Code: Select all
<!DOCTYPE html>
<html>
<title>Log In </title>
<div id="container" style="width:500px">
<div id="header" style="background-color:#C0C0C0;">
<h1> Log In </h1>
<form>
<b>UserName:</b> <input type="text" id="usn" name="username"> <br>
<b>Password:</b> <input type="password" id="pwd" name="pass"> <br>
<input TYPE="BUTTON" VALUE="Login"> <br>
<a href="http://localhost/test/complete_form/registration2.html" target="_blank">User Registration </a> <br> <a href="file:///C:/wamp/www/test/form2.html" target="_blank">Forgot Password </a> <br><a href="file:///C:/wamp/www/test/form4.html" target="_blank">Change Password </a>
</form>
<?php
session_start();
if(isset($_POST["Login"])) {
header("location: member2.php");
exit();
}
?>
<?php
if(isset($_POST['username']) && isset($_POST['pass']))
{
$USN = $_POST['username'];
$PWD = $_POST['pass'];
$myServer = "xxxxxx";
$myUser = "xx";
$myPass = "xxxx";
$myDB = "tab";
$conn = new COM ("ADODB.Connection")
or die("Cannot start ADO");
$connStr = "PROVIDER=SQL Server Native Client 11.0 ;SERVER=".$myServer.";UID=".$myUser.";PWD=".$myPass.";DATABASE=".$myDB;
$conn->open($connStr);
$query = "SELECT count(userID) FROM [tab].[dbo].[register1] WHERE username='" . $USN . "' AND pass ='" . $PWD . "'" ; // query the person
// ------- MAKE SURE PERSON EXISTS IN DATABASE ---------
$rs = $conn->execute($query);
$num_columns = $rs->Fields->Count();
for ($i=0; $i < $num_columns; $i++) {
$fld[$i] = $rs->Fields($i);
}
while (!$rs->EOF) //looping through the recordset, until end of file.
{
for ($i=0; $i < $num_columns; $i++)
{
if ($i == 0)
{
$existCount = "$fld[$i]" ;
}
}
$rs->MoveNext(); //move on to the next record
///close the connection and recordset objects freeing up resources
}
$rs->Close();
if ($existCount == 1)
{
$_SESSION['USN'] = $USN;
$_SESSION['PWD'] = $PWD;
//print $USN;
header("location: member2.php");
exit();
}
else
{
echo 'That information is incorrect, try again <a href="login2.html">Click Here</a>';
exit();
}
}
?>
</html>member2.php looks like this
Code: Select all
<?php
if(!isset($_SESSION["username"]))
{
header("Location: login2.php");
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Welcome </title>
</head>
<body>
<h2> This is your login page, welcome <?=$_SESSION['username'];?>!
<p> See your welcome page </p>
</body>
</html>