shep517/Main_login

## check_login
<?php
session_start();

$host="localhost"; // Host name
$username="shep517"; // Mysql username
$password="azazel517"; // Mysql password
$db_name="LoginHelp"; // Database name
$tbl_name="users"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
	// Register $myusername, $mypassword and redirect to file "login_success.php"
$row = mysql_fetch_row($result);
$user_id = $row['user_id'];
$_SESSION['id'] = $user_id;

header("location:login_success.php");
//send login_success.php the user/pass?!?!
}
else {
echo "Wrong Username or Password";
}
?>

## login_success
<?php
session_start();
if (!isset($_SESSION['id'])){
echo "id: ".$_SESSION['id'];
//header("location:main_login.php");
}
?>

<html>
<body>
Login Successful! <br>

<?php
	 echo "id: ".$_SESSION['id'];
?>

</body>
</html>

## Main_login
<title>Member Login</title>
<header>Header</header>
<body bgcolor="#AACBBC">
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="check_login.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFDDAA">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login" align="right"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>

</body>
	<?php
	session_start();

	$host="localhost"; // Host name
	$username="shep517"; // Mysql username
	$password="azazel517"; // Mysql password
	$db_name="LoginHelp"; // Database name
	$tbl_name="users"; // Table name

	// Connect to server and select databse.
	mysql_connect("$host", "$username", "$password")or die("cannot connect");
	mysql_select_db("$db_name")or die("cannot select DB");

	// username and password sent from form
	$myusername=$_POST['myusername'];
	$mypassword=$_POST['mypassword'];

	// To protect MySQL injection (more detail about MySQL injection)
	$myusername = stripslashes($myusername);
	$mypassword = stripslashes($mypassword);
	$myusername = mysql_real_escape_string($myusername);
	$mypassword = mysql_real_escape_string($mypassword);

	$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
	$result=mysql_query($sql);

	// Mysql_num_row is counting table row
	$count=mysql_num_rows($result);
	// If result matched $myusername and $mypassword, table row must be 1 row

	if($count==1){
	// Register $myusername, $mypassword and redirect to file "login_success.php"
	$row = mysql_fetch_row($result);
	$user_id = $row['user_id'];
	$_SESSION['id'] = $user_id;

	header("location:login_success.php");
	//send login_success.php the user/pass?!?!
	}
	else {
	echo "Wrong Username or Password";
	}
	?>
	<?php
	session_start();
	if (!isset($_SESSION['id'])){
	echo "id: ".$_SESSION['id'];
	//header("location:main_login.php");
	}
	?>

	<html>
	<body>
	Login Successful! <br>

	<?php
	echo "id: ".$_SESSION['id'];
	?>

	</body>
	</html>
	<title>Member Login</title>
	<header>Header</header>
	<body bgcolor="#AACBBC">
	<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
	<tr>
	<form name="form1" method="post" action="check_login.php">
	<td>
	<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFDDAA">
	<tr>
	<td colspan="3"><strong>Member Login </strong></td>
	</tr>
	<tr>
	<td width="78">Username</td>
	<td width="6">:</td>
	<td width="294"><input name="myusername" type="text" id="myusername"></td>
	</tr>
	<tr>
	<td>Password</td>
	<td>:</td>
	<td><input name="mypassword" type="text" id="mypassword"></td>
	</tr>
	<tr>
	<td> </td>
	<td> </td>
	<td><input type="submit" name="Submit" value="Login" align="right"></td>
	</tr>
	</table>
	</td>
	</form>
	</tr>
	</table>

	</body>