Need help connecting my database to PHP

Question

I am trying to connect my database to my PHP code using this code:

<html>

    <head>
    <title>Landing page</title>
    <link rel="stylesheet" type="text/css" href="css.css">
    </head>
    <body>

    <?php

    // Check if username and password are correct
    if ($_POST["username"] == "logintest" && $_POST["password"] == "access123!") {

    // If correct, we set the session to YES
      session_start();
      $_SESSION["logged_in"] = "YES";
      echo "<h1>You are now logged in</h1>";
      echo "<p><a href='secure1.php'>Link to protected file</a></p>";
      echo "<p><a href='secure2.php'>Link to protected file #2</a></p>";

    }
    else {

    // If not correct, we set the session to NO
      session_start();
      $_SESSION["logged_in"] = "NO";
      echo "<h1>You are NOT logged in </h1>";
      echo "<p><a href='secure1.php'>Link to protected file</a></p>";
      echo "<p><a href='secure2.php'>Link to protected file #2</a></p>";

    }

    ?>
    <p><a href="public.html">Public Page</a></p>
    <p><a href="logout.html">Logout</a></p>
    </body>
    </html>

Instead of using the inline username and password, I would like to use the databases username and password from a specific table. I just cant get it to work for some reason, and I am finding it really hard. It would be great if anyone could help.

Answer 1

Note:

• You have to establish first a connection to your database. Replace the necessary data inside the connection
• I used mysqli_* prepared statement rather than deprecated mysql_*
• Replace your if ($_POST["username"] == "logintest" && $_POST["password"] == "access123!") { with if($checklog > 0 ){

/* ESTABLISH FIRST YOUR CONNECTION TO YOUR DATABASE */
$con = new mysqli("host", "User", "Password", "Database"); /* REPLACE NECESSARY DATA */

if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}

if($stmt = $con->prepare("SELECT Username, Password FROM user_login WHERE Username = ? AND Password = ?")){
  $stmt->bind_param("ss",$_POST["username"],$_POST["password"]);
  $stmt->execute();
  $stmt->store_result();
  $checklog = $stmt->num_rows;

    if($checklog > 0){
      /* HERE IS YOUR CODE WITH SUCCESSFUL LOGIN */
    }
    else {
      /* HERE IS YOUR CODE WITH UNSUCCESSFUL LOGIN */
    }

  $stmt->close();
}

Answer 2

There are several ways to connect to MySQL. However, just knowing how to connect isn't enough. You need to learn how to use it as well. Therefor I'm first giving you a couple of links to MySQLi and PDO:

PHP: MySQLi - Manual
PHP: PDO - Manual

Now to answer your question, here are some commonly used methods to connect to mysql:

MySQLi Object Oriëntated Style

<?php

$dbhost = ""; //Server Address
$dbname = ""; //Database Name
$dbuser = ""; //Database User
$dbpass = ""; //Database Password

$mysqli = new mysqli($dbhost, $dbuser, $dbpass, $dbname);
if ($mysqli->connect_errno){
    echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
}

?>

MySQLi Procedural Style

<?php

$dbhost = ""; //Server Address
$dbname = ""; //Database Name
$dbuser = ""; //Database User
$dbpass = ""; //Database Password

$mysqli = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname);
if (mysqli_connect_error()){
    echo "Failed to connect to MySQL: (" . mysqli_connect_error() . ")";
}

?>

PDO Object Oriëntated Style

<?php

$dbhost = ""; //Server Address
$dbname = ""; //Database Name
$dbuser = ""; //Database User
$dbpass = ""; //Database Password

$dsn = 'mysql:host=' . $dbhost . ';dbname=' . $dbname;
$options = array(
    PDO::ATTR_PERSISTENT    => true,
    PDO::ATTR_ERRMODE       => PDO::ERRMODE_EXCEPTION
);
try{
    $pdo = new PDO($dsn, $dbuser, $dbpass, $options);
}
catch(PDOException $e){
    echo $e->getMessage();
}

?>