So create a table with the following SQL:

CREATE TABLE `users` (

`uid` int(11) NOT NULL auto_increment,

`name` varchar(20) NOT NULL default '',

`sname` varchar(20) NOT NULL default '',

`uname` varchar(100) NOT NULL default '',

`upass` varchar(8) NOT NULL default '',

`level` enum('admin','normal') NOT NULL default 'normal',

`last_login` datetime NOT NULL default '0000-00-00 00:00:00',

`email` varchar(100) NOT NULL default '',

PRIMARY KEY (`uid`)

) TYPE=MyISAM AUTO_INCREMENT=5 ;

Below is some sample data for the table:

INSERT INTO `users` VALUES (1, 'jack', 'dee', 'jack.dee', 'pass', 'admin', '0000-00-00 00:00:00', 'jack@dee.com');

INSERT INTO `users` VALUES (2, 'maria', 'garises', 'maria.garises', 'pass', 'normal', '0000-00-00 00:00:00', 'maria@garises.com');

INSERT INTO `users` VALUES (3, 'kine', 'brand', 'kine.brand', 'pass', 'normal', '0000-00-00 00:00:00', 'kine@brand.com');

INSERT INTO `users` VALUES (4, 'john', 'doe', 'john.doe', 'pass', 'normal', '0000-00-00 00:00:00', 'john@doe.com');

Copy and paste the above SQL in your MySQL administration application and run it. You should have a table called "users" with the sample data above. Now, let's create the login script that will run the login process for us. Create a new PHP document and add the following code:

<?php

include "dbcon.php";

include "functions.php";

//initialise variables

$err=false;

$errmsg="";

//is form submitted?

if(isset($_POST['submit'])){

//check that the form values are not empty, if so, set errormsg value

if(empty($_POST['uname'])){

$errmsg="The username field is empty, please enter a username<br>";

$err=true;

}

if(empty($_POST['upass'])){

$err=true;

$errmsg .="The password field is empty, please enter password<br>";

}

//check that the username is in correct format

if(!checkformat($_POST['uname'])){

$err=true;

$errmsg .="The username that you entered has a incorrect format.<br>";

}

//if there is no errors above, then clean the form values before using in query.

if(!$err){

$cleanuname = mysql_escape_string($_POST['uname']);

$cleanupass = mysql_escape_string($_POST['upass']);

$checkuser = "SELECT * from users WHERE uname = '".$cleanuname."' AND upass = '".$cleanupass."'";

$checkuser_res = mysql_query($checkuser);

$checkuser_num = mysql_num_rows($checkuser_res);

if($checkuser_num > 0){

//if user exists and passes authentication

//setup session variables and redirect to index page

$row = mysql_fetch_assoc($checkuser_res);

$_SESSION['name'] = $row['name']." ".$row['sname'];

$_SESSION['uid'] = $row['uid'];

$_SESSION['level'] = $row['level'];

//redirect

header("location:main.php");

}else{

//if values do not match set errmsg

$err=true;

$errmsg .="The username or password you entered does not match.<br> MYSQL ERROR ".mysql_error();

}//else

}//end $err check

} //end form submit check

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/userauth.dwt.php" codeOutsideHTMLIsLocked="false" -->

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<!-- InstanceBeginEditable name="doctitle" -->

<title>Project Management ::Login</title>

<!-- InstanceEndEditable -->

<!-- InstanceBeginEditable name="head" --><!-- InstanceEndEditable -->

<link href="Templates/loginstyle.css" rel="stylesheet" type="text/css" />

</head>

<body>

<table width="100%" border="0">

<tr>

<td bgcolor="#6699CC" class="headertxt">Project Management:: User Authentication </td>

</tr>

<tr>

<td><!-- InstanceBeginEditable name="main" -->

<table width="100%" border="0" class="formborder">

<tr>

<td colspan="2" class="loginheader">Login</td>

</tr>

<tr>

<td colspan="2">&nbsp;</td>

</tr>

<form action="login.php" method="post" name="f1" class="formborder">

<?php if(isset($errmsg)){?>

<tr>

<td colspan="2" class="errmsg" ><?php echo $errmsg; ?></td>

</tr>

<tr>

<td colspan="2">&nbsp;</td>

</tr>

<tr>

<?php

}

?>

<td width="10%" valign="bottom"><strong>Username:</strong></td>

<td width="90%"><label>

<input name="uname" type="text" class="login" id="uname" size="40" />

</label></td>

</tr>

<tr>

<td valign="bottom"><strong>Password:</strong></td>

<td><label>

<input name="upass" type="password" class="login" id="upass" size="40" />

</label></td>

</tr>

<tr>

<td>&nbsp;</td>

<td><a href="password.php">Forgot your password?</a> </td>

</tr>

<tr>

<td>&nbsp;</td>

<td><label>

<input name="submit" type="submit" id="submit" value="Log me in!" />

</label></td>

</tr>

</form>

</table>

<!-- InstanceEndEditable --></td>

</tr>

<tr>

<td align="right" class="cright">copyright &copy; 2007 PM </td>

</tr>

</table>

</body>

<!-- InstanceEnd --></html>