rnlogin.php

With users now able to sign up to the site, Example 20-8, rnlogin.php, provides the code needed to let them log in. Like the sign-up page, it features a simple HTML form and some basic error checking, as well as using sanitizeString before querying the MySQL database.

The main thing to note here is that, upon successful verification of the username and password, the session variables 'user' and 'pass' are given the username and password values. As long as the current session remains active these variables will be accessible by all the programs in the project, allowing them to automatically provide access to logged-in users.

You may be interested in the use of the die function upon successfully logging in. This is used because it combines an echo and an exit command in one, thus saving a line of code.

When you call this program up in your browser, it should look like Figure 20-3. Note how the <input...> type of password has been used here to mask the password with asterisks to prevent it from being viewed by anyone looking over the user’s shoulder.

The login page
Figure 20-3. The login page
Example 20-8. rnlogin.php
<?php // rnlogin.php include_once 'rnheader.php'; echo "<h3>Member Log in</h3>"; $error = $user = $pass = ""; if (isset($_POST['user'])) { $user = sanitizeString($_POST['user']); $pass = sanitizeString($_POST['pass']); if ($user == "" || $pass == "") { $error = "Not all fields were ...

Get Learning PHP, MySQL, and JavaScript now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.