Here's my Work so far:
Login.php
Code: Select all
<?php
include ("cn.php");
if (isset($_POST['submit'])) {
$username=$_POST['username'];
$password=$_POST['password'];
$select="select * from users where username='$username' and password='$password'";
$rs_cat=mysql_query($select);
$row=mysql_fetch_array($rs_cat);
$username=$row['username'];
$password=$row['password'];
if ($username==$row['username']) {
if ($password==$row['password']) {
$_SESSION['username']="$_POST[username]";
$_SESSION['password']="$_POST[password]";
header("location:Welcome.php?user=$_SESSION[username]&sessid=$sessid");
}
}
else {
header("location:Not_Logged.php");
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>LOGIN</title>
</head>
<body>
<table align="center">
<form name="login" action="" method="post">
<tr>
<td>
<th scope="col"><strong>LOGIN</strong></th>
</td>
</tr>
<tr>
<td>
USERNAME
<th scope="col"><input name="username" type="text" /></th>
</td>
</tr>
<tr>
<td>
PASSWORD
<th scope="col"><input name="password" type="password" /></th>
</td>
</tr>
<tr>
<td>
<th scope="col"><input name="submit" type="submit" value="LOGON" /></th>
</td>
</tr>
</form>
</table>
</body>
</html>
Code: Select all
<?php
include("cn.php");
//$username=$_GET['username'];
if (!@$_SESSION['username']){
header("location:Not_Logged.php"); }
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Welcomee</title>
</head>
<body>
Welcome <?php echo ("$_SESSION[username]");?>
<p><li><?php echo ("<a href='Logout.php?user=$_SESSION[username]&sessid=$sessid'>Logout</a>");?></li>
<li><?php echo ("<a href='update.php?user=$_SESSION[username]&sessid=$sessid'>Update</a>");?></li>
</body>
</html>
Code: Select all
<?php
include("cn.php");
//$username=$_GET['username'];
if (!@$_SESSION['username']){
header("location:Not_Logged.php");
}
$oldname = $_SESSION['username'];
$select="select * from users where username='$_SESSION[username]'";
$rs_cat=mysql_query($select);
$row=mysql_fetch_array($rs_cat);
$id=$row['id'];
$old_user_name = $row['username'];
$old_password = $row['password'];
if (isset($_POST['update'])) {
$update=$_GET['update'];}
else {$update=0;}
if ($update = "1") {
$username=$_POST['username'];
$password=$_POST['password'];
$update="UPDATE users SET username='$username', password='$password' where username = '$_SESSION[username]'";
$ur=mysql_query($update) or die (mysql_error());
}
//}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>UPDATE</title>
</head>
<body>
<?php //echo $_SESSION['username'];?>
<table align="center" >
<form name="login" action="" method="post"/>
<tr>
<td>
<th scope="col"><strong>UPDATE</strong></th>
</td>
</tr>
<tr>
<td>
USERNAME
<th scope="col"><input name="username" type="text" value="<?php echo ("$row[username]");?>"/></th>
</td>
</tr>
<tr>
<td>
PASSWORD
<th scope="col"><input name="password" type="password" value="<?php echo ("$row[password]");?>" /></th>
</td>
</tr>
<tr>
<td>
<th scope="col"><input name="update" type="submit" value="UPDATE" /></th>
</td>
</tr>
<tr>
<td>
<th scope="col"><input name="id" type="hidden" value="<?php echo $row[id];?>" /></th>
</td>
</form>
</table>
</body>
</html>
Code: Select all
<?php
include ("cn.php");
if (isset($_POST['submit'])) {
$username=$_POST['username'];
$password=$_POST['password'];
$select="select * from users where username='$username' and password='$password'";
$rs_cat=mysql_query($select);
$row=mysql_fetch_array($rs_cat);
$username=$row['username'];
$password=$row['password'];
if ($username==$row['username']) {
if ($password==$row['password']) {
$_SESSION[username]="$username";
$_SESSION[password]="$password";
header("location:Welcome.php?user=$_SESSION[username]&sessid=$sessid");
}
}
else {
header("location:Not_Logged.php");
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Not_Logged</title>
<style type="text/css">
<!--
body,td,th {
color: #F00;
}
-->
</style></head>
<body>
<table align="center">
<form name="login" action="" method="post">
<tr>
<td>
<th scope="col"><strong>INVALID LOGIN</strong></th>
</td>
</tr>
<tr>
<td>
USERNAME
<th scope="col"><input name="username" type="text" /></th>
</td>
</tr>
<tr>
<td>
PASSWORD
<th scope="col"><input name="password" type="password" /></th>
</td>
</tr>
<tr>
<td>
<th scope="col"><input name="submit" type="submit" value="LOGON" /></th>
</td>
</tr>
</form>
</table>
</body>
</html>
Code: Select all
<?php
session_start();
$sessid=md5(uniqid(rand()));
$host="localhost";
$user="root";
$password="";
$db="test";
$con=mysql_connect("$host","$user","","$db");
$select=mysql_select_db($db);
if (!@$con) {
echo ("Con Failed").mysql_error();
}
//else
//echo "Full Connection Established...Nice Work";
//else echo ("Connected and Db selected..Nice Work");
?>
-- phpMyAdmin SQL Dump
-- version 3.2.4
-- http://www.phpmyadmin.net
--
-- Host: localhost
-- Generation Time: Sep 10, 2010 at 04:51 PM
-- Server version: 5.1.41
-- PHP Version: 5.3.1
SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;
--
-- Database: `test`
--
-- --------------------------------------------------------
--
-- Table structure for table `users`
--
CREATE TABLE IF NOT EXISTS `users` (
`id` int(233) NOT NULL AUTO_INCREMENT,
`username` varchar(233) DEFAULT NULL,
`password` varchar(233) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;
--
-- Dumping data for table `users`
--
INSERT INTO `users` (`id`, `username`, `password`) VALUES
(1, '', '');
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
Please could some1 point out where I'm actually missing the point here?