/
login_web.php
124 lines (120 loc) · 3.67 KB
/
login_web.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
<?php
//if the form has been submitted, then
// call login function
// if login function return true
// start session
// load user profile into session
// redirect to home page
// else
// set error
// show the login form
// end if
//else
// show the login form
// $_REQUEST['age'];
include_once './login.php';
$msg = "Login";
if (isset($_REQUEST['username'])) {
//the login form has been submitted
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
//call login to check username and password
// print $username;
if (login($username, $password)) {
session_start(); //initiate session for the current login
// print $username;
loadUserProfile($username); //load user information into the session
header("location: health_promotion_list.php"); //redirect to home page
echo "<a href=' health_promotion_list.php'>click here</a>"; //if redirect fails, provide a link
exit();
} else {
//if login returns false, then something is worng
$msg = "username or password is wrong mmmmmmmmmmmmmmmmmmmmm";
}
}
?>
<html>
<head>
<title>Login</title>
</head>
<body>
<form action="login_page.php" method="GET">
<table align="center" width="80%">
<tr>
<td width="30%"></td>
<td colspan="2" align="center"><span><?php echo $msg ?></span></td>
<td width="30%"></td>
</tr>
<tr>
<td width="30%"></td>
<td>username</td>
<td><input type="text" name="username"></td>
<td width="30%"></td>
</tr>
<tr>
<td width="30%"></td>
<td>password</td>
<td><input type="password" name="password"></td>
<td width="30%"></td>
</tr>
<tr>
<td></td>
<td></td>
<td><input type="submit" name="submit" value="login"></td>
<td></td>
</tr>
</table>
</form>
</body>
</html>
<?php
function login($usern, $passw) {
$database = "webtechGroup5";
$server = "localhost";
$username = "root";
$password = "";
//connect to db
$link = mysql_connect($server, $username, $password);
//select db
if (!$link) {
print "error";
}
if (!mysql_select_db($database, $link)) {
print "error";
}
// print $usern;
$query = "Select * from user where username = '$usern' and password = $passw;";
// print $query;
$dataset = mysql_query($query, $link);
// print_r( $dataset);
if (!$dataset) {
// print "sth";
return false;
}
$row = mysql_fetch_assoc($dataset);
// print_r($row);
if (!$row) {
return false;
}
// if
// while($row){
//
// $row = mysql_fetch_assoc($dataset);
// }
//if connection fails, return false
//query for the $username and $password
//if the user with the right password is found,
// return true
//else
// return false
return true;
}
function loadUserProfile($username) {
//load username and other informaiton into the session
//the user informaiton comes from the database
$_SESSION['username'] = $username;
$_SESSION['usertype'] = 1;
$_SESSION['start'] = 0;
//permission
}
?>