New to php and need help with Login script

[OzRedBoy]

Hey there, I've created a login page for our website but instead of using a button to login, I'm trying to do it so they login via a "Login" link, how do I do it? I've tried searching the web for answers but can't seem to find any help, so I'm hoping someone here can help me out.

Not sure if you need any code info but my login form looks like this:

<form id="details" name="details" method="POST" action="<?php echo $loginFormAction; ?>">
<label>Members Number
<input type="text" name="user" />
</label>
<label>pass
<input type="text" name="pass" />
</label>
[!--coloro:#006600--][span style=\"color:#006600\"][!--/coloro--]<input type="submit" name="form1" value="Login">[!--colorc--][/span][!--/colorc--]
[!--coloro:#FF0000--][span style=\"color:#FF0000\"][!--/coloro--]<span class="style2">Login/span>[!--colorc--][/span][!--/colorc--]
</form>

As you can see the green is the button login, and the red is what I'm trying to create as a "Login" text link.
Plus when they login, I would like there name to appear on the page eg "Welcome Back *****",
not really sure how to code that in.
Can anyone help me out?

[wildteen88]

If you want to submit for with a text link you can do this:
[code]<span class="style2" onClick="javascript:document.details.submit();">Login</span>[/code]

To show the username when they login you will need to setup a session which stores the users username ie:
[code]<?php

session_start();

$_SESSION['username'] = $_POST['user'];

?>[/code]
Then whenever you want to show the users username add [b]session_start();[/b] after [b]<?php[/b] and use the following code which will show the users username:
[code]echo $_SESSION['username'];[/code]

[OzRedBoy]

Thanks for your repkies, but unfortunately the
<span class="style2" onClick="javascript:document.details.submit();">Login</span>
does not work, nothing happens at all, so I just gave up on it and just using a button instead but now I have a bigger problem.
I use Dreamweaver 8 to do my coding and for some reason my login doesn't work at all.
If I use the "Restrict Access to page" script supplied by Dreanweaver, I go straight to the fail page.
[!--coloro:#FF0000--][span style=\"color:#FF0000\"][!--/coloro--]Here is the login script:[!--colorc--][/span][!--/colorc--]

<?php require_once('Connections/bsg_med.php'); ?><?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['kod'])) {
$loginUsername=$_POST['kod'];
$password=$_POST['pass'];
$MM_fldUserAuthorization = "";
$MM_redirectLoginSuccess = "med_sida.php";
$MM_redirectLoginFailed = "links.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_bsg_med, $bsg_med);

$LoginRS__query=sprintf("SELECT Medlemskod, Pass FROM medlemstabell1 WHERE Medlemskod='%s' AND Pass='%s'",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));

$LoginRS = mysql_query($LoginRS__query, $bsg_med) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = "";

//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;

if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>

[!--coloro:#FF0000--][span style=\"color:#FF0000\"][!--/coloro--]and here is the Restrict to Access script:[!--colorc--][/span][!--/colorc--]

<?php
if (!isset($_SESSION)) {
session_start();
}
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";

// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;

// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if (($strUsers == "") && true) {
$isValid = true;
}
}
return $isValid;
}

$MM_restrictGoTo = "links.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
}
?>

If someone could please help me sort this mess out, and tell me if this is secure enough it'll be appreciated.
Thanks

[OzRedBoy]

Forgot to add this, the login form looks like this:

<div id="Layer5">
<form id="login" name="login" "method="POST" action="<?php echo $loginFormAction; ?>">
<label>Medlemskod
<input type="text" name="kod" />
</label>
<label>Pass
<input type="text" name="pass" />
</label>
<input name="sub" type="submit" id="sub" value="Logga In">
</form>
</div>