We’ll use a login script to demonstrate how to use these functions. Below is the code:

<?php

ob_start();

session_start();

//database connection details:

$title = "My Application Title";

$version = "3.0";

//database connection

$bdhost="localhost";

$dbuser="root";

$dbpass="pass";

$dbname="users";

$db = mysql_connect($dbhost,$dbuser,$dbpass) or die("Failed to open connection to MySQL server.");

mysql_select_db($db) or die("Unable to select database");

//set useful variables

$month_names = array("","January","February","March","April","May","June","July","August",
"September","October","November","December");

//set useful variables

$td = date("Y-m-d");

$date_time =date("Y-m-d h:i:s");

//someone registered?

if(isset($_GET['reg'])){

$reg="Your details have been added, please login";

}

$error=false;

$errmsg="";

//has form been submitted

if(isset($_POST['key'])){

//check that the username and password is not empty

if( empty($_POST['uname']) && (empty($_POST['upass']))){

print "Please enter your username and password.";

$errmsg="Please enter your username and password.";

$error=true;

}

//check that the username and password is string

if( is_numeric($_POST['uname']) && (is_numeric($_POST['upass']))){

print "Please enter a valid username and password.";

$errmsg=" Please enter a valid username and password.";

$error=true;

}

//if no error then start authentication process

if(!$error){

//transfer to shorter var

$n=$_POST['uname'];

$p=$_POST['upass'];

//clean using mysql cleaner

$cleanuname=mysql_real_escape_string($n);

$cleanupass=mysql_real_escape_string($p);

$query="select uname,pw from users where uname='$cleanuname' and pw='$cleanupass' ";

$result=mysql_query($query);

$num=mysql_num_rows($result);

if($num>0 ){

//put in session vars

session_start();

$mytime=time();

$mytime=date("H:i:s A",$mytime);

$_SESSION['time'] = $mytime;

$_SESSION['status'] = 'logged';

$_SESSION['username'] = $cleanuname;

//goto next page

header("location:welcome.php");

exit;

}

}else{

$_SESSION['status'] = 'not logged';

$errmsg="Your username ($n) and password do not match, please try again.";

}

}

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/was.dwt.php" codeOutsideHTMLIsLocked="false" -->

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<!-- InstanceBeginEditable name="doctitle" -->

<title>WebSecure::Login</title>

<script language="javascript" type="text/javascript">

function checkform(pform1){

if(pform1.uname.value==""){

alert("Please enter a username")

pform1.uname.focus()

return false

}

if(pform1.pw.value==""){

alert("Please enter a password")

pform1.pw.focus()

return false

}

if(pform1.pw.value=="" && pform1.uname.value==""){

alert("Please make sure that you have entered your username and password")

return false

}

return true

}

</script>

<!-- InstanceEndEditable -->

<!-- InstanceBeginEditable name="head" -->

<!-- InstanceEndEditable -->

<link href="../Templates/was.css" rel="stylesheet" type="text/css" />

</head>

<body>

<table width="99%" border="1">

<tr>

<td bgcolor="#333333" class="header">Web Secure</td>

</tr>

<tr>

<td><!-- InstanceBeginEditable name="main" -->

<form name="form1" method="post" action="" onSubmit="return checkform(this)">

<table width="41%" border="0" align="center" cellpadding="0" cellspacing="3">

<tr class="listtop">

<td colspan="3">Login Status:<? if(isset($errmsg)){

echo "$errmsg";

}elseif(isset($reg)){

echo "$reg";

}?></td>

</tr>

<tr>

<td width="9%">Username</td>

<td width="41%"><input name="uname" type="text" id="uname" size="50"></td>

<td width="50%" rowspan="4">&nbsp;</td>

</tr>

<tr>

<td>Password</td>

<td><input name="upass" type="password" id="upass" size="50">

<input type="hidden" name="key" /></td>

</tr>

<tr>

<td>&nbsp;</td>

<td><a href="../password.php">Forgotten your password?</a>|<a href="register.php">Register</a></td>

</tr>

<tr>

<td>&nbsp;</td>

<td><input type="submit" name="submit" value="Login"></td>

</tr>

</table>

</form>

<!-- InstanceEndEditable --></td>

</tr>

<tr>

<td class="copy">&copy;2008</td>

</tr>

</table>

</body>

<!-- InstanceEnd --></html>

<? ob_end_flush(); ?>