how can i hide the following table in php using session. (i dont want the logged in user to see the login table again instead of it i want to show that user's information there til the session is alive)how can i do this please help me friend.
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF" class="post">
<tr>
<td colspan="3"><h2><strong>Member Login </strong></h2></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername" maxlength="65"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="password" id="mypassword" maxlength="65"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
and coding for that "checklogin.php" is as follows
<?php
ob_start();
$host="localhost"; // Host name
$username="root"; // Mysql username
$password="123"; // Mysql password
$db_name="test"; // Database name
$tbl_name="member"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
echo("<SCRIPT LANGUAGE='JavaScript'>window.alert('you have logged in successfully')</SCRIPT>");
echo("<SCRIPT LANGUAGE='JavaScript'>window.location = 'main_login.php'</SCRIPT>");
//header("location:login_success.php");
//window.location = 'login_success.php'
//echo "<script>navigate('login_success.php')</script>";
//exit();
}
else {
echo "Wrong Username or Password";
include 'main_login.php';
}
ob_end_flush();
?>
you should set a session variable after login. and then check it before printing table.
<?php
session_start();
if (isset($_SESSION['loged']) && ($_SESSION['loged'] == false))
{
?>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF" class="post">
<tr>
<td colspan="3"><h2><strong>Member Login </strong></h2></td>
</tr>
....
...
</table>
<?php
}
This depends on how you implemented your authentication system. If you have some session variable "loggedin" that is set to true after a successful log-in, then you'd surround your HTML table with:
<?php
if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true):
?>
HTML table here
<?
endif;
?>
<form name="form1" method="post" action="checklogin.php">
<td>
**<?php
//session_start();
//(isset($_SESSION['myusername']) && $_SESSION['myusername'] === true)
if (isset($_SESSION['myusername']) && $_SESSION['myusername'] == true):
?>**
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF" class="post">
<tr>
<td colspan="3"><h2><strong>Member Login </strong></h2></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername" maxlength="65"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="password" id="mypassword" maxlength="65"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
**<?php
endif;
?>**
</td>
</form>
and the codes in the particular "checklogin.php" is as follows
<?php
ob_start();
$host="localhost"; // Host name
$username="root"; // Mysql username
$password="123"; // Mysql password
$db_name="test"; // Database name
$tbl_name="member"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
**// Register $myusername, $mypassword and redirect to file "login_success.php"
//session_register("myusername");
//session_register("mypassword");
$_SESSION["myusername"]= $_POST['myusername'];
$_SESSION["mypassword"]= $_POST['mypassword'];
//$_SESSION["mypassword"]**
echo("<SCRIPT LANGUAGE='JavaScript'>window.alert('you have logged in successfully')</SCRIPT>");
echo("<SCRIPT LANGUAGE='JavaScript'>window.location = 'main_login.php'</SCRIPT>");
//header("location:login_success.php");
//window.location = 'login_success.php'
//echo "<script>navigate('login_success.php')</script>";
//exit();
}
else {
echo "Wrong Username or Password";
include 'main_login.php';
}
ob_end_flush();
?>