan Thomas Alvarez

#5

Please try the following code:


<?php 
// Inialize session 
session_start(); 

// Include database connection settings 
include('config.inc'); 

$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$password = md5($password);

// Retrieve username and password from database according to user's input 
$login = mysql_query("SELECT * FROM user WHERE username = '$username' and password = '$password'");

// Check username and password match 
if (mysql_num_rows($login) == 1) { 
// Set username session variable 
$_SESSION['username'] = $_POST['username']; 
// Jump to secured page 
header('Location: securedpage.php'); 
} 
else { 
// Jump to login page 
header('Location: index.php'); 
} 
?>