A Login System for a PHP Email Application

We know from the previous article that the user ID is very important, in that it is used to retrieve various information from the database at various stages of the application. The login form sets this userID when you log in. It is the login system that will be the focus of this second part in a four-part series.

TABLE OF CONTENTS:

By: Leidago

Poor Best

Rating:

/ 27

November 01, 2006

print this article

SEARCH DEV SHED

TOOLS YOU CAN USE

For anyone to use the application, they have to be authenticated (be a registered user of the system) or be given an opportunity to become a member. This is what the login system primarily is for. Below is a screen shot of the login page.

The code: connecting and logging in

The login script presents a form in which the user must enter his/her username and password. It is then processed by the various code bits on the page and the appropriate action is taken. Let's go through the various scripts involved.

Connect.php. This script is included on any page that uses the database. It contains the information that connects the application to the database:

<?php
$dbname="mail";
$host="localhost";
$dbh=mysql_connect($host) or die ('I cannot connect to the
database because: ' . mysql_error());
mysql_select_db($dbname) or die('I cannot select the database
because: ' . mysql_error());
?>

At each stage of the connection attempt, the code makes provisions for errors. This is in case you try to connect to a non-existing database or to a non-existing host.

Login.php. This script presents a login form to the user. This form takes the username and password of the user. The form is presented in a table, as you can see from the code:

Form:

<form action="login.php" method="post">
            <table width="50%" border="0" align="center"
cellspacing="1" class="block">
      <tr>
        <td width="13%" colspan="2"><img src="images/login.png"
width="400" height="130" /></td>
                        </tr>
      <tr>
       <td width="87%" valign="bottom" colspan="2"><font color =
"#ff000" size = "5"><? if(isset($error)){
                        echo $error;
                        }elseif(isset($_GET['msg'])){
                        echo "You are now registered. Please
login below.";?>
                        </td>
      <? } ?>
        </tr>
      <tr class="table">
        <td> </td>
        <td>Login here: </td>
      </tr>
      <tr>
        <td>Username</td>
        <td><input name="uname" type="text" id="uname"
value="jacques" size="40" /></td>
      </tr>
      <tr>
        <td>Password</td>
        <td><input name="pw" type="password" id="pw" value="pass"
size="40" /></td>
      </tr>
      <tr>
        <td> </td>
        <td><input type="submit" name="submit"
value="Login" /></td>
      </tr>
    </table>
                        </form>

In addition to taking user input, the form also displays error messages from the actual login script:

if(isset($error)){
                        echo $error;
                        }elseif(isset($_GET['msg'])){
                        echo "You are now registered. Please
login below.";?>
}

The $error variable is set in the actual code that processes the username and password.

Next: The code: form verification >>