I have log-in form before showing all the data. I got this script in one of the internet site. The problem Im having now is capturing the username and pass it to my query line. But the password has check log-in first so no one can go directly on the result page. Here's How it work.
Log-in Form
[PHP]<form name="form1" method="post" action="checklo gin.php">
<strong>Usernam e</strong>
<input name="myusernam e" type="text" id="myusername" >
<strong>Passwor d</strong
<input name="mypasswor d" type="password" id="mypassword" >
<input type="submit" name="Submit" value="Reviewer Login"></td>
[/PHP]
check login
[PHP]
<?php
ob_start();
//dbase connection..... .
// Connect to server and select databse.
mysql_connect(" $host", "$username" , "$password" )or die("cannot connect");
mysql_select_db ("$db_name") or die("cannot select DB");
// Define $myusername and $mypassword
$myusername=$_P OST['myusername'];
$mypassword=$_P OST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($m yusername);
$mypassword = stripslashes($m ypassword);
$myusername = mysql_real_esca pe_string($myus ername);
$mypassword = mysql_real_esca pe_string($mypa ssword);
$sql="SELECT * FROM $tbl_name WHERE username='$myus ername' and password='$mypa ssword' and user_level=1";
$result=mysql_q uery($sql);
// Mysql_num_row is counting table row
$count=mysql_nu m_rows($result) ;
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success. php"
session_registe r("myusername") ;
session_registe r("mypassword") ;
//<form name="form1" method="post" action="approva ls2_reviewer.ph p">
//<input type="hidden" name="$username " value="$usernam e">
header("locatio n:approvals2_re viewer.php"); // how can i add the $myusername value here?
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>[/PHP]
my question is.... how can i still pass my $myusername value from log-in page to check_login.php to final page with my query result. I hope I write this clearly let me know if you have more information.
Thanks,
DM
Log-in Form
[PHP]<form name="form1" method="post" action="checklo gin.php">
<strong>Usernam e</strong>
<input name="myusernam e" type="text" id="myusername" >
<strong>Passwor d</strong
<input name="mypasswor d" type="password" id="mypassword" >
<input type="submit" name="Submit" value="Reviewer Login"></td>
[/PHP]
check login
[PHP]
<?php
ob_start();
//dbase connection..... .
// Connect to server and select databse.
mysql_connect(" $host", "$username" , "$password" )or die("cannot connect");
mysql_select_db ("$db_name") or die("cannot select DB");
// Define $myusername and $mypassword
$myusername=$_P OST['myusername'];
$mypassword=$_P OST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($m yusername);
$mypassword = stripslashes($m ypassword);
$myusername = mysql_real_esca pe_string($myus ername);
$mypassword = mysql_real_esca pe_string($mypa ssword);
$sql="SELECT * FROM $tbl_name WHERE username='$myus ername' and password='$mypa ssword' and user_level=1";
$result=mysql_q uery($sql);
// Mysql_num_row is counting table row
$count=mysql_nu m_rows($result) ;
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success. php"
session_registe r("myusername") ;
session_registe r("mypassword") ;
//<form name="form1" method="post" action="approva ls2_reviewer.ph p">
//<input type="hidden" name="$username " value="$usernam e">
header("locatio n:approvals2_re viewer.php"); // how can i add the $myusername value here?
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>[/PHP]
my question is.... how can i still pass my $myusername value from log-in page to check_login.php to final page with my query result. I hope I write this clearly let me know if you have more information.
Thanks,
DM
Comment