index.php
<?
session_start();
include_once"config.php";
if(isset($_POST['login'])){
$username= trim($_POST['username']);
$password = trim($_POST['password']);
if($username == NULL OR $password == NULL){
$final_report.="Please complete both fields";
}else{
$check_user_data = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error());
if(mysql_num_rows($check_user_data) == 0){
$final_report.="This username does not exist";
}else{
$get_user_data = mysql_fetch_array($check_user_data);
if($get_user_data['password'] == $password){
$start_idsess = $_SESSION['username'] = "".$get_user_data['username']."";
$start_passsess = $_SESSION['password'] = "".$get_user_data['password']."";
$final_report.="<meta http-equiv='Refresh' content='0; URL=members.php'/>";
}}}}
if(isset($_SESSION['username']) && isset($_SESSION['password'])){
header("Location: members.php");
}
?>
<?php include("includes.php");?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title><?php echo $title ?> | template!</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="style.css" type="text/css" />
</head>
<?php include("footer.php");?>
includes.php
<?php
$fetch_users_data = mysql_fetch_object(mysql_query("SELECT * FROM `members` WHERE username='".$_SESSION['username']."'"));
$title= "template !"; //your site title
$yourdomain="localhost"; //your domain name where script is installed - do not use trailing slash
$membername= $fetch_users_data->username; //don't change
$memberpoints=$fetch_users_data->points; //don't change
$contactemail = ""; //contact form messages will be sent here
$requestemail = "mail.com"; //request messages will be sent here
?>
config.php
<?
ob_start();session_start();
$hostname = "localhost"; //your hostname (normally localhost)
$data_username = "root"; //database username
$data_password = ""; //database password
$data_basename = "chchgh"; //database name
$conn = mysql_connect("".$hostname."","".$data_username."","".$data_password."");
mysql_select_db("".$data_basename."") or die(mysql_error());
?>