1. Database Connection Configuration page: connectvars.php
<?php
Insert information about the connection database
Require_once ' connectvars.php ';
$error _msg = "";
Determine if the user has set cookies, and if $_cookie[' user_id ' is not set, execute the following code
if (!isset ($_cookie[' user_id ')) {
if (Isset ($_post[' submit ')) {//Determine whether the user submits the login form, and if so, execute the following code
$DBC = Mysqli_connect (db_host,db_user,db_password,db_name);
$user _username = mysqli_real_escape_string ($dbc, trim ($_post[' username '));
$user _password = mysqli_real_escape_string ($dbc, trim ($_post[' password '));
if (!empty ($user _username) &&!empty ($user _password)) {
The SHA () function in MySQL is used for one-way encryption of strings
$query = "Select user_id, username from mismatch_user WHERE username = ' $user _username ' and". " Password = SHA (' $user _password ') ";
Query with user name and password
$data = Mysqli_query ($dbc, $query);
If the record is exactly one, set the cookie and page redirection
if (Mysqli_num_rows ($data) ==1) {
$row = Mysqli_fetch_array ($data);
Setcookie (' user_id ', $row [' user_id ']);
Setcookie (' username ', $row [' username ']);
$home _url = ' loged.php ';
Header (' Location: '. $home _url);
}else{//If the record is not correct, set the error message
$error _msg = ' Sorry, must enter a valid username and password to log in. '
}
}else{
$error _msg = ' Sorry, must enter a valid username and password to log in. '
}
}
}else{//If the user is logged in, jump directly to the already logged on page
$home _url = ' loged.php ';
Header (' Location: '. $home _url);
}
?>
<title>mismatch-log in</title>
<link rel= "stylesheet" type= "Text/css" href= "Style.css"/>
<body>
<!--by $_cookie[' user_id '], if the user is not logged in, then display the login form, let the user enter a username and password-->
<?php
if (Empty ($_cookie[' user_id ')) {
Echo ' <p class= ' Error > '. $error _msg. ' </p> ';
?>
<!--$_server[' Php_self '] invokes its own PHP file when submitting a form on behalf of a user-->
<form method = "Post" action= "<?php echo $_server[' php_self '];? > ">
<fieldset style= "width:250px;" >
<legend>log in</legend>
<label for= "username" >Username:</label>
<!--If the user has already lost the user name, echo the user name-->
<input type= "text" id= "username" name= "username"
Value= "<?php if (!empty ($user _username)) echo $user _username;?>"/>
<br/>
<label for= "Password" >Password:</label>
<input type= "password" id= "password" name= "password"/>
</fieldset>
<br/>
<input type= "Submit" value= "Log in" name= "Submit"/>
</form>
<?php
}
?>
</body>
4. Logout Cookie page: logout.php (redirect to lonin.php after logoff)
