O'Reilly logo

Learning PHP, MySQL, and JavaScript by Robin Nixon

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

rnlogin.php

With users now able to sign up to the site, Example 20-8, rnlogin.php, provides the code needed to let them log in. Like the sign-up page, it features a simple HTML form and some basic error checking, as well as using sanitizeString before querying the MySQL database.

The main thing to note here is that, upon successful verification of the username and password, the session variables 'user' and 'pass' are given the username and password values. As long as the current session remains active these variables will be accessible by all the programs in the project, allowing them to automatically provide access to logged-in users.

You may be interested in the use of the die function upon successfully logging in. This is used because it combines an echo and an exit command in one, thus saving a line of code.

When you call this program up in your browser, it should look like Figure 20-3. Note how the <input...> type of password has been used here to mask the password with asterisks to prevent it from being viewed by anyone looking over the user’s shoulder.

The login page
Figure 20-3. The login page
Example 20-8. rnlogin.php
<?php // rnlogin.php include_once 'rnheader.php'; echo "<h3>Member Log in</h3>"; $error = $user = $pass = ""; if (isset($_POST['user'])) { $user = sanitizeString($_POST['user']); $pass = sanitizeString($_POST['pass']); if ($user == "" || $pass == "") { $error = "Not all fields were ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required