CREATE TABLE `users` (
`id` int(11) NOT NULL,
`username` varchar(30) NOT NULL AUTO_INCREMENT,
`password` varchar(30) NOT NULL,
`fname` varchar(100) NOT NULL,
PRIMARY KEY(`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
INSERT INTO `users` (`id`, `username`, `password`, `fname`) VALUES
(1, 'neovic', 'devierte', 'Neovic Devierte'),
(2, 'gemalyn', 'cepe', 'Gemalyn Cepe');
<?php
class DbConnection{
private $host = 'localhost';
private $username = 'root';
private $password = '';
private $database = 'test';
protected $connection;
public function __construct(){
if (!isset($this->connection)) {
$this->connection = new mysqli($this->host, $this->username, $this->password, $this->database);
if (!$this->connection) {
echo 'Cannot connect to database server';
exit;
}
}
return $this->connection;
}
}
?>
<?php
include_once('DbConnection.php');
class User extends DbConnection{
public function __construct(){
parent::__construct();
}
public function check_login($username, $password){
$sql = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";
$query = $this->connection->query($sql);
if($query->num_rows > 0){
$row = $query->fetch_array();
return $row['id'];
}
else{
return false;
}
}
public function details($sql){
$query = $this->connection->query($sql);
$row = $query->fetch_array();
return $row;
}
public function escape_string($value){
return $this->connection->real_escape_string($value);
}
}
<?php
session_start();
if(isset($_SESSION['user'])){
header('location:home.php');
}
?>
<!DOCTYPE html>
<html>
<head>
<title>PHP oops login</title>
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet">
</head>
<body>
<div class="container">
<h1 class="page-header text-center">PHP oops login</h1>
<div class="row">
<div class="col-md-4 col-md-offset-4">
<div class="login-panel panel panel-primary">
<div class="panel-heading">
<h3 class="panel-title"><span class="glyphicon glyphicon-lock"></span> Login
</h3>
</div>
<div class="panel-body">
<form method="POST" action="login.php">
<fieldset>
<div class="form-group">
<input class="form-control" placeholder="Username" type="text" name="username" autofocus required>
</div>
<div class="form-group">
<input class="form-control" placeholder="Password" type="password" name="password" required>
</div>
<button type="submit" name="login" class="btn btn-lg btn-primary btn-block"><span class="glyphicon glyphicon-log-in"></span> Login</button>
</fieldset>
</form>
</div>
</div>
<?php
if(isset($_SESSION['message'])){
?>
<div class="alert alert-info text-center">
<?php echo $_SESSION['message']; ?>
</div>
<?php
unset($_SESSION['message']);
}
?>
</div>
</div>
</div>
</body>
</html>
<?php
session_start();
include_once('User.php');
$user = new User();
if(isset($_POST['login'])){
$username = $user->escape_string($_POST['username']);
$password = $user->escape_string($_POST['password']);
$auth = $user->check_login($username, $password);
if(!$auth){
$_SESSION['message'] = 'Invalid username or password';
header('location:index.php');
}
else{
$_SESSION['user'] = $auth;
header('location:home.php');
}
}
else{
$_SESSION['message'] = 'You need to login first';
header('location:index.php');
}
?>
<?php
session_start();
if (!isset($_SESSION['user']) ||(trim ($_SESSION['user']) == '')){
header('location:index.php');
}
include_once('User.php');
$user = new User();
$sql = "SELECT * FROM users WHERE id = '".$_SESSION['user']."'";
$row = $user->details($sql);
?>
<!DOCTYPE html>
<html>
<head>
<title>PHP OOPS Login</title>
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet">
</head>
<body>
<div class="container">
<h1 class="page-header text-center">PHP OOPS Login</h1>
<div class="row">
<div class="col-md-4 col-md-offset-4">
<h2>Welcome to Homepage </h2>
<h4>User Info: </h4>
<p>Name: <?php echo $row['fname']; ?></p>
<p>Username: <?php echo $row['username']; ?></p>
<p>Password: <?php echo $row['password']; ?></p>
<a href="logout.php" class="btn btn-danger"><span class="glyphicon glyphicon-log-out"></span> Logout</a>
</div>
</div>
</div>
</body>
</html>
<?php
session_start();
session_destroy();
header('location:index.php');
?>