CODE (THERE IS NO DISPLAY FOR THIS PAGE)
<?php $username= $_POST['username'];//set the variable for the user's entered username $enteredpassword= $_POST['password'];//set the variable for the user's entered password (make sure this variable does not conflict with the variable for the database password) //set variables to connect to the database $hostName = "(FILL IN HOSTNAME FOR DB)"; $userName = "(FILL IN USERNAME FOR DB)"; $password = "(FILL IN PASSWORD FOR DB)"; $dbName = "(FILL IN DB NAME)"; // make connection to database mysql_connect($hostName, $userName, $password) or die( "Unable to connect to host $hostName"); mysql_select_db($dbName) or die("Unable to select database $dbName"); // Select all the fields in all the records of the users table $query_user = "SELECT * FROM (FILL IN TABLE NAME) WHERE username= '$username'"; $result_user = mysql_query($query_user) /*or die(mysql_error())*/;//include the die statement to alert any errors in the query (remove /* and */ to uncomment) $number_user = mysql_numrows($result_user); //check to see if a row exists if($number_user=='1') { //if a row exists, get the id of that row $rid_user = mysql_result($result_user,0, "record_id"); } // Select all the fields in all the records of the password table $query_password = "SELECT * FROM (FILL IN TABLE NAME) WHERE password= '$enteredpassword'"; $result_password = mysql_query($query_password) /*or die(mysql_error())*/;//include the die statement to alert any errors in the query (remove /* and */ to uncomment) $number_password = mysql_numrows($result_password); // Close the database connection mysql_close(); //check to see if a row exists if($number_password=='1') { //if a row exists, get the id of that row $rid_password = mysql_result($result_password,0, "record_id"); } //use an if/else statement to send the user to the correct page depending on the status of the username and password check //if a value exists for the row in the users table and the row in the password table, set a login cookie a forward the user to the main page if($rid_user!='' AND $rid_password!='') { //give the cookie a name "set here as "user", then assign a value based on the user's row id. This cookie will be checked when every page loads to assure that the user is allowed access to the pages setcookie("user", $rid_user); //use the header command to send the user to the main page of the website header('Location: home.php'); } //if rows do not exist for the users table and the password table, return the user to the login page setting a variable to display a message describing the login failure as set here by "return" else { //use the header command to send the user to the login page header('Location:index.php?return=1'); } ?>