اسکریپت صفحه لاگین در php
//================================================ db.php
<?php
$DB_hostname = "hostname";
$DB_user = "username";
$DB_password = "password";
$DB_name = "dbname";
$DB_link =mysqli_connect($DB_hostname,$DB_user,$DB_password,$DB_name)
or die ("error : can't connect database !!");
mysqli_set_charset($DB_link, 'utf8');
?>
//================================================ login.php
<?php
include("db.php");
session_start();
header('Content-type: text/html; charset=utf-8');
if($_SERVER["REQUEST_METHOD"] == "POST")
{
$myusername=mysqli_real_escape_string($DB_link, $_POST['username']);
$mypassword=mysqli_real_escape_string($DB_link, $_POST['password']);
// to validate username (length between 5 and 20) (contaning characters A-Z or a-z or _)
if (!preg_match('/^\w{5,20}$/', $myusername)){
echo '<B><FONT SIZE="4" COLOR="#FF0000">error: bad username</FONT></B>';
}
else{
// to encrypt login password, also password stored in database is encrypted.
$md5_password = md5($mypassword);
$sql="SELECT * FROM user_tb WHERE login='$myusername' and password='$md5_password'";
$result=mysqli_query($DB_link, $sql);
$row=mysqli_fetch_array($result);
$count=mysqli_num_rows($result);
if($count==1)
{
$_SESSION['login_user']= $myusername;
$_SESSION['login_name']= $row['name'];
header("location: index.php");
}
else
{
echo '<B><FONT SIZE="4" COLOR="#FF0000">incorrect login or password </FONT></B>';
}
}
}
?>
<form action="" method="post">
<label>user login :</label><input type="text" name="username"/><br>
<label>Password :</label><input type="password" name="password"/><br>
<input type="submit" value=" Submit "/><br>
</form>
//================================================ logout.php
<?php
session_start();
if(session_destroy())
header("Location: login.php");
?>
//================================================ index.php
<?php
session_start();
header('Content-type: text/html; charset=utf-8');
$S_login_user = $_SESSION['login_user'];
$S_login_name = $_SESSION['login_name'];
if(!isset($S_login_user))
header("Location: login.php");
?>
<body>
<h1>Welcome :<?php echo $S_login_name; ?></h1>
<A HREF="logout.php">logout</A>
</body>