Im pretty new to PHP and am stuck on how to use sessions to check a username and password against a database.
I have a PHP file call createuser.php which allows me to add users to a database with a username and password from a html textbox. I have another file called viewuser.php which lets me type in a username and password and see if that user/password exists in the database.
How could I add sessions to checkuser which only lets the user use that file if the username and login is correct and is in the database.
Belor if my checkuser.php file.
<?php
$username = $_POST['username'];
$password = $_POST['password'];
$db= new PDO('sqlite:test2.db');
$query = "SELECT * from login WHERE username = '$username' AND password = '$password' ";
$results = $db->Query($query)->fetchAll();
foreach ($results as $arow) {
print 'username: ' . $arow['username'] . ' password: ' . $arow['password'].'<br>';
}
$rowcount = count($results);
print "number of rows $rowcount <br>" ;
if ( $rowcount > 0 ){
print " details matched atleast once <br>";
}else{
print " details did not match <br>";
}
?>
<form action='' method=post>
Username <input type='text' name='username' /> <br>
Password <input type='text' name='password' /> <br>
<input type='submit' value='Submit' />
</form>
Here is how
....
$rowcount = mysql_num_rows($results);
if ( $rowcount > 0 )
{
session_start();
$_SESSION['user'] = $arow['username'];
print " details matched atleast once <br>";
}
else
{
print " details did not match <br>";
}
?>
...
And in every other page
<?php
session_start();
if(!isset($_SESSION['user']))
//redirect to login
else
//logged in
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.