Login

The login process consists of storing the retrieved values in the session. The login query checks that the active cfield has a NULL value, which is the indication that the user has activated his/her account. 

<?php

// This is the login page
include ('start.php');
// site URL (base for all redirections)
define ('BASE_URL', 'http://voyager.deanza.edu/~hso/php/lecture/php23/');
$url = BASE_URL . 'index.php';

if (isset($_POST['submit'])) {
		process_form();
	}
	else {
		display_form();// display form for the first time
	}

function display_form() {
	echo <<<HTML
	<h2>Login</h2>
	<p>Your browser must allow cookies to login.</p>
	<form action = "$_SERVER[SCRIPT_NAME]" method="post">
	Email Address:
	<input type="text" name="email" size="40" maxlength="40" value="sohann@fhda.edu" />
	<br />
	Password:
	<input type="password" name="password" size="20" maxlength="20" value="hann123" />
	<br />
	<input type="submit" name="submit" value="Login" />
	</form>
HTML;
}

function process_form() {

	// trim all the incoming data
	$trimmed = array_map('trim', $_POST);
	// assume invalid values
	$e = $p = FALSE;

	// check for an email address
	if (!empty($trimmed['email'])) {
		$e = mysql_real_escape_string($trimmed['email']);
	}
	else {
		echo '<p>You forgot to enter your email address!</p>';
	}

	// check for a password
	if (!empty($trimmed['password'])) {
		$p = mysql_real_escape_string($trimmed['password']);
	}
	else {
		echo '<p>You forgot to enter your password!</p>';
	}

	if ($e && $p) {

		// connect to the database server
		include ('db_connect.php');

		echo "<p>Start logging in...</p>";

		//Use SHA1() function to encrypt the password
		$newp = SHA1('$p');
		// make sure the email address is available
		$query = "SELECT user_id , first_name, user_level FROM " . TABLE_NAME . " WHERE (email= " . "'$e' AND pass='$newp') AND active IS NULL";
		// run the query
		$r = mysql_query($query) or trigger_error("Query: $query<br />MySQL Error: " . mysql_error());
		// if data
		if (mysql_num_rows($r) == 1) {
			// found the user
			// store the values in the session and redirect
			// Using MYSQL_ASSOC, get associative indices
			// $_SESSION['user_id'],$_SESSION['first_name'],$_SESSION['user_level'],
			$_SESSION = mysql_fetch_array($r, MYSQL_ASSOC);
			// free all memory associated with the result
			mysql_free_result($r);
			// close the connection
			mysql_close($link);
			// delete the buffer
			ob_end_clean();
			// redirect
			header("Location: $url");
			// quit
			exit();
		}
		else {
			// not found
			echo "<p>Either the email and password entered do not match or you have not yet activated your account.</p>";
			display_form();
		}
	}
	else {
		// incorrect login
		echo "<p>Incorrect login. Please try again.</p>";
		display_form();

	}
}

?>

View the effect


Registration Example | Start | Header | Footer | Connect to a Database | Create a Table | Register | Activation | Login | Logout | Forgot Password | Change Password
© 2008: Hann So
email: hso@voyager.deanza.edu