A Login System for a PHP Email Application

For anyone to use the application, they have to be authenticated (be a registered user of the system) or be given an opportunity to become a member. This is what the login system primarily is for. Below is a screen shot of the login page.

The code: connecting and logging in

The login script presents a form in which the user must enter his/her username and password. It is then processed by the various code bits on the page and the appropriate action is taken. Let's go through the various scripts involved.

Connect.php. This script is included on any page that uses the database. It contains the information that connects the application to the database:

<?php
$dbname="mail";
$host="localhost";
$dbh=mysql_connect($host) or die ('I cannot connect to the
database because: ' . mysql_error());
mysql_select_db($dbname) or die('I cannot select the database
because: ' . mysql_error());
?>

At each stage of the connection attempt, the code makes provisions for errors. This is in case you try to connect to a non-existing database or to a non-existing host.

Login.php. This script presents a login form to the user. This form takes the username and password of the user. The form is presented in a table, as you can see from the code:

Form:

<form action="login.php" method="post">
            <table width="50%" border="0" align="center"
cellspacing="1" class="block">
      <tr>
        <td width="13%" colspan="2"><img src="images/login.png"
width="400" height="130" /></td>
                        </tr>
      <tr>
       <td width="87%" valign="bottom" colspan="2"><font color =
"#ff000" size = "5"><? if(isset($error)){
                        echo $error;
                        }elseif(isset($_GET['msg'])){
                        echo "You are now registered. Please
login below.";?>
                        </td>
      <? } ?>
        </tr>
      <tr class="table">
        <td>&nbsp;</td>
        <td>Login here: </td>
      </tr>
      <tr>
        <td>Username</td>
        <td><input name="uname" type="text" id="uname"
value="jacques" size="40" /></td>
      </tr>
      <tr>
        <td>Password</td>
        <td><input name="pw" type="password" id="pw" value="pass"
size="40" /></td>
      </tr>
      <tr>
        <td>&nbsp;</td>
        <td><input type="submit" name="submit"
value="Login" /></td>
      </tr>
    </table>
                        </form>

In addition to taking user input, the form also displays error messages from the actual login script:

if(isset($error)){
                        echo $error;
                        }elseif(isset($_GET['msg'])){
                        echo "You are now registered. Please
login below.";?>
}

The $error variable  is set in the actual code that processes the username and password.