PHP Mysqli login form - Help
Posted: Sat Feb 15, 2014 9:37 am
Hi I am trying to build a login form for my website but the code is keep giving me error I have made them bold:
<?php
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST")
{
//connect to database
$con=mysqli_connect("localhost","root","","") or die();
//execute query
$query ="SELECT Username, Password from `useraccount` where Username= '$_POST[Username]'and Password='$_POST[Password]'";
$result= \mysqli_query($query);
while($row = mysqli_fetch_array($result))
{
if($_POST['Username']==$row['Username'] && $_POST['Password']==$row['Password'])
{
header("Location:account.php");
}
else
{
echo "You got credentials wrong";
}
}
}
?>
Also is it correct if I put the code below in the account.php?
<?php
session_start();
echo "Welcome ". $_SESSION['username'];
?>
<?php
session_destroy();
header("Location:login.php");
?>
<?php
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST")
{
//connect to database
$con=mysqli_connect("localhost","root","","") or die();
//execute query
$query ="SELECT Username, Password from `useraccount` where Username= '$_POST[Username]'and Password='$_POST[Password]'";
$result= \mysqli_query($query);
while($row = mysqli_fetch_array($result))
{
if($_POST['Username']==$row['Username'] && $_POST['Password']==$row['Password'])
{
header("Location:account.php");
}
else
{
echo "You got credentials wrong";
}
}
}
?>
Also is it correct if I put the code below in the account.php?
<?php
session_start();
echo "Welcome ". $_SESSION['username'];
?>
<?php
session_destroy();
header("Location:login.php");
?>